What's new

CCcam Tutorial Cccam tutorial (for beginners)

Not open for further replies.


The Mangler
Staff member
Oct 13, 2014
Reaction score
Warning! Warning!
The first action of any user must be to change and activate the username and pasword.
Change the following things in the CCcam.cfg before you go any further
#WEBINFO USERNAME : Change this into WEBINFO USERNAME : testuser*1234
#WEBINFO PASSWORD : Change this into WEBINFO PASSWORD : testpass&1234

Cccam English tutorial.
This tutorial will help you master the full potential of this excellent CAM.

Cccam English tutorial.
The following tools are required to be able to use the CCcam on your Dreambox
1) Linux compatible editor, such as Ultraedit32,Notepad ++ or Crimson Editor (freeware)
2) FTP software like FlashFXP
3) A syslog utility like 3csyslog (freeware)
4) A Telnet utility, the Windows integrated tool will do the job


The first part is for beginners.
Installing CCcam

The CCcam archive is composed of 2 files, a bin file and a config file. In the original RAR archive, the authors have saved the Dreambox binary file as CCcam.ppc, whilst the config file is the same as for any version.
It is suggested to rename the binary file in CCcam as it will help make the following Telnet procedures easier.
Copy the bin file to /var/bin and set the rights (attributes) to 755. Copy the config file to /var/etc/

We are now ready to check in details how CCcam really works, using the Telnet utility
In Windows, - Start - RUN - and type Telnet (or your Dreambox IP number) and click OK Login (root).
Now do the following.Type cd /var/bin to go to /var/bin, check whether you are in the correct directory (for Linux ls=dir), check the file colour, the CCcam file should be green.

At the prompt, type "CCcam –dv" making sure to match the file name as well as capital letters.
The –dv command will give you the possibility to see each step that CCcam does, through an activity log that should look like the following one.

1) 16:09:26.209 CCcam: ===================================
2) 16:09:26.212 CCcam: starting CCcam 1.2.0 compiled on Jul 5 2006@21:12:46.
3) 16:09:26.212 CCcam: ===================================
4) 16:09:26.276 CCcam: online using nodeId 578103ff60952939.
5) 16:09:26.305 CCcam: DM70x0 detected.
6) 16:09:26.307 CCcam: create 2 cam device(s).
7) 16:09:26.920 CCcam: provider num: fff830.
8) 16:09:26.920 CCcam: provider key: (hier steht die abonummer).
9) 16:09:27.120 CCcam: provider num: 021c00.
10) 16:09:27.121 CCcam: provider key: (hier steht die abonummer).
11) 16:09:27.215 CCcam: card added to broker with caid 500.
12) 16:09:28.018 CCcam: card added to broker with caid 4a70.
13) 16:09:28.072 CCcam: added 389 keys from /var/keys/SoftCam.Key.
14) 16:09:28.132 CCcam: added 541 keys from /var/keys/AutoRoll.Key.
15) 16:09:28.133 CCcam: static cw not found or bad.
16) 16:09:28.134 CCcam: read_ignorefile: cannot open /var/keys/CCcam.ignore or not found.
17) 16:09:28.135 CCcam: server started on port 12000

If you suspect something is not correct, and would like to check the ECMS answers, these will appear directly on your DB when zapping channel.
Just start a second Telnet session, type the command ps and press Enter.
The active processes will be displayed and should look like the following example:

1: root@dm7020: > ps
2: PID Uid VmSize Stat Command
3: 1 root 608 S init [2]
4: 2 root SWN [ksoftirqd/0]
5: 3 root SW< [events/0]
6: 4 root SW< [khelper]
7: --- extra lines removed---
8: 599 root 2100 S /var/bin/CCcam_1.2.1
9: 600 root 2100 S /var/bin/CCcam_1.2.1

Reading Log entries
4) online using nodeId 578103ff60952939
This is a unique identity number created for each server/client user upon connecting

5) create 2 cam device (s) 7020
2 CAM devices have been found.
The following lines 7) 8) and 9) display data about the subscription card provider id number.

9) provide num :021c00 is the provider number, which is Redlight/FullX

11) card added to broker with caid 500
This line identifies the CAId (Conditional Access Identification) in use to provide access to the service, which, in this case, is Viaccess.
The subscription card is identified by both the CAId and the Provider, and therefore, in our example 0500:021c00.
Some providers use many CAId’s.
This is why in our log, Redlight/FullX is also listed as 0600:021c00, where 0600 is the IRDETO CAId.
It is very important to understand the system caid/provider as it will be taken into consideration again in this tutorial

13) added 389 keys
there are 389 keys read from the static key file

15) cw not found or BAD

there are no static cw available; this does not represent a problem (optional)

16) read_ignorefile: cannot open/var/keys/CCcam.ignore or not found this is also not important for the upcoming instructions .

17) server started on port 12000
the server runs on port 12000 TCP(this is very important for your Router/Firewall settings)

Unless the destination folder has been changed, by default, the key file is found in the var/keys folder.
CCcam is using the SoftCam.key/Autoroll.key format, which is also used by other EMU systems.
For this reason, there is no need for a purpose built key file format for this CAM. Keyfiles are an option as CCcam works also without any of them

CCcam and cardsharing

To configurate and connect the CCcam, you need to go to the ETC folder and edit the CCcam.cfg file.
The CCcam config file itself is a little help file. Indeed, you will find many text lines starting with #.
These lines are inactive and provide help to set the CCcam, and there is no need to delete them as they are ignored by CCcam.
Therefore, they can also be used to add any note or comment.
The configuration lines can be written in any order.
There is no standard order to respect.
Indeed, when started, CCcam reads the first character of each line and executes the request.
Let’s look at each line syntax now.

F: Friends
F: user1 pass1 1

C: Connect
C: server.dyndns.org 12000 user1 pass1
The Sealion (where C stands for connect) enables the CCcam to connect to another server
The URL or IP after C: is necessary to identify the server in the sharing network.
12000 is the port used by the server to communicate and user1 pass1 identify the user .
Note: each user is accepted only once by the server

How to connect a client to a server:
The F line launches the server, whilst the Sealion launches the client, and this is all you need.
Should the client wish to share its subscription cards with the server, then you need to add a Sealion at the server, and an F line at the client.

Log Diagnostic
Should you wish to check whether the connections are working properly, then use the CCcam –dv Telnet command.
This option will give you the possibility to check the log and make sure all is ok.It may be useful for beginners to do it with Telnet, and, once experienced, it may also be done using the the automatic script found in the blue panel.

This is what the dialogue between the 2 decoders should look like

1) 11:55:06.977 CCcam: found betacrypt caid: 0x1702 ecmpid: 0x100a id: 0x0
2) 11:55:06.978 CCcam: found betacrypt caid: 0x1722 ecmpid: 0x100a id: 0x0
3) 11:55:06.978 CCcam: found N*gra caid: 0x1801 ecmpid: 0x1642 id: 0x0
4) 11:55:06.978 CCcam: cam[0] set PMT for sid=a
5) 11:55:06.979 CCcam: start EMM
6) 11:55:06.996 CCcam: cam[0] ecm even nok caid:0x1702 id:0x0 pid:0x100a Premiere Sat (19E)
tunneled N*gra (took 0.0010 seconds)
7) 11:55:07.061 CCcam: cam[0] ecm even nok caid:0x1722 id:0x0 pid:0x100a Premiere Kabel (19E)
tunneled N*gra (took 0.0003 seconds)

Lines 1) 2) and 3) display information about the service encryption
Pre**er is displayed with the 3 possidble CAId’s:
1702 tunnel N*gra = betacrypt for DVB-S
1722 tunnel N*gra = betacrypt for DVB-C
1801 plain N*gra (not used or only on s04 card) = unused.
The Pre**er provider is usually written with 6 digits.In this case, the service ID is 100a and identifies Pre**er1.
Line 4) “Start EMM” marks the point where CCcam starts looking for keys
The 2 following lines list the local server replies.
In this example, the replies are negative ecm even nok caid:0x1722. This is normal as there are no cards in the receiver.
The query lasted 0.0003s.

We then find the queries sent to the server:
8) 11:55:07.194 CCcam: remote ecm -> 0x1702(0x000)
9) 11:55:07.331 CCcam: remote ecm <- ok (took 0.1364 seconds)
10) 11:55:07.333 CCcam: cam[0] ecm even ok caid:0x1702 id:0x0 pid:0x100a Pre***re Sat (19E)
tunneled N*gra (took 0.1383 seconds)>code<
ecm even ok caid:0x1702 means that this query has been successfully transmitted through the LAN in 0.1383s
killall CCcam marks the end of the log

End of PART I.


Web Server and other EMU’s connection settings

The CCcam webinfo server provides information about the current CCcam status and its connections through a web page.
This option provides clear information about all the connected clients, the active clients, as well as the servers status.
By default, the webinfo server runs on port 16001.
Therefore, to access the webinfo sever using your browser, type
Please, Log in or Register to view URLs content!
If set in your CCcam config file, you will be asked to enter the user name and password.
In our example, there must be a defined access of a client to a server.
If the access is defined, then the communication is established, and the information are displayed.

This is an example of what the client webinfo server page looks like.
The top section displays information about the clients who have been active during the past 20 seconds, as well as the amount of ECM received.
The bottom part represents a list of all the users as well as a traffic summary.
The local traffic differs from the remote traffic, and it is therefore displayed separately.

Connected clients: 4 +---------+------------+------------+------------+---------+-----+--------+----------------------+----------+ | Username| Host | Connected | Idle time | ECM | EMM | Version| Last used share | Ecm time | +---------+------------+------------+------------+---------+-----+--------+----------------------+----------+ | User1 |xx.xx.10.1 |00d 01:19:32|00d 00:00:01|518 (509)|0 (0)|1.2.1 | Last used share | Ecm time | | User2 |xx.xx.10.2 |00d 00:46:25|00d 00:00:10|174 (167)|0 (0)|1.2.1 | Last used share | Ecm time | +---------+------------+------------+------------+---------+-----+--------+----------------------+----------+
+---------+---------------------------------------+ | Username| Shareinfo | +---------+---------------------------------------+ | User3 | local 500:021500 1(0) | | User4 | remote 919:000000 280(280) | | | remote 1801:000501 2(0) | +---------+---------------------------------------+

An example of what the webinfo server page looks like is reported here under.
On the right side, it is listing the server CAID’s along with the amount of requested ECM’s.
The local or remote traffic are separated again.

Server connections: 1 +----------------------+------------+---------+--------+----------------+-------+-------------------------------+ | Host | Connected | Type | Version| NodeID | Cards | CAID/Idents | +----------------------+------------+---------+--------+----------------+-------+-------------------------------+ | |00d 15:15:58|CCcam-s2s|1.2.1 |5d341729df599d5a| 2| remote 919:000000 60(46) | | |00d 01:33:02|CCcam-s2s|1.2.1 | | | local 4a70:000000 67(0) | +----------------------+------------+---------+--------+----------------+-------+-------------------------------+

Log using a Syslog utility
In all our examples, so far, we used the Telnet command.
However, this is not the best solution to launch the EMU in –dv mode and check possible errors.
3CSyslog represents an alternative solution.
This utility is a Freeware, and can be downloaded from the web
Please, Log in or Register to view URLs content!

First of all,you need to apply the following settings in the CCcam configuration file.
Both SHOW TIMING and DEBUG must be set to YES.

# if timing should be shown in OSD and debug output
# default is no (turned off)
# turns debugging on and off
# default is no (turned off)
DEBUG : yes

Then, enable the syslog option in your DreamBox.
On Gemini images, this is found in Blue Panel, Extra Settings, Sys/Kernel Log.
Press OK, and press it again to select Syslog/Daemon.
Now enable all the options including the remote logging option.
Fill in your PC IP number, and use port 514 (DUP) .

If you now launch the command Ccam - V, the activity log will be recorded to the Dreambox syslog and all the information will be displayed on your PC .
3cSyslog works for CCcam as well as other EMU’s, such as Camd3 and Newcs.
In this case, it will require to enter the port number 514 in the config file.
Syslog-Daemon is not required for these 2 EMU’s.

Other EMU’s connections

CCcam can read Camd3 sharing data, but cannot work as server for Camd3.
However, this works only for Camd3 UDP sharing networks ( these always start by 357 camd3.servers 357).
When added to your CCcam, the L: line creates a link from CCcam to a Camd3 server.
The syntax is:
Example given:
L: server.dyndns.org 567 user pass 0100 000080

To identify the cards an/or softcam key, CAMD3 requires the CAID/Provider numbers (as discussed in part 1).
If the camd3 servers holds many cards, and therefore many caid/provider, then an L: line must be written for each card.

The R: line links CCcam to a RADEGAST server.
The syntax is
Example given
R: 678 0100 000080

As with camd3, an R line is required for each card

Newcamd (Newcs)
The N: line links CCcam to a Newcamd server (e.g. NewCS or Newcamd).
Connencting to a Newcamd server is very simple, because when a client connects, the server will provide infomations about the available services.

Example given
N: 10000 dummy dummy 01 02 03 04 05 06 07 08 09 10 11 12 13 14

The current CCcam version (V 1.2.1) cannot read all kind of cards.
This is why,it requires additional protocols known as CardReaders.
Amongst these, NewCS is probably the best choice to work with the NewCamd protocol.
The NewCamd protocol is using a 2 way login between the client and the server.
Using NewCS, this feature offers the possibility to know which EMU is used by each client.
If a client prefers not to share this information, then the Stealth mode must be enabled.


If you wish to enable a newcamd setting on your Dreambox, then set it to YES

NewCS Configuration

Even though NewCS is not directly related to CCcam, it is required to allow CCcam reading some subscription cards such as N*gra 2, N*S
Newcs is also composed of 2 files:
a) A binary executable NewCS found in /var/bin/newcs
b) The configuration file newcs.xml found in found in /var/tuxbox/config/newcs.xml
Attributes for the executable newcs file must be set to 755.
The configuration file newcs.xml contains information for the cardserver.
As for HTML files, newcs.xml is composed of tags that must be be opened and closed each time.
Let’s look at the newcs.xml configuration file.

device >
name > lower < name
type > Sci < type
node>/dev/sci0 parity > even < parity
export > yes < export
enabled > yes < enabled
blocksa > no < blocksa
blockua > no < blockua
blockga > no < blockga
boxid > < boxid
PTShandshake > no < PTShandshake
Seca-PPV > no < Seca-PPV
crypto-special > no < crypto-special
carddetect > no < carddetect
newcamd_port > 34000 < newcamd_port
autosid > yes < autosid
priority > round < priority

This section of the configuration file is listing information about the Dreambox card lower slot (/dev/sci0).
Without waisting time on each tag, the most important information to note is the communication port.
This port is used by CCcam and must be reported to the N: line of the CCcam.cfg file.

enabled > yes deskey > 01 02 03 04 05 06 07 08 09 10 11 12 13 14 < deskey
name > newcs < name
name > dummy < name
password > dummy < password
au > on < au
allow > lower < allow
allow > upper < allow

In this seconf section, the Newcamd server is enabled and the Deskey is defined.
The DesKey must be added to the CCcam.cfg file.
All you need now to complete the N: line are the user and password.
These can be found in the next row, in the and tags: dummy/dummy .
Therefore, with newcs in local, your N: line would be:
N: 34000 dummy dummy 01 02 03 04 05 06 07 08 09 10 11 12 13 14

Note.When NewCS is used as cardreader, this must be started before CCcam.
It is therefore suggested to start 2 Telnet sessions, one for NewCS and one for CCcam.

End of PART II


Advanced Settings

CCcam clients have the possibility to reshare their server connections.
This feature is known as “cascading”, and works really well with CCcam.
Let’s see how it works.
For instance, we have 4 users or groups where the 1st one is directly linked to the 2nd one, the 2nd one is directly linked to the 3rd one, the 3rd one is directly linked to the 4th one.
The “cascading option” enables the 1st user or group to be linked with the 4th.
box1 <----> box2 <----> box3 <----> box4
^----1 hop-----^
^-----------2 hops-----------^
^--------------------3 hops-------------------^

If box1 receive a key from box4 (procedure known as ECM), this key will go through 3 groups, which are known as HOPS.

In the following example, the client will have access to the server local cards, as well as those located 2 hops further .

F: user1 pass1 2

Therefore, if the server is located in box2, box1 will have access to box2 as well as box3 and box4

Uphops, local keyfiles and remote EMM setting procedures.

F: username password uphops shareemus allowemm
username identifies the username you assign to the client
password identifies the password you assign to the client
uphops allows the client to have access to the server’s other clients cards.
If set to 0, then the client will only have access to the server local cards; if set to 1, then the client will have access to the cards at a distance of 1 hop from the server; if set to 2, access will be as far as hop 2, and so on.
shareemus is enables the local key file sharing option. If set to 1, then the server key file is shared; else, if set to 0, it is not shared.
However, the client can choose whether to accept this option or not.
If the client wishes to receive the server keyfile, then this must be set by adding “yes” in the C: line as follows:
C: 12000 user3 pass3 yes
If a client does not want to use this option, the C: line will be
C: 12000 user3 pass3 no
By default, shareemus is set to 1.
This option is very useful when there are many groups in the network.
In this case, instead of updating the Softcam.key file of each client, it will be enough to update the server only.
allowemm enables the remote EMM autoupdate feature.
If it is set to 1, then the user will have access to EMM on the local card, else, if set to 0, the client will not have access.
For instance, there is a key change at the server side.
Therefore, a new key will be sent via satellite.
The new key will be recognized by the server as soon as it is tuned to the correct TV service.
If the remote EMM is enabled, then each client will receive the same update as soon as the client is also set to the same TV service.
The client’s box will perform what is called REMM (Remote EMM).
By default, this is set to 1.
Example 1
F: user2 pass2 0.1.0
In this example, user1 will only receive the server local card, the server is set to share the local key file, and the remote EMM is disabled.

Example 2
F: user1 pass1 3 0 0
In example 2, user 1 can reach the cards 3 hops away from the server, in addition to the server local card; the server is set to forbid access to the local key file; the remote EMM is disabled.

Not open for further replies.

Top Bottom