latest rom11 file

dabs

Inactive User
Joined
Feb 1, 2005
Messages
603
Reaction score
0
hi all
anyone tell me the best/latest rom11 file to use or pure ntl with 4001 box and infinityusb
cheers
 
dabs said:
hi all
anyone tell me the best/latest rom11 file to use or pure ntl with 4001 box and infinityusb
cheers


try this one m8
 
garrytate cheers for the quick reply :Clap:
 
just a couple of quickies witch way does the bk go in and is that file ok for revB52
cheers
 
dabs said:
just a couple of quickies witch way does the bk go in and is that file ok for revB52
cheers

i find it will work anyway
if u write the file with nagraedit 4 it will change the rom to rom11 bo4
 
think i fooked the card opened with nagra4.1 edited bk and ird wrote to card twice came back with
Opening of COM1 was successful
ATR String: 3F FF 95 00 FF 91 81 71 A0 47 00 44 4E 41 53 50
30 31 31 20 52 65 76 42 35 32 4F
ROM Revision: 011
EEPROM Revision: RevB52
ProviderID: 5C
CamID: 27 78 C2 45
Using BD3 Key: 4E 69 70 50 45 72 20 49 73 20 61 20 62 75 54 74
Attempting to login to BD3
BackDoor login verified
Dumping Dataspace
Error sending BackDoor 0 EMM
Write error encountered, attempting to restore original decrypt keys
ProviderID: 5C
CamID: 27 78 C2 45
Attempting to login to BD3
Decrypt keys successfully restored
Reading ROM11 failed
Closing of COM1 was successful
is it lost or is there a way to wipe it clean or is it locked out
 
dabs said:
is it lost or is there a way to wipe it clean or is it locked out

Looks like you have unrestricted access to the data space so you should be able to write records etc in RomStudio etc. Whichever image you've used though appears to of locked all access to the code segment. Judging by the revision of B52 I would guess its an adaptation of a US blocker

If it is a blocker then you can study the bugcatchers and probably find a way in - they normally leave some form of backdoor
 
Reboot your pc , and run 4.1 again see if that helps.

If not

Your backdoor key's will be in the blank image you have used to write to your card.

Cheers Garry
 
hi b
wrote to the card then tried to read it and got this reply
Opening of COM1 was successful
ATR String: 3F FF 95 00 FF 91 81 71 A0 47 00 44 4E 41 53 50
30 31 31 20 52 65 76 42 30 31 49
ROM Revision: 011
EEPROM Revision: RevB01
ProviderID: 5C
CamID: 27 78 C2 45
Using BD3 Key: 4E 69 70 50 45 72 20 49 73 20 61 20 62 75 54 74
Attempting to login to BD3
Unable to login, bad password detected
Using BD3 Key: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Attempting to login to BD3
Unable to login, bad password detected
Using BD3 Key: 88 88 88 88 88 88 88 88 88 88 88 88 88 88 88 88
Attempting to login to BD3
Unable to login, bad password detected
Using BD3 Key: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Attempting to login to BD3
Unable to login, bad password detected
Using BD3 Key: 88 88 88 88 88 88 88 88 88 88 88 88 88 88 88 88
Attempting to login to BD3
Unable to login, bad password detected
Login attempt aborted
Reading ROM11 failed
Closing of COM1 was successful
checked the file i used for bd keys
C000: 4F F4 20 0A 38 F3 8D 00 26 00 00 00 00 00 00 FF | Oô .8ó..&......ÿ
C010: FF FF FF FF FF FF FF FF FF FF FF FF 0B 01 F4 00 | ÿÿÿÿÿÿÿÿÿÿÿÿ..ô.
C020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C040: 88 88 88 88 88 88 88 88 88 88 88 88 88 88 88 88 | ˆˆˆˆˆˆˆˆˆˆˆˆˆˆˆˆ
C050: 88 88 88 88 88 88 88 88 88 88 88 88 88 88 88 88 | ˆˆˆˆˆˆˆˆˆˆˆˆˆˆˆˆ
C060: 88 88 88 88 88 88 88 88 88 88 88 88 88 88 88 88 | ˆˆˆˆˆˆˆˆˆˆˆˆˆˆˆˆ
C070: 88 88 88 88 88 88 88 88 88 88 88 88 88 88 88 88 | ˆˆˆˆˆˆˆˆˆˆˆˆˆˆˆˆ
C080: D0 00 52 65 76 42 30 31 20 05 24 35 14 DB 27 05 | Ð.RevB01 .$5.Û'.
C090: 0D 0B 0D 38 79 1D 26 29 23 12 00 00 0F 54 54 68 | ...8y.&)#....TTh
C0A0: 01 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C0B0: 00 00 00 00 00 00 00 00 00 21 45 71 F6 01 9A D8 | .........!Eqö.šØ
C0C0: 5D 86 02 03 00 00 00 2E FF 1F BC EF 1F 17 33 07 | ]†......ÿ.¼ï..3.
C0D0: 00 00 29 99 63 C1 DA 00 00 00 00 00 00 00 00 00 | ..)™cÁÚ.........
C0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C1D0: 00 00 00 01 95 12 01 CC 99 E9 A6 08 CC 99 64 00 | ....•..Ì™é¦.Ì™d.
C1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C210: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C220: 00 00 00 0
whitch are the keys and how do i enter them into nagra to open the bd
cheers
 
Try this m8.... might work???

C040: F9 DB DE 81 17 ED 9C 81 B6 F7 0D 46 D5 49 42 04
 
how do i enter the keys into nagra
cheers for your help guys
 
silly me its obvious how to put the keys in doh
tried the one above but no joy
 
1. open xncs go to settings tick all the boxes and dump the card.
2. go to eeprom tab and take note of c040 and c070 (probably the same as nagra).
3. open rom studio click settings and phoenix and try to read the card.
4. box should appear saying ghost not found do u want to use nagra method, say yes.
5. login bd0 will appear put in the numbers found in xncs without the spaces.
6. if it reads the card save the image.
7. try to read in nagra if u can read it you can put a blank image on it then start from scratch with your new image.


Taken from Crackerchalk's mosc tutorial
 
Last edited:
Yet another example of why you should never trust an image that has backdoor keys modified in any way. People who do this kind of thing rarely have even an inkling of what they are actually doing !

There is absolutely NO REASON to EVER modify backdoor keys or the Nipper string. Its a total waste of time as the cable co's never use backdoors to log into a card. They would be insane to even try such a thing !
 
nozzer said:
Yet another example of why you should never trust an image that has backdoor keys modified in any way. People who do this kind of thing rarely have even an inkling of what they are actually doing !

There is absolutely NO REASON to EVER modify backdoor keys or the Nipper string. Its a total waste of time as the cable co's never use backdoors to log into a card. They would be insane to even try such a thing !

Totally agree ....... why would they use the back door when they can go in via the front door ......
 
Larcher said:
1. open xncs go to settings tick all the boxes and dump the card.
2. go to eeprom tab and take note of c040 and c070 (probably the same as nagra).
3. open rom studio click settings and phoenix and try to read the card.
4. box should appear saying ghost not found do u want to use nagra method, say yes.
5. login bd0 will appear put in the numbers found in xncs without the spaces.
6. if it reads the card save the image.
7. try to read in nagra if u can read it you can put a blank image on it then start from scratch with your new image.


Taken from carwash's mosc tutorial


Credit canot go to me as I dint write that Tut m8”! I think you meant Crackerchalk
 
Back
Top