Taken from another forum. Posted by a user beginning john??? - not sure who deserves credit:
Defeating the Infomir/MAG Portal blocking
I've spent the last few days digging around with Wireshark + custom firmware to see how this was working, and it turns out it's quite simple and can be removed from all current firmware on all models that I've tested (250/254/256/322/324)
We could, as people currently are, keep changing portal URLs - but this is not sustainable and as the box is phoning home on every boot, is more than likely just making it easier for Infomir to just re-block on the next wave of updates to the blacklist.
At boot the box performs the following:
DNS lookup for NTP server
Contact all NTP Servers found
Executes the script /etc/rc.d/rcS.d/S98stbapp (which then launches stbapp - the browser that displays your portal)
DNS lookup for mag???.dcbs.infomir.com
Encrypted communication with mag???.dcbs.infomir.com
Saves result of this communication as /mnt/Userfs/data/dls.backup
Displays portal selection page
If portal is blocked, it then loads and displays the error message (which is stored in the javascript for the Inner Portal - so we can edit this if we choose)
Otherwise load portal as normal
Once dls.backup is stored in the box, it will continue to block all currently known portals on the blacklist even if Infomir's server is unreachable. /mnt/Userfs is not wiped on firmware restore either, so it will persist between versions unless we wipe it.
This means we have two tasks to perform:
Patch stbapp OR the hosts file to block the blacklist server
Erase dls.backup to prevent cached lookups
Personally I favour patching stbapp, as this ensures it's impossible for it to somehow slip through (since it'll be looking for the wrong server.) But in the current firmware versions both methods seem effective.
Both of theses tasks CAN be done by hand, but the easiest way (especially for larger providers) is to build a custom firmware that users can just load from a USB that will both patch the problem and prevent Infomir from pushing any more automatic updates to that box.
For those comfortable making the change and would rather do it themselves the details are below. If people need them, I can build patched firmware for the boxes that people need, but won't have the time to build and upload them before probably Sunday evening. (Pending recommendations of a good anonymous file host)
To edit the hosts file ( etc/hosts ) add the following line (replace mag324 with the correct model for you)
127.0.0.1 mag324.dcbs.infomir.com
To patch stbapp, open /usr/local/share/app/stbapp in a HEX editor, search for
dcbs.infomir.com
and make ANY change to the domain name (without changing the length AT ALL)
Finally to ensure that the dls.backup will be deleted after flashing your custom firmware than add the following line to /mnt/Userfs/data/dls.backup before the line that launches stbapp:
/bin/rm /mnt/Userfs/data/dls.backup
If all the above has been done correctly, then all previously blocked portals will now be accessible again, and no future blocks will have any effect either.