• The forum software that supports hummy.tv has been upgraded to XenForo 2.0!

    This is a major upgrade which changes the look and feel of the forum somewhat but brings a host of improvements too. Please bear with us as we continue to tweak things and report any issues or suggestions in Site/Forum Issues.

Proposed method of auto-decryption on HDR-2000T

#1
Hi Guys

I'm new to the forum, so please point out any obvious holes in this idea.

The Fox T2 has a firmware mod available to automatically decrypt DTCP encrypted recordings, but the newer HDR-2000T does not. It appears that there may be a way to run a script on a computer to achieve the same thing, remotely.

The script would do the following :

1. Via FTP, access the HMT files and modify them as foxy does.

2. Use FTP access to map the contents of the HDR-2000T.

3. Use network remote control to implement the file copy using opt+ virtual button.

Network remote control is obviously available because the Humax TV Remote Android app uses it. However, the network remote interface appears to be undocumented. (Anyone know anything about this?)

I think the script could be implemented as a shell script on a nslu2 or NAS etc.

I'd very much welcome comments on this idea and especially any info on network remote. I've only had the box a few days, so I could be missing very obvious stuff.

Thanks

Tony
 
OP
OP
wiredcharlie
#3
Hi Black!

I suspected someone might have already thought of this!

As far as navigating blind is concerned, the aim of using FTP to map the drive contents (2) is to enable blind navigation.

Tony
 
#4
As Black Hole has pointed out this is very much like BH's specification in the other thread.
From my attempts at looking at this using Java, not scripting, I offer the following observations:
  • It is possible to run a Java program on a PC that reads all the .hmt files and foxies them if necessary.
  • It is possible to use data read by ftp and the data obtained by interrogating the DLNA server to "map" the disk remotely.
  • It is possible to stream via DLNA to your PC and decrypt the recordings.
  • You can upload the decrypted files to the Humax via ftp (BUT you need to change a byte in the .hmt file to make it playable - without checking I can't remember which one)
  • The main problem - if you foxy something, you need to get the Humax's DLNA server to re-index. I don't think there is a way to do this remotely. The "trick" using move to a new folder only seems to work when done from the Humax remote - not via ftp.
Although I frequently use my Java program to obtain decrypted programmes from my Humax, it is very much in the testing stage and needs some polishing (and help files!) before it would be suitable for public use. The lack of interest shown on the other thread has put this to the bottom of my "to-do" list!
 
OP
OP
wiredcharlie
#6
I've written a shell script that sets the byte at 3DC to 04 on all .hmt files via FTP. (Which I think does what Black Hole suggested in an earlier thread).

This works on my Mac OSX 10.6.8 and will presumably work on Linux flavour computers. At the moment it doesn't work on my nslu2.

For convenience, I've also put it into a an Applescript wrapper to make an actual OSX App that you can download here: http://118design.co.uk/3DC.app.zip


No progress yet with remote control over IP to force re-indexing.

Please feel free to do what you like with this code. I'm not a pro, so suggestions and improvements welcome. I'd like to hear how you get on with it.

Tony

Code:
#!/bin/sh

# version 1
# Tony Wilson 080815

HOST='192.168.1.119'
USER='humaxftp'
PASSWD='0000'

doFTP()

{
local file
local list
local lines

list="$(ftp -n $HOST 2>&1 <<END_SCRIPT
quote USER $USER
quote PASS $PASSWD
cd "$1"
ls
END_SCRIPT
)"

#echo "$list"
#echo
#get number of files/directories
lines=`echo "$list" | sed -n '$='`
lines=$(expr $lines + 1)

myloop "$lines" "$list" "$1"

}

myloop()
{

local f
local type
local i
local path

#   lines $1
#   list  $2
#   file (path)  $3

#echo lines: $1
#echo list: "$2"
#echo file: "$3"

i=2
while [ $i != $1 ]
do

#select individual file line from list
f=`echo "$2" | sed -n "${i}p"`

#echo "$f"

#directory or file?
type=`echo "$f" | cut -c 1`
#echo $type
#extract file/directory name

f=`echo "$f" | sed 's/.*://' | cut -c 4-`


    if [ "$type" = "d" ]; then
      
        if [ "$f" != "." ]; then
            if [ "$f" != ".." ]; then
          
            #echo path is "$3/$f"


            doFTP "$3/$f"

            fi
        fi
    else   
        # only want hmt files  
  
        if [[ ( "$f" == *.hmt ) ]]; then


            #echo     "$3/$f"

            download "$3" "$f"
        fi

    fi

i=`expr $i + 1`
done
}



download()
{
mkdir -p Temp
cd "Temp"


# download hmt file
list="$(ftp -n $HOST 2>&1 <<END_SCRIPT
quote USER $USER
quote PASS $PASSWD
binary
cd "$1"
get "$2"
END_SCRIPT
)"

# do the foxy trick  (3DC is 988 as decimal)
replaceByte "$2" 988 04


# send the hmt file back to the Humax
list="$(ftp -n $HOST 2>&1 <<END_SCRIPT
quote USER $USER
quote PASS $PASSWD
binary
cd "$1"
put "$2"
END_SCRIPT
)"

echo Done:   "$1/$2"

cd ..
}

replaceByte()
{
# param 1: file
# param 2: offset
# param 3: value

    printf "$(printf '\\x%02X' $3)" | dd of="$1" bs=1 seek=$2 count=1 conv=notrunc &> /dev/null
}


doFTP "."

# clean up
rm -r Temp
 

Attachments

Last edited by a moderator:
OP
OP
wiredcharlie
#8
There is an image that says what the link is. Because I'm new to the board it won't let me post links, so you'll have to look at the image and type it in. You could do everyone else a service and post the link for me!
 
#10
I've downloaded 3DC several times and I'm always presented with the message, "3DC is damaged and can't be opened. You should move it to the Trash."
 
OP
OP
wiredcharlie
#11
Thanks Martin.

Prodigal Son - I've just downloaded and it unzips properly and runs.

What version of OS X are you on? Has anyone else tried?
 
#12
Hi Charlie, I'm on Mavericks (10.9.5) and I'm using Safari.

Just now, I made another attempt and met the same outcome as before. I tried "Show Package Contents" but that also leads to the error message as well.
 
OP
OP
wiredcharlie
#13
I've re-uploaded. Slightly different Applescript but same underlying shell script. You should be able to see humax.sh in Contents/Resources
 
#14
Thanks, success! (still reports the error message but I'm able to navigate to Contents/Resources) I can see Humax.sh but how do I run it, with Xcode?
 
OP
OP
wiredcharlie
#15
It should run like any other app on your computer. Depending on the way permissions are set up you may have to put it in your Applications folder
 
#16
Doesn't work for me, even after moving it to the Applications folder. A window opens and displays the script code, that's it.

Edited to add:

I have another Intel Mac with Snow Leopard. I'll try it on that and see what happens.
 
OP
OP
wiredcharlie
#17
A window opens and displays the script code, that's it.

That sounds like your system has marked the humax.sh file as non-executable. Try this:

Open Terminal and type chmod 777 with a space after the 777
On 3DC.app right click > Show Package Contents and open Contents/Resources
Drag the humax.sh file from the finder window to the Terminal window which will put in the path ending in humax.sh after chmod 777
Press Enter

3DC.app should now work.

Or....

Now that you have set the permissions on humax.sh, it should run in terminal if you double click it.

Tony
 
Last edited:
#18
Still doesn't work me. When I right-click, the options available are to open it with Xcode, Excel, Textedit and Word. I've dragged humax.sh into the Terminal window and after a pause, it reports, "rm: Temp: No such file or directory."
 
#20
It crosses my mind that the title of this topic is a misnomer. This could hardly be regarded as AUTO decryption.
I suppose you could class it as auto decryption if your PC and Humax are both always on and you run the script or program regularly. Even better if you could automatically cause the Humax to re-index the foxied files. Then, of course, you would have to stream down and ftp upload the programme(s) remotely and periodically. :eek:

wiredcharlie's original post outlined a proposed method for (possible) auto decryption. So far is just a remote manually initiated "foxy all". So you could be right - at present. As a means of gleaning information that might lead to auto-decryption on the HDR-1800T/2000T eventually, it isn't misleading.
 
Top