Mag boxes getting blocked

...without the consent of the user?
Is it without consent of user? Has anyone actually read all the small print and does any of it definitely not say (or at least imply) they may monitor or block?!?!
 
Is it without consent of user? Has anyone actually read all the small print and does any of it definitely not say (or at least imply) they may monitor or block?!?!

Not sure never had one, so never read it
 
Taken from another forum. Posted by a user beginning john??? - not sure who deserves credit:


Defeating the Infomir/MAG Portal blocking

I've spent the last few days digging around with Wireshark + custom firmware to see how this was working, and it turns out it's quite simple and can be removed from all current firmware on all models that I've tested (250/254/256/322/324)

We could, as people currently are, keep changing portal URLs - but this is not sustainable and as the box is phoning home on every boot, is more than likely just making it easier for Infomir to just re-block on the next wave of updates to the blacklist.

At boot the box performs the following:

DNS lookup for NTP server
Contact all NTP Servers found
Executes the script /etc/rc.d/rcS.d/S98stbapp (which then launches stbapp - the browser that displays your portal)
DNS lookup for mag???.dcbs.infomir.com
Encrypted communication with mag???.dcbs.infomir.com
Saves result of this communication as /mnt/Userfs/data/dls.backup
Displays portal selection page
If portal is blocked, it then loads and displays the error message (which is stored in the javascript for the Inner Portal - so we can edit this if we choose)
Otherwise load portal as normal
Once dls.backup is stored in the box, it will continue to block all currently known portals on the blacklist even if Infomir's server is unreachable. /mnt/Userfs is not wiped on firmware restore either, so it will persist between versions unless we wipe it.

This means we have two tasks to perform:

Patch stbapp OR the hosts file to block the blacklist server
Erase dls.backup to prevent cached lookups
Personally I favour patching stbapp, as this ensures it's impossible for it to somehow slip through (since it'll be looking for the wrong server.) But in the current firmware versions both methods seem effective.

Both of theses tasks CAN be done by hand, but the easiest way (especially for larger providers) is to build a custom firmware that users can just load from a USB that will both patch the problem and prevent Infomir from pushing any more automatic updates to that box.

For those comfortable making the change and would rather do it themselves the details are below. If people need them, I can build patched firmware for the boxes that people need, but won't have the time to build and upload them before probably Sunday evening. (Pending recommendations of a good anonymous file host)

To edit the hosts file ( etc/hosts ) add the following line (replace mag324 with the correct model for you)

127.0.0.1 mag324.dcbs.infomir.com
To patch stbapp, open /usr/local/share/app/stbapp in a HEX editor, search for

dcbs.infomir.com
and make ANY change to the domain name (without changing the length AT ALL)

Finally to ensure that the dls.backup will be deleted after flashing your custom firmware than add the following line to /mnt/Userfs/data/dls.backup before the line that launches stbapp:

/bin/rm /mnt/Userfs/data/dls.backup
If all the above has been done correctly, then all previously blocked portals will now be accessible again, and no future blocks will have any effect either.
 
Last edited:
The patch is also posted in that thread on same forum 500 plus downloads no complaints so must be ok.
Dont use a mag myself so not tested ...........Paul

Sorry not 500 downloads file is 500 meg
 
Anyone having problems accessing anonfile.com in River's post above. not working for me and I need the file for a mate

I have accessed the site and downloading the file now. When it is finished I can upload it to my mega account for you if you like.
 
Information is wrong @pachecoso
Court order means nothing. If provider gets blocked its usually fixed within 24 hours. That story has been doing the rounds for awhile now about ISP blocking streams. That, and mag boxes getting blocked. Both issues are now resolved.
I posted fix for mag boxes here.
And provider fixes server block if there servers have been picked up.

It's just cat and mouse like always. They just move the server in AWS/Azure, and then change the IP, or hide behind a CDN of some description. Unless they do what Russia did and block like 16 million IPs to try and block Telegram :L Which also failed :)
 
Back
Top