Not my work, but found this on Reddit and it may be of use to some folks here
I've spent the last few days digging around with Wireshark + custom firmware to see how this was working, and it turns out it's quite simple and can be removed from all current firmware on all models that I've tested (250/254/256/322/324). We could, as people currently are, keep changing portal URLs - but this is not sustainable and as the box is phoning home on every boot, is more than likely just making it easier for Infomir to just re-block on the next wave of updates to the blacklist.
At boot the box performs the following:
DNS lookup for NTP server
Contact all NTP Servers found
Executes the script /etc/rc.d/rcS.d/S98stbapp (which then launches stbapp - the browser that displays your portal)
DNS lookup for mag???.dcbs.infomir.com
Encrypted communication with mag???.dcbs.infomir.com
Saves result of this communication as /mnt/Userfs/data/dls.backup
Displays portal selection page
Otherwise load portal as normal
Once dls.backup is stored in the box, it will continue to block all currently known portals on the blacklist even if Infomir's server is unreachable. /mnt/Userfs is not wiped on firmware restore either, so it will persist between versions unless we wipe it. This means we have two tasks to perform:
Personally I favour patching stbapp, as this ensures it's impossible for it to somehow slip through (since it'll be looking for the wrong server.) But in the current firmware versions both methods seem effective. Both of theses tasks CAN be done by hand, but the easiest way (especially for larger providers) is to build a custom firmware that users can just load from a USB that will both patch the problem and prevent Infomir from pushing any more automatic updates to that box. For those comfortable making the change and would rather do it themselves the details are below. If people need them, I can build patched firmware for the boxes that people need, but won't have the time to build and upload them before probably Sunday evening.
To edit the hosts file (/etc/hosts) add the following line (replace mag324 with the correct model for you):
To patch stbapp, open /usr/local/share/app/stbapp in a HEX editor, search for
and make ANY change to the domain name (without changing the length AT ALL)
Finally to ensure that the dls.backup will be deleted after flashing your custom firmware than add the following line to
/mnt/Userfs/data/dls.backup before the line that launches stbapp:
If all the above has been done correctly, then all previously blocked portals will now be accessible again, and no future blocks will have any effect either.
The info above is ideally designed to be done as part of the process of compiling a custom firmware. If you want to do it directly on the box then you can access it using an SSH client (such as PuTTY)
You connect to the IP of your box using your SSH client with the following details:
Infomir's factory images disable SSH, so if you can't connect then you'll need to flash your box with a firmware from (https://soft.infomir.com/
Browse to the page for your specific model of box, and download the file named "imageupdate"
Place that file on a USB stick (which must be formatted as FAT32. MAG254 and earlier can be picky about which sticks they recognise, you may need to try a few - don't use USB3.0 sticks) in a folder named after your box model (eg mag256) and then reboot your box while holding down the menu key on the remote. This will take you into the setup menu
Select Upgrade Tools
Select Upgrade from USB
That should flash your box with a firmware that allows console access.
Once you get in via SSH, run the following commands to do a quick and dirty patch:
echo 127.0.0.1 mag256.dcbs.infomir.com >> /etc/hosts
reboot && exit
Obviously as in the instructions above, replace mag256 with whatever model of mag you have. This isn't (in my opinion) as good of an option as a custom firmware since it won't auto-purge the cache if it somehow comes back, or block automatic updates (so make sure you disable automatic updates yourself BEFORE you take the box online after flashing it)
My hope is that providers will start offering custom firmware to their end users, which will simplify life greatly.
Link to the custom firmwares: https://mega.nz/#!ccUUxAhS!Gw83gbooR...FvxWQFvBBrgDH0