Security vulnerabilities in DVB-C networks: Hacking Cable TV network part 2 presented at ekoparty 2014

by Rahul Sasi,

Summary : DVB-C stands for "Digital Video Broadcasting - Cable" and it is the DVB European consortium standard for the broadcast transmission of digital television over cable. This system transmits an MPEG-2 or MPEG-4 family digital audio/digital video stream, using a QAM modulation with channel coding. The standard was first published by the ETSI in 1994, and subsequently became the most widely used transmission system for digital cable television in Europe. source: http://en.wikipedia.org/wiki/DVB-C We been working with a Cable TV service provide for the past 1 year. With digital cable tv implementations, the transmited MPEG streams are encrypted/scrambled and users needs a setup box to de-scramble/decode the streams. Also service providers can shut down a device remotely if (no payment) or even display a custom text message that will scroll on top of a video. This is made possible by Middleware servers or applications servers that are used to manage the DVM networks. So in our talks we cover the various attacks we can do on DVB-C infrastructure. That will include the following topics. 1) Security Vulnerabilities in DVB-C middleware servers. [Hijacking a TV stream] 2) Implementation bugs in DVB-C network protocol .[Man in the Middle Attacks] 3) Fuzzing setup boxes via MPEG streams. [Shutting down Setup boxes] 4) Demo taking over your Cable TV BroadCasting.