CCcam 2.3.0 Backdoor

I would use another version of CCcam until this has been proven otherwise, especially if you or your peers have been noticing illegal login attempts.

Quote from master G

I would use another version of CCcam until this has been proven otherwise, especially if you or your peers have been noticing illegal login attempts.

As G said, unless there is any benefit ( your card will now be read directly in CCcam )
Stick with what you trust.

Quote from andy ray

How does this affect people like myself who use oscam,i have a number of long term peers who use 2.3.0 and dont want to remove them if at all possible

Their CCcam.cfg would be compromised, so they now have access to your sharing details and can use your card.

Look for higher ecm than normal from these peers.

Put CCcam in debug mode, in CCcam.cfg put this line DEBUG : yes and look in var/log/messages for any illegal access attempts or double logins.

Quote from andy ray

I dont have a cfg file i use oscam dvapi do i add it onto one of my config files

Have a look in oscam webinfo and check your clients for double login attempts.

Quote from polo1996

Code

http://pastebin.com/0ZFbh4RX

CCCAM 2.3.0 is taking the backdoor crap even a step further.

The lowest scum of the earth, UVADI TEAM, have done it even better this time. Making sure sharing will die for sure if they keep this crap up.

Before I continue, I would urge people with BRAINS and PROGRAMMING SKILLS, to download IDA PRO (torrent) and decompile it for themselfs to find the fucking remotely triggered backdoor.

How it works.

When you install CCcam 2.3.0 , nothing special is happening at first, and cccam will check for input activity on the pc or box to make sure nobody is watching. When it finds itself comfortably alone, it will start sending your ENTIRE CCCAM.CFG info to this IP 176.9.242.159 (a rented root server in germany).
Now I recompiled a version so I could trigger the backdoor myself, and TADA, some fucking ITALIAN dialup asswipe connected to the server I just set up , IP : 2.32.190.9. So traffic on my card started. THIS THEY CAN NOT HIDE in Cccam, it shows as a CONNECTED CLIENT from one of your clients in cccam.cfg where the dyndns has been removed (still lack of cccam, if dyndns is non-existing) the security feature doesn't work anymore and everybody can connect on that user.

I have 2 words for UVADI TEAM -> YOU SUCK !!!!!!

The future of CCcam is dead thanks to these low life asswipes , just after free sharing and making their own "spidernetwork" on your card.

BLOCK ALL CLIENTS that have 2.3.0 connected to your server as it will still read all connected clients from the server, trough the client !!

latest original CCcam 2.1.3 and 2.1.4 which are secure and don't have this backdoor code.


ps: AGAIN , if you don't want to take the warning for granted, decompile and look for yourself !!!!!!!

Display More

polo1996,
is this your own opinion or have you just copied from elsewhere?
Those who have been around have read all these rumors with earlier versions.

I think it is unfair to blame UVADI team for this as the last version they claimed was CCcam 2.1.3. Given that the changes made in the 3 versions since are minimal to say the least my belief is that 2.1.3 was the last release from the CCcam team.

Quote from *** pirate

wouldnt worry to much, all this again after 2.2.1 same story
reading in german forums about backdoor in 2.3.0 they think its nonsens.
this video seems to be from 2010.
the guy seems to treat his own server he is showing up as root, should mean its his own gear.
this is statet by some administraters in a german linux forum, one of them with 16000 posts!!
others with 8 and 12000 posts.
so i keep a eye on my friends with 2.3.0 and thats it.

where would be the point for uvadi? to do something like this?
they can go into my cfg and make new lines and sell them?
cant really believe this. never a strait forward business, only hassle for all the them. most of new entrys would be discoverd sooner or later and removed, so what?
the only thing i can think of is to get the card details and sell them to the tv providers.
is this a business for uvadi?
dont know i think its all nonsens.
keep an eye on your server, and if somebody really can proof a backdoor, let us know please.
for a smooth cccam sharing
bye
elpirate:beat_shot:

Display More

Agree with all you have said el pirate, we hear the same with the last 3 releases but the fact is that there is very little new with these versions and no obvious benefit to anybody using them. To anyone who is worried about these versions i will say that CCcam 2.1.4 later are the least of your worries. Oscam can make any hop card appear as local showing whatever CCcam version as server the faker chooses. This is unbelievably easy to do, the info is not posted here for that very reason.

Put those ips into your browser and you will see this rumor is complete nonsense. The first post of this thread is on just about every sat forum around with about 20 different people claiming it as their own. As with the 2.2.1 & 2.1.4 backdoor rumors nobody has posted any proof at all. people have also been testing thoroughly for the backdoor and again nothing detected.

So how about some proof from those who claim to have decompiled it instead of starting rumors they have no facts to back them up with?