hey.. you is really defected ? this is thread about nagravision not NDS !!
Nagra Hex block Decryption
- Thread starter fes_786
- Start date
- Status
hey.. you is really defected ? this is thread about nagravision not NDS !!
dreambox2011
Inactive User
- Joined
- Mar 27, 2017
- Messages
- 5
- Reaction score
- 0
hi bro I'm looking for me need
this is you problem... for why you not used official box ? for home use this is best way for you.. or you need this for commercial use ?
dreambox2011
Inactive User
- Joined
- Mar 27, 2017
- Messages
- 5
- Reaction score
- 0
hi bro free I want to watch on a device dreambox808 se or a different brand
there is a module in my hand nds 092b turksat caid dsmart
there is a module in my hand nds 092b turksat caid dsmart
dreambox2011
Inactive User
- Joined
- Mar 27, 2017
- Messages
- 5
- Reaction score
- 0
hi bro I want cccam or oscam to look like in this regard, please help need oscam cak7 all caid kart work version
dreambox2011
Inactive User
- Joined
- Mar 27, 2017
- Messages
- 5
- Reaction score
- 0
don't have anyone to help me , the Grand Masters please I'm looking for knowledgeable hearted
Benfica200
DW Member ++
- Joined
- Dec 1, 2013
- Messages
- 280
- Reaction score
- 220
If it's like mine, you will not find them in plaintext, you'll find them in a second block on the ram but they're also encrypted!
89 00 00 00 84 00 00 00----->ECK
Last edited:
Thanks for trying to help!
I have not found anything in the ram yet.
One person told me that there is 5 cmd that extracts the cpukey from bcm7358, it wants to sell for 700 $, does it even exist?
I have telnet open, can I copy / dev / mem dev / urandom / dev / random / dev / kmem
A good question for professionals:
My block 0000016c in "bga24" is encrypted by a key!
This key decrypts the block and sends it to ram and then decrypts with ird + idea + xor!
The question is?
The key that decrypts the block 0000016c in bga24 is the cpukey?
And i have the info for cpu register:
_BUFFER_SIZE] =
{
0x00000010,
0x00000088,
0xABCDEF00,
0xD455AA2B, / SESSION_SET_VICH_REG
My CFE have:
00 00 02 08
00 00 00 10
00 00 00 98
AB CD EF 00
F8 55 AA 07
78 9A 00 94
00 00 00 01
00 01 05 01
0 x F8 55 AA 07 / SESSION_SET_VICH_REG how to send this cmd in telnet ?
I have not found anything in the ram yet.
One person told me that there is 5 cmd that extracts the cpukey from bcm7358, it wants to sell for 700 $, does it even exist?
I have telnet open, can I copy / dev / mem dev / urandom / dev / random / dev / kmem
A good question for professionals:
My block 0000016c in "bga24" is encrypted by a key!
This key decrypts the block and sends it to ram and then decrypts with ird + idea + xor!
The question is?
The key that decrypts the block 0000016c in bga24 is the cpukey?
And i have the info for cpu register:
_BUFFER_SIZE] =
{
0x00000010,
0x00000088,
0xABCDEF00,
0xD455AA2B, / SESSION_SET_VICH_REG
My CFE have:
00 00 02 08
00 00 00 10
00 00 00 98
AB CD EF 00
F8 55 AA 07
78 9A 00 94
00 00 00 01
00 01 05 01
0 x F8 55 AA 07 / SESSION_SET_VICH_REG how to send this cmd in telnet ?
Benfica200
DW Member ++
- Joined
- Dec 1, 2013
- Messages
- 280
- Reaction score
- 220
You have any cmd like, poke or mw?
Benfica200
DW Member ++
- Joined
- Dec 1, 2013
- Messages
- 280
- Reaction score
- 220
Humm, maybe dd cmd done job...
I have :
dd and hexdump !
# cat /proc/cpuinfo
system type : BCM7346B2 STB platform
processor : 0
cpu model : Broadcom BMIPS5000 V1.1 FPU V0.1
BogoMIPS : 868.35
cpu MHz : 1305.025
wait instruction : yes
microsecond timers : yes
tlb_entries : 64
extra interrupt vector : yes
hardware watchpoint : no
ASEs implemented :
shadow register sets : 1
core : 0
VCED exceptions : not available
VCEI exceptions : not available
processor : 1
cpu model : Broadcom BMIPS5000 V1.1 FPU V0.1
BogoMIPS : 651.26
cpu MHz : 1305.025
wait instruction : yes
microsecond timers : yes
tlb_entries : 64
extra interrupt vector : yes
hardware watchpoint : no
ASEs implemented :
shadow register sets : 1
core : 0
VCED exceptions : not available
VCEI exceptions : not available
dd and hexdump !
# cat /proc/cpuinfo
system type : BCM7346B2 STB platform
processor : 0
cpu model : Broadcom BMIPS5000 V1.1 FPU V0.1
BogoMIPS : 868.35
cpu MHz : 1305.025
wait instruction : yes
microsecond timers : yes
tlb_entries : 64
extra interrupt vector : yes
hardware watchpoint : no
ASEs implemented :
shadow register sets : 1
core : 0
VCED exceptions : not available
VCEI exceptions : not available
processor : 1
cpu model : Broadcom BMIPS5000 V1.1 FPU V0.1
BogoMIPS : 651.26
cpu MHz : 1305.025
wait instruction : yes
microsecond timers : yes
tlb_entries : 64
extra interrupt vector : yes
hardware watchpoint : no
ASEs implemented :
shadow register sets : 1
core : 0
VCED exceptions : not available
VCEI exceptions : not available
Benfica200
DW Member ++
- Joined
- Dec 1, 2013
- Messages
- 280
- Reaction score
- 220
F*** that my busybox is vunerable!
Kaon Box...
BusyBox v1.2.1 (2009.08.14-06:03+0000) multi-call binary
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
vulnerable
this is a test
Kaon Box...
BusyBox v1.2.1 (2009.08.14-06:03+0000) multi-call binary
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
vulnerable
this is a test
dockmur
Inactive User
Does anyone have a dump of cs*t fr 1811 to study??
thanks
thanks
dockmur
Inactive User
I will search rsa mods
Enviado desde mi iPhone utilizando Tapatalk
Enviado desde mi iPhone utilizando Tapatalk
- Status
