Just Uber

I just updated my Humax-HD Freesat box to the 1.00.23 firmware and decided to have a furtle with it. As this update is supposed to enable iPlayer (although it can’t be used until Freesat say so) I thought I’d try and see if anything funky was going on over the network to give me the opportunity to play with some security tools.

I used Nmap to scan the Humax and see if any ports were open. The scan didn’t return anything from TCP ports (so I’m assuming that they’re all closed), and returned unreachable for all but 10 UDP ports. The Humax didn’t send any kind of response to the scans on these 10 ports so Nmap considers them open|filtered. I checked the well known port list on wikipedia to see if any of them matched up.

1057/udp open|filtered unknown – No listing

5351/udp open|filtered unknown – Wikipedia shows as NAT Port Mapping Protocol (official). This is used to allow a NAT’ed device to communicate with devices outside of the private network. It looks to be used a lot in peer to peer file sharing.

16739/udp open|filtered unknown – Not listed

19935/udp open|filtered unknown – Not listed

20465/udp open|filtered unknown – Not listed

21625/udp open|filtered unknown – Not listed

22053/udp open|filtered unknown – Not listed

24606/udp open|filtered unknown – Not listed

47772/udp open|filtered unknown – Not listed

49187/udp open|filtered unknown – Not listed

I used ncat to send a few key strokes at each of these ports but got nothing back. Then again, not having a clue what could be sat behind most of them (if anything) I don’t know if I should get anything back anyway (or even if there is a service making a reply, would it reply to the same port that made the request?). A UDP service scan in Nmap also fails to get any further information.

The Humax box is connected to my home router via a powerline ethernet adaptor. As the powerline network connects into one port on the broadband router I figured that I should see traffic going between the Humax and the router from a laptop connected to another powerline adaptor using Wireshark. The scan shows that again, there’s not much going on. When the Freesat box boots up it requests an IP address using DHCP. That’s about it.

So all in all, not much info there. The only service that looks to be of interest is NAT-PMP. It makes me wonder whether or not the Humax box will try to engage in a peer to peer network when iPlayer is activated, or if the service is designed to allow the box to be contactable from outside of your home network. Who knows?

If you have any corrections, answers or suggestions then please get in touch. I’d be interested to hear your thoughts.

*UPDATE*

It looks like the BBC have kindly allowed the iPlayer beta test code to ‘leak’ out before its official release. Turn your freesat box over to BBC 1, press the red button and type 5483 to watch iPlayer…

Hi all,
I have been working on a Symfony (ver1 of the MVC) based application. It needs really tight security that is really granular. So I did what most people do and installed the cool sfGuardPlugin.

It works a treat.

But.. I started to look at how I secure individual buttons, or sections of code etc.
The best way would be to create a load of credentials, e.g view_token, add_token, edit_token, view_token_history, etc etc which can then be grouped together to allow access via groups or individual assignement.

Then I started thinking about the use of hardcoded text within the code, such as the following example and ‘viewtoken’.

$sf_user->hasCredential('view_token');

I don’t like hardcoding anything if I can help it, so installed the sfSettingsPlugin, added the line of code:

include_once (sfConfigCache::getInstance()->checkConfig('config/db_settings.yml'));

to my controllers (it doesn’t mention that anywhere on the plugin site or within the code!), did a quick symfony propel-build-all-load & symfony cc and added a few settings.

The settings are available in your app as a normal CONSTANT, I created view_token with the value of viewtoken, so I could access it within the application as the constant VIEW_TOKEN.

You may wonder why I didn’t just hardcode the values? I am not sure at the moment, its a lot of hassle so far, but at least it will be highly configurable

Any ways, we have installed the sfSettings plugin, I have the very good wordpress style menus plugin called sfCssTabsPlugin already installed and working well. Finding this great add on that allowed the sfcsstabs to recognise security credentials that are based in any modules /config/security.yml, I thought great!

But I hit a snag, once installed and working it only recognised the first credential of that user.
If you have a lot of credentials, and I do, then it fails

I found a work around though:
In \plugins\sfGuardPlugin\lib\user\sfGuardSecurityUser.class.php
I replaced:


return $this->hasCredential($credentials);


with:


$permissions=$this->getAllPermissionNames();
if(in_array($credentials, $permissions)) {
return true;
}else{
return false;
}


This gets all the permissions, those set within a group and those assigned to an individual user.
I am not sure if this is best way to do it, I am sure writing another method within the model would probably be a better bet, but I am soooOO lazy. If I do (or you?) then I will post it on here.

The above code allowed me to get all the credentials and display individual elements of the menu according to the security credentials of the user.

thanks

Adam