It’s been a while since I’ve written about this, but there’s been a flurry of activity recently, and it’s time for me to post about this!
Comcast’s caller ID encryption has been broken! It’s actually a very simple AES256-CTS encryption. The tricky part is getting the key and the caller ID information. Getting the encrypted information is actually very simple: just connect to the right XMPP server. Getting the key, however, requires decrypting a flash file.
Anyway, with the help of a guy who calls himself Henry (if you want any more credit/a link to your site/whatever, let me know!), I’ve gotten a small python script working which will connect to the correct server and listen for the encrypted info. When it’s found, the information will be decrypted, and displayed in the terminal. Basically, we can get the unencrypted information! From here, it should be trivial to do whatever we want with it! I plan on attempting to write a Network Caller ID server with the current code as the base, but I’m not sure how much time I’ll really have to work on that/how far I’ll get.
Anyway, you’ll need this zip file and the salt Comcast uses. In the interest of not getting sued, I’m not going to post the salt here (I’m attempting to come up with a tricky way to generate the salt currently…). You’ll need to grab the correct SWF file, decode it, and find the salt. The air app can be downloaded from here. This is actually just a zip file. Inside you’ll find a bin folder, and inside that, you’ll find cid.swf. Decompile this file with whatever flash decompiler you want. In the actionscript in this file, you’ll see a package “com.machenmusik” and a class “CM_IM_Decrypt”. In this class, look for the following code:
com.hurlant.util.Hex.fromString(theSalt != null ? theSalt : “(…)”)), arg1);
I’ve put a (…) where the actual salt is.
Last steps to get this working: open up decode.py and place the salt where it says “PLACE THE SALT FROM COMCAST’S AIR APP HERE”, and open test-combot.py and place your comast username and password in that file. You’ll need the python twisted library, and the M2Crypto library installed, but that should be all you need! Run test-combot.py and you should see caller id information coming in when you get a call!
Good luck! Thanks to everyone who helped with this! If you found this helpful, please consider donating something! Just click the button on the right! If you have any questions/comments, I’ll do my best to answer them!
Here’s a Comcast to NCID gateway, written in python… Complete with init script for Linux! Thanks here goes to Feathers! Just grab this zip file, set the correct variables in the python script, and place the other file in /etc/init.d! Note that you’ll need the previous zip file to take care of the decoding work — this script is just the interface between Comcast and NCID. Thanks to all who helped with this!