clive58
Inactive User
When you say "ive got my atm mega cards back up " have you just enterd the current keys or have you altered the code?
Clive.
cw funs down?
- Thread starter justintime
- Start date
When you say "ive got my atm mega cards back up " have you just enterd the current keys or have you altered the code?
Clive.
sorry lads cant see why the fix is not working should work .?. but if u had used the file i posted a while back which contained mulie rolls on the fun card would not have when off .
but here it is again for cw tryed and works if i get the chance will try the atmega again .
but if some one else wants to put this in the code .[
CODE]
; Cargar en ram MODULO 64
ldi ZH,high( MOD5A01 << 1 )
ldi ZL,low ( MOD5A01 << 1 )
rcall INC_Z_R16_SIPROV41
"put this code in here in emm decrypt.
lds r16, CLAVE
sbrc r16,3
sbiw ZL, 32
sbrc r16,3
sbiw ZL, 32
and enable the sig/swap here
; interchange with the HASH??
We see it in bit 5 of keyselect:
lds r16, CLAVE
sbrs r16, 5 < uncommenting here ;\Killing this makes the sig swap fixed to NO sigswap independant of keyselect.
;nop ;/
;rjmp EMMDEC_NO_INTER
[/CODE]
plus dont forget to put the keys for it in cw keys just before MOD5A01:
should bypass the bad emm and you the good rom 10 emm
here are the keys .
as i said should work if any one knows why not let me know please
here is the fix for fun .
michael
but here it is again for cw tryed and works if i get the chance will try the atmega again .
but if some one else wants to put this in the code .[
CODE]
; Cargar en ram MODULO 64
ldi ZH,high( MOD5A01 << 1 )
ldi ZL,low ( MOD5A01 << 1 )
rcall INC_Z_R16_SIPROV41
"put this code in here in emm decrypt.
lds r16, CLAVE
sbrc r16,3
sbiw ZL, 32
sbrc r16,3
sbiw ZL, 32
and enable the sig/swap here
; interchange with the HASH??
We see it in bit 5 of keyselect:
lds r16, CLAVE
sbrs r16, 5 < uncommenting here ;\Killing this makes the sig swap fixed to NO sigswap independant of keyselect.
;nop ;/
;rjmp EMMDEC_NO_INTER
[/CODE]
plus dont forget to put the keys for it in cw keys just before MOD5A01:
should bypass the bad emm and you the good rom 10 emm
here are the keys .
Code:
You don't have permission to view the code content. Log in or register now.as i said should work if any one knows why not let me know please
here is the fix for fun .
michael
But I can't see where you have fixed the EMM decryption bug in the optimization of stage 1.
The bug is NOT related to the sigswap code ... that would just avoid the issue for now.
What would happen if they stopped transmitting pre-sig swapped keyrolls? (And I wish they would!)
You would only have one set to work on - if that was affected by the maths bug then your stuffed.
The bug is NOT related to the sigswap code ... that would just avoid the issue for now.
What would happen if they stopped transmitting pre-sig swapped keyrolls? (And I wish they would!)
You would only have one set to work on - if that was affected by the maths bug then your stuffed.
Last edited:
Saniflow
Inactive User
- Joined
- Mar 16, 2005
- Messages
- 108
- Reaction score
- 0
hi guys, i have a funcard in manchester ex cw area. the card isnt updating but a friend of mine who's card i programmed is and he lives only minutes from me. Is this down to signal strength?
ive tried most of the things in this thread, ie. putting on channel 110 etc but nothing.
do i need to manually insert the key1? if so, would anyone be kind enough to pm it to me?
ps will the cards update next time or will keys need to be added every time they roll?
ive tried most of the things in this thread, ie. putting on channel 110 etc but nothing.
do i need to manually insert the key1? if so, would anyone be kind enough to pm it to me?
ps will the cards update next time or will keys need to be added every time they roll?
Well I have tested my private atmega with the RSA bug fixed on LIVING (110) and it rolled just fine.
I wonder ... the odds of a keyroll been affected by this bug is 1 in 16
What are the odds of both pre sig swap and post sig swap EMM's been affected by it
I think this bug definatly needs to be fixed.
Come on any takers ... I've given enough hints as to it's wareabouts.
STAGE1 in an OPTIMIZATION routine....
I wonder ... the odds of a keyroll been affected by this bug is 1 in 16
What are the odds of both pre sig swap and post sig swap EMM's been affected by it
I think this bug definatly needs to be fixed.
Come on any takers ... I've given enough hints as to it's wareabouts.
STAGE1 in an OPTIMIZATION routine....
- Joined
- Nov 17, 2004
- Messages
- 2,634
- Reaction score
- 68
ok ive found what is after stage 1
it is here: https://www.digitalworldz.co.uk/showpost.php?p=640984&postcount=88
now, stage 1 must be the pattern matching code. so there is a problem with that.
am i along the right track hackmax? also, that atmega challenge is making a good read, i advise all to read and learn
it is here: https://www.digitalworldz.co.uk/showpost.php?p=640984&postcount=88
now, stage 1 must be the pattern matching code. so there is a problem with that.
am i along the right track hackmax? also, that atmega challenge is making a good read, i advise all to read and learn
Last edited by a moderator:
- Joined
- Nov 17, 2004
- Messages
- 2,634
- Reaction score
- 68
aha i think im onto something here hackmax: https://www.digitalworldz.co.uk/showpost.php?p=641063&postcount=112
Last edited by a moderator:
- Joined
- Nov 17, 2004
- Messages
- 2,634
- Reaction score
- 68
Whoa!! Okay, i have been reading the whole thread. So i have to deal with the ---- MP is M stuff?
What you said will actually make more sense to me when i do the challenge myself. I think im gonna put a hold on revision this weekend and do the challenge.
Also, the thread only deals with keyroll type 5, what happened to keyroll type 6? I recall it being mentioned earlier in the thread, but i thought that keyroll 5 dealt with key 0 and key 1.
What you said will actually make more sense to me when i do the challenge myself. I think im gonna put a hold on revision this weekend and do the challenge.
Also, the thread only deals with keyroll type 5, what happened to keyroll type 6? I recall it being mentioned earlier in the thread, but i thought that keyroll 5 dealt with key 0 and key 1.
- Joined
- Nov 17, 2004
- Messages
- 2,634
- Reaction score
- 68
Alrite mate, i have the nagra faq file and a few more. im sure i can really get my teeth into this.
i hope i beat everyone to it
Is it the Nagravision FAQ as attached?
Hmm.. having trouble attaching to this post.. so just including links..
Code:
You don't have permission to view the code content. Log in or register now.
Code:
You don't have permission to view the code content. Log in or register now.
Last edited:
Dbox8
Inactive User
oh dear not this stoopid barkley multiplier situ again!!
maybe decrementing r16 in a certain situ may help
SK
dec·re·ment means .......
1. the act or process of decreasing; gradual reduction.
2. the amount lost by reduction.
3. Mathematics. a negative increment.
4. Physics. the ratio of amplitudes of a damped harmonic motion in the course of two successive oscillations.
:licka:
I give up on you's all
You all thick a feck ( apart from SK )
Here's the RSA fix - Decrypt1.asm
I am so disappointed none of you even got the right code section.
Oh well ... Roll on N2
You all thick a feck ( apart from SK )
Here's the RSA fix - Decrypt1.asm
Code:
You don't have permission to view the code content. Log in or register now.I am so disappointed none of you even got the right code section.
Oh well ... Roll on N2
Last edited:
jumpinjo
Inactive User
