Nagra Hex Block Decryption Research

viperx32cwpk · Jun 2, 2021

cobramostar said:
i can't understand how tivusat card can't receive ecm maybe the problem is in the construction of the ecm being sent to the card ? ? ?

Modifies Vicam-ecm and Works very well

#define MODULE Vicam _LOG_PREFIX "ecm"

#include "globals.h"

#include "cscrypt/md5.h"

#include "module-anticasc.h"

#include "module-cacheex.h"

#include "module-led.h"

#include "module-stat.h"

#include "module-webif.h"

#include "module-ird-guess.h"

#include "module-cw-cycle-check.h"

#include "module-gbox.h"

#include "vicam-cache.h"

#include "vicam-chk.h"

#include "vicam-client.h"

#include "vicam-config.h"

#include "vicam-ecm.h"

#include "vicam-garbage.h"

#include "vicam-failban.h"

#include "vicam-net.h"

#include "vicam-time.h"

#include "vicam-lock.h"

#include "vicam-string.h"

#include "vicam-work.h"

#include "reader-common.h"

#include "module-cccam-data.h"

#include "vicam-hashtable.h"

#include "vicam-xxxxxxxxx.h"

format_ecm(ers, buf, ECM_FMT_LEN1);

J..... · Jun 8, 2021

what a shit this vicam ? when it works for you " wery well " do jou have dcwpk for provider 5411 ? I do not believe

leandrotsampa · Jun 10, 2021

Hi guys, anybody already know how dCWPK is generated (on receiver or card)?

There is a lot of false or just useless information that goes nowhere, but anyway this is what I discovery and tested for now about CAK6.3 and CWPK.

Need send NUID to CMD2A to can receive CW (crypted by 3DES), without this no CW is received in some or all HD channels.
This is a example of CMD2A:
A0 CA 00 00 1E 2A 1C 00 FF FF FF FF 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 22 11 42

A0 CA 00 00 => Header
1E => All Size without Header
2A => Command
1C = > Data Size
00 => ?? (not know)
FF FF FF FF => NUID
00 08 => OTP-CSC (maybe?)
00 00 => OTA-CSC (maybe?)
00 00 00 00 00 00 00 00 => ?? (not know)
00 00 00 00 00 00 00 00 => ?? (not know)
00 => ?? (not know)
22 11 => Provider ID
42 => Expected Response Size

After a lot of tests I discovery:
CWPK only change if NUID is changed.
OTP-CSC or OTA-CSC needs to be filled to enable CWPK, if both are 00 not will enable CWPK.
Change Provider ID or fill ?? data with random values not make any differ in CWPK.

All tests were performed on a DNASP142 RevG13

terrestrial · Jun 10, 2021

Check public keyladder documents, it contains examples.

leandrotsampa · Jun 10, 2021

Yes I already checked, but I think is missing more info.

terrestrial · Jun 10, 2021

What info are you missing? The eCWPK is usually in the 97 block in the flash in case of OTP-CSC. Or it uses OTA-CSC then the eCWPK is broadcasted on a 18FE stream. The card only gets the nuid of the receiver and instructions what to do within the ECM, you've already got the command, maybe you can check the HD+ explanation. The SoC has the keyladder mechanism and ofcourse a rootkey.

Benfica200 · Jun 10, 2021

Thi

leandrotsampa said:
Hi guys, anybody already know how dCWPK is generated (on receiver or card)?

There is a lot of false or just useless information that goes nowhere, but anyway this is what I discovery and tested for now about CAK6.3 and CWPK.

Need send NUID to CMD2A to can receive CW (crypted by 3DES), without this no CW is received in some or all HD channels.
This is a example of CMD2A:
A0 CA 00 00 1E 2A 1C 00 FF FF FF FF 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 22 11 42

A0 CA 00 00 => Header
1E => All Size without Header
2A => Command
1C = > Data Size
00 => ?? (not know)
FF FF FF FF => NUID
00 08 => OTP-CSC (maybe?)
00 00 => OTA-CSC (maybe?)
00 00 00 00 00 00 00 00 => ?? (not know)
00 00 00 00 00 00 00 00 => ?? (not know)
00 => ?? (not know)
22 11 => Provider ID
42 => Expected Response Size

After a lot of tests I discovery:
CWPK only change if NUID is changed.
OTP-CSC or OTA-CSC needs to be filled to enable CWPK, if both are 00 not will enable CWPK.
Change Provider ID or fill ?? data with random values not make any differ in CWPK.

All tests were performed on a DNASP142 RevG13

You card is for Claro BR?

leandrotsampa · Jun 10, 2021

terrestrial said:
What info are you missing? The eCWPK is usually in the 97 block in the flash in case of OTP-CSC. Or it uses OTA-CSC then the eCWPK is broadcasted on a 18FE stream. The card only gets the nuid of the receiver and instructions what to do within the ECM, you've already got the command, maybe you can check the HD+ explanation. The SoC has the keyladder mechanism and ofcourse a rootkey.

The doc is a good example how keyladder works on STB but not is all, the 97 block is where the NUID and 8 cwpk is crypted and stored.
The know methods to decrypt involve gain access to the SO and intercept or re-write some function, or use peek/pook in some STI models.
But the really method to encrypt/decrypt 97 block is unknow.

But in card is differ, you only need send NUID and will generate dCWPK in any card of the same operator.

leandrotsampa · Jun 10, 2021

Benfica200 said:
Thi

You card is for Claro BR?

Yes

Benfica200 · Jun 10, 2021

leandrotsampa said:
The doc is a good example how keyladder works on STB but not is all, the 97 block is where the NUID and 8 cwpk is crypted and stored.
The know methods to decrypt involve gain access to the SO and intercept or re-write some function, or use peek/pook in some STI models.
But the really method to encrypt/decrypt 97 block is unknow.

But in card is differ, you only need send NUID and will generate dCWPK in any card of the same operator.

To be honest, direct your attack to the STB and not the smartcard (if you have the budget for it) then you can try...

leandrotsampa · Jun 10, 2021

Benfica200 said:
To be honest, direct your attack to the STB and not the smartcard (if you have the budget for it) then you can try...

Yes I'm on this path, but without budget

The tests on card is only for check.

Benfica200 · Jun 10, 2021

leandrotsampa said:
Yes I'm on this path, but without budget
The tests on card is only for check.

heheh, this like use nuid+sysid+others values and secret algorithm...

leandrotsampa · Jun 10, 2021

Benfica200 said:
heheh, this like use nuid+sysid+others values and secret algorithm...

Probably yes, I'm thinking if cwpk result not is some data crypted by this internal key generated.
I already tryied a lot of combinations of know methods, including methods used to pairing card, but no success.

I need find a old STB with possibility to gain SO access to intercept/change/decrypt values.
I think if can get the 8 dCWPK with NUID and DUMP, maybe is possible determine a standard to calculate CWPK direct from NUID.

braza · Jun 19, 2021

If you want.
I can leave your BCM receivers all open.
kkkkkkkkkkkkk

CFE, Telnet, kernel you can try your luck.
Claro Brazil.

leandrotsampa · Jun 19, 2021

braza said:
If you want.
I can leave your BCM receivers all open.
kkkkkkkkkkkkk

CFE, Telnet, kernel you can try your luck.
Claro Brazil.

This is very great my friend, I already have some knowledge for intercept calls and change data in the process. I will send pm.

adas · Jun 19, 2021

BSP log welcome

Cau Adas

pachecoso · Jul 16, 2021

schwarzekatze said:
you are wrong 110 is sti k6 and 142 is sti k7

142 is k7 ? OMG you need to upgrade yourself a little more about cards and tell me how the processor of this card dnasp 142 can handle k7 you can make work the impossible...... it will never go past k6.3.... its impossible and limited by hardware.
any dnasp 142 will not switch to merlin.....

schwarzekatze · Jul 16, 2021

pachecoso said:
142 is k7 ? OMG you need to upgrade yourself a little more about cards and tell me how the processor of this card dnasp 142 can handle k7 you can make work the impossible...... it will never go past k6.3.... its impossible and limited by hardware.
any dnasp 142 will not switch to merlin.....

dont understand what you mean
st19 k7 st19k7na series cpu have been implemented by nagra in all aladin dnasp 142 also in r240 american smartcards
yours merlin switching or whatever else you could imagine have completly nothing to do with cpu embebedded in todays nagra smartcards

todays merlin smartcards equipped with atmel is just mediaguard license matter
to avoid paying twice for atmel and st nagra stopped using st products just after they bought mediguard systems and its agreements with atmel company

schwarzekatze · Jul 16, 2021

https://cfp.recon.cx/media/The_ROM_...ling_bits_-_Chris_Gerlinsky_-_Recon_2019.pdf#

ST19 smartcard ROM ● Scrambled, implant ROM ● (no problem) ● Checkerboard patterns in bits are visible ● K5 series: 8 columns ● 8 bit output ● K7 series: 16 columns ● Can see patterns repeated 2x 8 bits wide ● Expecting 8 bit output ● Row order swapped in chunks of 4 or 8 ● Bit order not 0-7 ● Bytes out of order within columns Used in: pay TV, transportation payment, printer cartridges, access cards

schwarzekatze · Jul 16, 2021

ooops seems there will be new 4k nagra provider in poland with latest rom450 smartcard and longer ecm:

1870:

8030 A605A400 34625D129F349B4D54FCBF66EF0CD5A506123D2EFA4C4A81646668AC5B82CF17ED98AE90B4AD159C9ADF76D4FCBE5E6A7C43690B0D31A508633ABC74E8093B3232FF09C737DD36639D9B31A5DBB9EEB9077A45E4E062D2AD64950E35371AE37D37EF3894E40F10DBF1A56463D5456C67B696BE21E207CBDE1CC9AA3B28C9F5F0F968AA177E42F466CBF5F9F260FCC9BDB11B54B2139F66281C297246DE82093384E848
8130 A605A400 FF1E7B046BCB84A030AE865C09B38A02501FDA961FF72E5986AB24804B3E973BE6ACC3B1783F57AC73653CAA04EAAD4CCBB6C1943BB0B840FFA42FAAB7C4D2FD3AFA6372842C501C8BE89A5062AC6295F09D1A8EBC73252A9CC4BF2C9EDAEE3DB15951FF337B7E648E24C7B368E99ABE9343F1C214DD05BA865115A7DDE2A14B9818DF261F775EC328FFB3412EFA3C98F84F5430A0E6FA2DB2292AA9A238280538A41E

8030 (A6 len). (05:nano payload). A4

ayload len 00 we have also new nano 05 there

Nagra Hex Block Decryption Research

DW Member ++

Member ++

Member

Inactive User

Member

Inactive User

DW Member ++

Member

Member

DW Member ++

Member

DW Member ++

Member

Member

Member

DW Member +

DW Member +

Member

Member

Member

Similar threads

We value your privacy