*Update* Further investigation

See my previous post: https://tickett.wordpress.com/2011/05/25/hacking-sky-anytime/

I couldn’t help but start some investigating…

I installed WinPcap, Cain & EffeTech HTTP Sniffer in a virtual machine and got cracking

Firstly, I had to enable ARP poisoning in Cain

You can find your sky box’s ip address by pressing services -> 0 -> 6 from the sky remote
Add to the list then start APR
Now from EffeTech HTTP Sniffer configure then start sniffing

Cool- so it’s using plain ‘old HTTP…
I tried a few of the .jpg links and it worked aok: http://cdn.sky.com/60445/bsky_skymovies/BOX_COVER/bsky_skymovies-THUM0000000000071243-20110518154138.jpg (note here I tried from both a sky broadband connection and from a non-sky connection and both worked (does this suggest you may be able to use anytime+ without sky broadband? Hmm…)
Unfortunately when I tried the .nff or .oecm- In Google Chrome I get “Error 6, file not found” and in Internet Explorer/Firefox I get a prompt for credentials (which I can’t seem to decipher from the sniffer logs). I also tried spoofing the User-Agent but that didn’t seem to help either.

That’s about the limit of my investigative skills- so I’ll have to hope others will take it further.