PDA

View Full Version : Hacks, and their descriptions



MudShark
09-21-2003, 09:13 AM
OK, yeah, I'm a newbie. I'm perectly fine with a command line (in an M$ enviroment) But not that great with Linux. I can wield a mean soldering iron, do microcontroler design/programing.

...So I'm teachable. :)

Anyone care to define these hacks? (and if they work/won't with a PROM hack an/or monte)

KMEM

MFS_FTP

killintrid (and the others, tiny, etc)

'patched' Tivoapp


...and any others i may be missing (I think the ftp, telnet, bash, and TiVoweb are obvvious, but then maybe so are some of the others I'm clueless on)

mrblack51
09-21-2003, 11:01 AM
Originally posted by MudShark
OK, yeah, I'm a newbie. I'm perectly fine with a command line (in an M$ enviroment) But not that great with Linux. I can wield a mean soldering iron, do microcontroler design/programing.

...So I'm teachable. :)

Anyone care to define these hacks? (and if they work/won't with a PROM hack an/or monte)

KMEM

MFS_FTP

killintrid (and the others, tiny, etc)

'patched' Tivoapp


...and any others i may be missing (I think the ftp, telnet, bash, and TiVoweb are obvvious, but then maybe so are some of the others I'm clueless on)

kmem - this is a tool for messing with the kernel's memory. specifically, its used to apply a patch to prevent shows from being scrambled. this is equivilent to using noscramble techniques on the s1 units. if you are using monte or a hacked prom, you dont need this, because you can patch the kernel. however, if you are using bash_env, then this is the only way.

mfs_ftp - used to extract and insert shows from/into a tivo. can be used on any unit which has shows which aren't scrambled and that you have bash/telnet access to.

killinitrd - the initrd is a file in the kernel image which checks files to ensure they match a signature produced by tivo. if they don't match, they get deleted, and sometimes replaced. killinitrd and other tools are useless with bash_env, because you need a properly signed kernel. with monte or a hacked prom, these tools allow you to modify the files on your hard drive without worrying about them getting deleted.

tivoapp patching - tivoapp must be patched on s2 sa units 4.0 and higher. you can patch on any unit with bash access, but the only methods to get bash on 4.0 are monte or a hacked prom. bash_env won't work on 4.0

MudShark
09-21-2003, 03:43 PM
Originally posted by mrblack51

tivoapp patching - tivoapp must be patched on s2 sa units 4.0 and higher. you can patch on any unit with bash access, but the only methods to get bash on 4.0 are monte or a hacked prom. bash_env won't work on 4.0

Thanks!! Much appreciated.

Is bash and bash_env two different things? I would have thought they were the same (bash - bash shell, bash_env - bash enviorment)

So is the hacke PROM the way to go? The monte method seems kinda messy and your using an outdated version (well, sorta outdated)

Once again, thanks!

mrblack51
09-21-2003, 04:20 PM
Originally posted by MudShark
Thanks!! Much appreciated.

Is bash and bash_env two different things? I would have thought they were the same (bash - bash shell, bash_env - bash enviorment)

So is the hacke PROM the way to go? The monte method seems kinda messy and your using an outdated version (well, sorta outdated)

Once again, thanks!

bash, when used on this message board, refers to having access to the bash shell via telnet or over serial. bash_env is a method for obtaining bash by exploiting a security hole by using a specially formed BASH_ENV environment variable. do a search for more info on bash_env.

bash_env is somewhat outdated, but it is the easiest. however, you are stuck using versions which allow the exploit. monte can use any current version, but it takes more steps. prom replacement is the ideal, because it puts us on par with how we had things on the s1 units. however, prom replacement is not something most can do on their own.

MudShark
09-21-2003, 04:43 PM
Originally posted by mrblack51
prom replacement is the ideal, because it puts us on par with how we had things on the s1 units. however, prom replacement is not something most can do on their own.

Cool beans! Ok I think I got a handle on bash_env thingy.

For me, the prom hack looks easier. SMT equiptment on the way, (changing jobs, no access at work anymore) adapter for the device programer already done. I'm just going to reprogram the '37 thats in there now. I'll save a copy of the original of course. (in a few places) I'll also add a socket to my MoBo.

mrblack51
09-21-2003, 05:38 PM
http://groups.yahoo.com/group/s2tivoMods

just curious, whats the goal of this tivo group? is there some purpose that isn't being served here, or is it just used for the consolidated files area?

MudShark
09-21-2003, 06:21 PM
Just wanted to 'streamline' it a tad and focus directly at the S2's and to make it a how-to and/or step-by-step