no it did have have a bad dataspace but ran it through script and it apprantley fixed it but when i try and read through nagra or xncs it wont read just says bd3 login failed or card may hve update or disabled ,does not matter anyway but was fun getting datspace back lol,,
no it did have have a bad dataspace but ran it through script and it apprantley fixed it but when i try and read through nagra or xncs it wont read just says bd3 login failed or card may hve update or disabled ,does not matter anyway but was fun getting datspace back lol,,
Just out of curiosity, has anyone checked what the otp tag area shows at c022 on a repaired card.
Cheers, I probably should have loaded the script and read the haeder first. I just wasn't sure about stopping the card getting killed right away again as i thought otp would be marked as 06.
If the card was one that went to datapointer is bad in november when it executed the killer emm sequence then $C022 will be marked 06. This is the flag that will trigger the killer EMM to execute again even if the card is re-written with an image that passes the current checks. If your card is marked with 06 then it will require a blocker of some description, either to prevent the killer emm from executing, or preventing it from writing the kill into codespace.
This script will also repair some "dataspace pointer is bad" cards that did not take the killer emm but were somehow corrupted by glitching. Note I said some - if it gives the 6900 response to the D7 (backdoor blocked) then it wont work. If it gives the 6300 (incorrect password) then it will work.
edcase
when you say c022 is this it in the eeprom
C020: 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 this is from a card that reported cam date failed ran it through the data pointer fix and is ok is there any way to remove this flag or do you need a blocker image for it hope im not sounding a bit thick thanks : colors1
Hi guys-I have just run this card through and it repaired it. It wasn't a card hit but one that was screwed up prob by myself sometime ago. When read now it gives the OTP area as below-is this still OK to use or will it give problems?
C020: 03 BF 74 00 F4 3D 00 00 00 00 00 4E 69 70 50 45
Thanks
Hi mate,
You will need to use a blocker on that card as $C022 is marked in way that will trigger the kill if you fail the tier ID check.
Your $C022 is currently 74 - 01110100
As you can see bit2 is set to 1 so it is effectively marked as 04 - 00000100
If you fail the tierID check now it will get the 02 mark added (set bit1) which even normal subbed cards get and your $C022 will then look like this 01110110 - this value gets a logic and operation performed on it with 06 - 00000110 and the result will be 06 - the card will be fryed.
You could add the tierID that the emm looks for and prevent the 02 mark but I would use a blocker to be sure.
edcase
EDIT: Also lol @ the start of the nipper string in the OTP: 4E 69 70 50 45
Guess that must have been caused by some serious crazy glitching
The delays that I have been using are:
Rom 10: from &h0B36
Rom11: from &h11E5
edcase
We use essential cookies to make this site work, and optional cookies to enhance your experience.