Tmphack

From Lundman Wiki
Revision as of 01:57, 3 October 2008 by Lundman (talk | contribs)

Hacking the HDX-1000 media player.

Firmware analysis

The HDX-1000 minidevice player seems to communicate on port 1441.

The bytes captured are: 


host <<=>> minidevice
======================
>> port 1441 Syn?
<< Syn!

>> 04 "0900" 05
<< 01 "0001" 02 "09000021800000000080000000" 03 09
>> 10 30 
<< 04

>> 04 "0700" 05
<< "0700" 04 
>> 04 "0600" 05
<< 01 "0001" 02 "longstringofdata" 03 0d
>> 10 30
<< 04

>> 04 "1901" 05
<< 10 30
>> 01 "0002" 02 "1911            " 03 0b   # spaces
<< 10 31
>> 04

>> 04 "0600" 05
<< "0600" 04
>> Fin
<< Fin


The longstring of data, appears to contain: 

01
30 3030 31                    "0001"
02 
#Start of record, total of 8 records this time
3331                          "31"
3230 3038 3130 3033 3038 3436 "200810030846"   # known
3030 3031                     "0001"
3030 3030 3030 3132 3232      "0000001222"     # known
3030 3031                     "0001" 
#Start of next record
3331                          "31"
... etc ..
3030 3031                     "0001" 
# end
03 0d
Retrieved from "http://lundman.net/wiki/index.php?title=Tmphack&oldid=2892"