technical thread on MOSC's and reacent EMM

is the emm still in the stream?

ive been dumping the image of my opos every half hour looking for C020: to be marked and its still all 0s..

when it went down on monday C020: was marked with a 6 and ive don minimal changes to the image hoping to narrow down what the emm is looking for but with no luck so far..
 
i killed a card early this morning so i would assume its here to stay.
 
no normally it stays on for max 10 mins.

I was just experimenting as i have a working card just need the tier information for setanta and prem+ and i have all possible channels.
 
i have had one running for a few hours but i think its the family pack so i need tiers moivies sport and porn mutv celtic and rangers
 
thecableguy12 said:
i have had one running for a few hours but i think its the family pack so i need tiers moivies sport and porn mutv celtic and rangers
Click to expand...

Hi here are few sports channel nthell area*****

sly sport 1 and 2

ird status: 00
rights id: 9898E3
min: 010F
max: 0110

sk sports 3

ird status: 00
rights id: 000124
min: 0115
max: 0115
 
the otp is one time programmable memory in card ..... i think

been reading the note pads from this thread in the rar file

http://www.digitalworldz.co.uk/forums/101144-how_code_rom_10_blocker.html#post712168

according to one of the note pads we can block the cc from marking the otp
by using a blocker

so if the cards a virgin card with 00 at otp and we code a blocker to stop otp marking then we will have a advantage over the cc and their killer emm would be useless becuause the killer emm only strikes if the otp is marked with a 6? 4 or 2

but if the otp is 00 then cards work perfect because subbed cards otp = 00

could some 1 add more input please becuase i dont understand the code or how it works just barely gettin to grips with visual basic6..lol

but from that .rar file i think we can block out the killer emm or otp mark

this is what i think after reading the notepads and some of the threads
 
edcase said:
I think its rubbish.
There is no way they could recover the card from them loops remotely. And once the OTP is set its set for life. Im not saying that theres no way around the problem of having a marked OTP - but in this case if your OTP contains 06 then the card is most probably already dead lol.

edcase
Click to expand...

I would say that was 100% but I have seen it today with my own eyes.
Went over to matey in Tw land this eve for a beer and to do him a fun he is a mid package subbed subscriber but the box is is just on the feed behind tvnot even connected to the tv.
When i said to him why he had not connected up his subbed box since Monday he said he never thought of that so I did it for him.Well you can now guess where i am going he had only FTA channels with the stupid message pop up on every channel saying the card was dislodged..
I had the card in my infinity in a flash and NO ATR on the subbed card so I told him to fone TW and he did and I must say well quick compared to NTL.
TW Instructed him to turn box off then on and put on channel 120 leave box on that channel untill the error message clears then turn off/on again.To my utter amazement after reboot he was up and running.Read card again just to satisfy myself and A86,couldnt dump card blah blah......
So is it at all possible even remotely possible that they have somehow found away of giving the card the appearance that it has no atr.?
Guys n GAls as totaly far fetched this may seem I would not have believed this if i was reading this posted by someone else but I did witness this today....
 
It is NOT possible to ressurect a card with no ATR in this manner. The box simply will not initiate communications until the card has returned an ATR after a reset and will time out and power down the card slot after a second or two. This is basic ISO card protocol !

The way the Killer Emm hooks into the reset vector turns the card into a brainless moron. The cc's cannot use the so called "front door" keys because the card no longer understands how to process ANY commands. Even if the box was turned into a fully fledged glitcher (not very likely) it would still have trouble undoing the damage caused.

If a card has been reset remotely then it must of been able to generate an ATR. Its likely that the card had just been out of stream so long that it was missing keys/updates !

btw, I suspect that the cc's may be keeping a note of subscribers that request these hits because, in most cases, they are coming from people who are re-connecting subbed boxes that haven't been connected for a while. Thats pretty unusual activity for something you are paying for !
 
Last edited:
what if the cards arn't truely no atr or invalid atr

what if its some type of blocker that they designed and put in with the emm

so it only responds to there sepecial key and nothing else?
 
fes_786 said:
what if the cards arn't truely no atr or invalid atr

what if its some type of blocker that they designed and put in with the emm

so it only responds to there sepecial key and nothing else?
Click to expand...

Its easy enough to disassemble the payload from the Emm and see the code that it inserts into the card !

If there were any form of key they had embedded to undo the damage it would of hit the forums 10 minutes after the Emm went live !

The cc's obviously know what we can do with these cards and have made it so that its next to impossible to repair them. They intended to kill them and that is exactly what they have done !
 
Last edited:
IAmATeaf said:
What I don't understand is if that area is one time programmable then how is the emm able to update from 2 to 4 then 6? Doesn't make sense to me cause one that bit has been set you'd think that it couldn't update/write to it again.
Click to expand...

OTP memory is memory where each bit is like a fuse. Once you blow the fuse for any bit there is no going back.

In this case the memory normally shows its bits as being 0 but when the fuse is blown it will show the bits as 1.

The "One time" name applies to the individual bits, not the bytes. This means that once a bit is blown you can still change the byte by blowing any other bit in the byte until the byte is at $FF. For OTP memory its probably easier to think of the 32 byte array as an array of 256 individual bits (or fuses).

btw, the OTP doesn't update from 2 to 4 to 6. It moves either from 2 to 6 (by the 4 bit getting set) or from 4 to 6 (by the 2 bit getting set) !
 
Last edited:
nozzer said:
It is NOT possible to ressurect a card with no ATR in this manner. The box simply will not initiate communications until the card has returned an ATR after a reset and will time out and power down the card slot after a second or two. This is basic ISO card protocol !

The way the Killer Emm hooks into the reset vector turns the card into a brainless moron. The cc's cannot use the so called "front door" keys because the card no longer understands how to process ANY commands. Even if the box was turned into a fully fledged glitcher (not very likely) it would still have trouble undoing the damage caused.

If a card has been reset remotely then it must of been able to generate an ATR. Its likely that the card had just been out of stream so long that it was missing keys/updates !

btw, I suspect that the cc's may be keeping a note of subscribers that request these hits because, in most cases, they are coming from people who are re-connecting subbed boxes that haven't been connected for a while. Thats pretty unusual activity for something you are paying for !
Click to expand...

This is something i cannot work out my p-aid for box is always running in my kids room so is always turned on so is fulkly updated.

now when they did the hit my paid for box went down and at that point when i check it i pulled it out and i am waiting for my logger to come so i can log if i can what they send to the box to update it,

is there a way they will know i am logging this box to see what they are sending if so i will not do this.

but my box is fully updated and still have the error. if we do find out what they are sending to the card to fix this problem would there then be a way to find out how to fix some of the cards that they hit.

or is this a waste of time

SexyBitch
 
SexyBitch said:
This is something i cannot work out my p-aid for box is always running in my kids room so is always turned on so is fulkly updated.

now when they did the hit my paid for box went down and at that point when i check it i pulled it out and i am waiting for my logger to come so i can log if i can what they send to the box to update it,

is there a way they will know i am logging this box to see what they are sending if so i will not do this.

but my box is fully updated and still have the error. if we do find out what they are sending to the card to fix this problem would there then be a way to find out how to fix some of the cards that they hit.

or is this a waste of time

SexyBitch
Click to expand...

this is exactly what i was discussing with SK the other night on msn

im waitin on a logger 2 from a kind member from here

but if they do send a emm to it then sk said if we get a log of it then we can find out what they are sending that particular card to make it work
they wont find out that u got a logger hooked up because it only captures what they are sending

but SK said if we can get the emm they send and then clone the cam id of that card and then try to send it again to a cloned card (after its been hit ) we could then experiment with them emm and possibly adapt it for the other cards wich are supposed to be dead

he said we can glitch through the first bug catchers but after that is were the problem is because i think the card wont understand what were sending

but if u log the emm on that card please let SK know

he is dying for that log

lol

well good job u thought of that 2
 
fes_786 said:
this is exactly what i was discussing with SK the other night on msn

im waitin on a logger 2 from a kind member from here

but if they do send a emm to it then sk said if we get a log of it then we can find out what they are sending that particular card to make it work
they wont find out that u got a logger hooked up because it only captures what they are sending

but SK said if we can get the emm they send and then clone the cam id of that card and then try to send it again to a cloned card (after its been hit ) we could then experiment with them emm and possibly adapt it for the other cards wich are supposed to be dead

he said we can glitch through the first bug catchers but after that is were the problem is because i think the card wont understand what were sending

but if u log the emm on that card please let SK know

he is dying for that log

lol

well good job u thought of that 2
Click to expand...

Great i am just waiting for the logger to come i hope it gets here tomorrow in the post and as soon as i get it i will try and log it for you and hope it helps
this is why when i saw the box the way it was i turned it off

Sexy
 
i was informed by an employer of nthell that as of 8.30 lastnight , they had finished what they were doing !! Can anyone verify this ? probably just another rumor like
 
You must log in or register to reply here.

Similar threads

eon
    • Like
ND$ EMM Breakdown
Replies
0
Views
3K
eon
eon
D
Technical topic solo2 clone (please only technical talk)
11 12 13 14
Replies
271
Views
52K
albeixon
A
Mick
IPTV Quality - HD Satellite Streaming English and Scottish Premier League Games
Replies
16
Views
12K
GIO
GIO
totalgenius
Number of children blackmailed into webcam sex acts increasing, says report
Replies
7
Views
1K
D 8 RCS
D 8 RCS
skinz
A look at how we have impacted our world over the last 30 years "Explore the World"
Replies
0
Views
1K
skinz
skinz
Back
Top