Thread: keyroll emm and the fix (code it ur self)
View Single Post
   
cable satellite consoles Old 1st December 2008, 16:31   #125 (permalink)
cydine_
Senior Member +++
 
cable satellite consoles cydine_'s Avatar
 
Join Date: Nov 2005
Location: /tmp
Posts: 350
Downloads: 4
Uploads: 0
Thanks: 0
Thanked 1 Time in 1 Post
cable satellite consoles cydine_ is a glorious beacon of lightcable satellite consoles cydine_ is a glorious beacon of lightcable satellite consoles cydine_ is a glorious beacon of lightcable satellite consoles cydine_ is a glorious beacon of light
Re: keyroll ecm and the fix (code it ur self)
Quote:
Originally Posted by Donnie Darko cable satellite consoles View Post
Is step 2 done using hex editor,is there a way to search for BD 81? i've opened the rom10 disassem but i'm struggling at this point.

Its like trying to get on a carousel at the right point,lol.Probably a distinct possibility i'm pissing in the wind also.
Yeah, no need for a disassembler at any stage in this process.

The disassembled listings for all the roms are in the nagra coding package. All you need is notepad to write your code and a hex editor to patch the roms.

Open the rom 10.lst in your text editor and search for a jsr EMMBUFF01. This is the point where the keyroll is executed.

2 lines above this is the call we need to change. Change the CD 74 27 to CD XX XX where XX XX is the location of your patch code.
cable satellite consoles cydine_ is offline                  
Quote Post