Android Set Top Box Lets You Stream and Record via HDMI Input

While on the hunt for some hardware that would let him stream video throughout his LAN [danman] got a tip to try the €69 Tronsmart Pavo M9 (which he points out is a re-branded Zidoo X9). With some handy Linux terminal work and a few key pieces of software [danman] was able to get this going.

The Android box was able to record video from the HDMI input with pre-installed software found in the main menu as [danman] explains on his blog. File format options are available in the record menu, however none of them were suitable for streaming the video (which was the goal, remember?).

[danman] was able to poke around the system easily since these boxes come factory rooted (or at least the Tronsmart variant that [danman] uses in his demo did). Can anyone with a Zidoo X9 verify access to the root directory?

Long story short, [danman] was able to get the stream working over the network. Although he did have to make some changes to the stream command he was issuing over ssh. He finds the fix in the ffmpeg documentation which saves you the trouble of reading through it but you’ll have to check out his blog post for that (pro tip: he links to a sweet little .apk reverse engineering tool as well).

We’ve seen set top box hacks before, however, streaming and recording HDMI at this price is a rare find. If you’ve been hacking up the same tree let us know in the comments, and don’t forget to send in those tips!

Stepping Through Code on a Pace 4000 Set Top Box

[Lee] wrote in to tell us about a Set Top Box he hacked. Before the cable industry lawyers get out their flaming swords… he’s not stealing cable, or really doing much of anything. This is a hack just for the adventure and thrill of making someone else’s hardware design do your bidding without any kind of instructions.

He posted about the adventure in two parts. The first is finding the JTAG header and identifying the pins. Arduino to the rescue! No really, and this is the type of Arduino use we love. Using a package called JTAGenum the board becomes a quick tool for probing and identifying JTAG connections.

The image above shows a different piece of hardware. From looking at it we’re pretty sure this is a Bus Blaster which is specifically designed for JTAG debugging with ARM processors. This is the beginning of the second part of his documentation which involves code dumping and stepping through lines code (or instructions) using OpenOCD and GDB. It’s a chore to follow all that [Lee] discovered just to write his name to the display of the box. But we certainly found it interesting. The display has a convoluted addressing scheme. We assume that there are cascading shift registers driving the segments and that’s why it behaves the way it does. Take a look for yourself and let us know what you think in the comments.

Raspberry Pi reaches critical mass as XBMC hardware

For years I’ve been dreaming of a streaming media device that could just be stuck to the back of a television. Since XBMC has been far and away my favorite set-top box software, I’ve closely monitored hardware developments that can run that package. Now I think it’s time to declare that the Raspberry Pi has achieved the base specifications to be branded the XBMC device that rules them all.

There are a huge range of opinions on this topic, but please hear me out after the break to see what has brought me to this conclusion.

Continue reading “Raspberry Pi reaches critical mass as XBMC hardware”

Rooting a NeoTV set top box from the couch

The NeoTV is a set top box built by Netgear to compete with the likes of Roku. It streams video from the usual Internet sources like Netflix, Hulu Plus, and YouTube. [Craig] recently cracked his unit open, and in the process discovered that the NeoTV can be rooted using nothing but the remote control.

He starts with a hardware overview. The box houses a single-board ARM design with a 128MB of NAND and 256MB of RAM. The serial port is easy to find, but it does not provide a root shell (which often is one of the easiest ways to root a device). He next turns to poking around the unencrypted firmware update to see what he can learn. That’s how he discovered that the SSID value when connecting to WiFi is fed into a system() command. This glaring security hole lets you run just about anything you want on the device by issuing commands as fake SSID names. It’s just a matter of a little Linux know-how and [Craig] now has root access on his device.

Neuros set top box with Wiimote

The Neuros set top box, called Link, is a disc-less computer running Ubuntu. Neuros encourages hacking and finding new ways to use the unit, as can be seen in their latest article explaining how to get a Wiimote to work with it. The results are pretty slick, as you can see in the video above. We can’t imagine trying to use the on screen keyboard with it, but it seems to work nice for basic navigation.