Any tips and pointers would be much appreciated, in terms of common ways to search for and exploit vulnerabilities, or the exploitation of other televisions. Alternatively, if this is an absolute fool's errand, and the whole thing is locked down tighter than Fort Knox, a firm warning that this is not a good thing to dick around with over a weekend would also be appreciated.
See if you can find a service manual for your TV. You'll want to get UART as soon as possible.
Just remember crashes are for chumps: https://gist.github.com/Benjamin-Dobell/bb13f6169aaa48625453...
PS. I think that may be my favourite piece of code I've ever written. Mostly because it's completely absurd but worked just fine.
I’d love to make it dumb or at least get rid of the nags to accept t&c or connect when someone accidentally hits the wrong button on the remote. Anything out there to do that?
After I install it, then what?
The software on tvs is awful. Plus many new tvs have ads baked in.
An open source OS would be a dream.
The big risk in old TVs was the enormous voltages in the CRTs (which acted as a capacitor and stored energy even when off, and even pick up energy from background sources)
Its always best to work out where the mains PSU is, and either cover/isolate it so that you don't touch it by accident. Even if turned off, there is a non-insigificant risk that there is either mains power lying around or some other large charge/current ready to bite.
THe back of the inlet is also tends to be a hazard, so be really careful around there too.
The other answer is "pliers."
(Make a connection across the terminals that have a voltage difference)
[1] there are exceptions, e.g. older vacuum tube sets which used a mains-driven EHT circuit with discrete capacitors
You will need to connect it to a network in order to scan it for vulnerabilities, but make that a network that has no internet access.
I would start by doing some searching on the exact make and model, especially searching through the CVE database to see what may be out there. There. If your TV has been connected to the internet, it may have had its software updated to patch any cves, but if it has not been connected, then there's a good chance it is still vulnerable and you can exploit them to get root or further access.
You can also throw scans at it. I would start with nmap and scan all the ports, also do service recognition to try and figure out what exact service is running on the other side of the port. For something like a TV, I would not expect a high success rate with identifying, but it's easy to run. What you can identify, the most important part is typically the version number. You can take that version number and compare it with CVEs with a lot more precision to see if there are vulnerabilities.
You can also try any number of scanners on it, such as nessus or openvas. There are tons of scanners out there so it's definitely worth doing some searches. I would suggest looking at the Kali Linux list of scanning tools, and either running Kali on a machine you have laying around, or use it with docker. If one of these scanners actually crashes the TV, that is ironically a great sign for your purposes.
If the TV has been connected to the internet, and you aren't able to find any vulnerabilities, it might be worth keeping it off the internet for a while to give some time for new vulnerabilities to pop up. That does require a long-term commitment to this project, but it's not like you can't use the TV. I don't connect mine to the internet ever anyway, because I don't want it spying on me and I hate its ads and crappy built-in software. I just use it with a Chromecast with Google TV and good old HDMI.
Depending on what you want to do, it's also worth going thoroughly through the menu and looking for any sort of developer or debug options. Sometimes these menus are very hidden, requiring on occasion weird keyboard incantations in order to even appear as options, but once you get these enabled you can connect using tools like ADB or SSH, and get a shell on the machine.
All in all, good luck! It sounds like a very fun project. It's a shame we don't live near each other because this sounds like a fun weekend project :-)
Philips were actually enormously helpful. I just called them up (well, after going to a TV repair shop, picking the guy’s brains, and getting the number from him), got through to their technical service dept, got them to send me the full service engineer manual, schematics and all, and they were happy for me to quiz them on likely root causes - like, the guy I spoke to a few times seemed genuinely excited that someone was actually trying to repair a TV, and correctly pointed me in the direction of a group of oscillators, one of which had a blown cap. Fixed the thing.
Lived on the wall of our office for a decade until it fell off one day. On me. There’s karma.
Plasmas are great on someone else’s power connection.
Still miss it, but probably miss the $5k I shelled out for it.
If you're going to hack on an OLD TV or microwave, please don't unless you know what you're doing. If you're still going to continue, at least unplug it for over 24+ hours before cracking it open. Those capacitors may still be charged and will not tickle.