technical thread on MOSC's and reacent EMM

ByteMaster said:
well here is were i am at now

C020: 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00

Dont know what to look 4 is this a login, date problem?

Any definate answers to what this byte is marking?
Click to expand...
it iks marking the otp read only if that had been a 6 the killer ecm would have got it

as for the post above that has the 6 in otp
may be the killer didnt get through
2 of my familys have stayed on ??
 
what if we change that byte to somthing else say 08

and write it to a card what would happen??

u think the k ecm would ignore it?
 
and im now getting only 04 so we are both half way there ... lol

PIJ
 
fes_786 said:
what if we change that byte to somthing else say 08

and write it to a card what would happen??

u think the k ecm would ignore it?
Click to expand...

i doubt it , i expect its looking at bits and not bytes

PIJ
 
fes_786 said:
what if we change that byte to somthing else say 08

and write it to a card what would happen??

u think the k ecm would ignore it?
Click to expand...
try it
then read the card
i bet it is back to what it was that is why i said it is read only

there where 3 numbers 2 4 6
2 & 4 where the marks for date in the future not 1 mth and also for the tierbeing to many channels

which one i dont know
6 u shouldnt be able to see cost the card should be dead
as i said may be the killer emm never got through
 
Ok davidh

that 02 byte at otp
what is it thats failling that its marking the card at this point?
Is the above mentioned byte of critical importance i.e could it become a killer.
I am using a tit card to work on this image
Bugcatchers are in place and all other mods removed with a 9 tier channel line up.
Going to put byte at 08 as requested to see what happens.
Finally would this image be safe as things stand to put to a real mosc for testing with the otp area with this byte marked?

Thanks...

edit this is what it now shows after programming with thr byte at 08

C020: 00 00 0A 00 00 00 00 00 00 00 00 00 00 00 00 00
 
Last edited:
Looks like each emm that does the checking increase the number by 2. What I don't understand is if that area is one time programmable then how is the emm able to update from 2 to 4 then 6? Doesn't make sense to me cause one that bit has been set you'd think that it couldn't update/write to it again.
 
IAmATeaf said:
Looks like each emm that does the checking increase the number by 2. What I don't understand is if that area is one time programmable then how is the emm able to update from 2 to 4 then 6? Doesn't make sense to me cause one that bit has been set you'd think that it couldn't update/write to it again.
Click to expand...

maybe because they got the front door key??

looks like we need to use a crow bar to force the front door open...lol

1 quick Q

coudn't we use a bruteforce method to gain entry into a card through the front door???
 
davidh said:
it iks marking the otp read only if that had been a 6 the killer ecm would have got it

as for the post above that has the 6 in otp
may be the killer didnt get through
2 of my familys have stayed on ??
Click to expand...

1 of my cards gopt the 06 opt david...it befdore had the mark 02 01 in the card so..somehting is going on..as we no
 
IAmATeaf said:
Looks like each emm that does the checking increase the number by 2. What I don't understand is if that area is one time programmable then how is the emm able to update from 2 to 4 then 6? Doesn't make sense to me cause one that bit has been set you'd think that it couldn't update/write to it again.
Click to expand...

Each bit in the OTP can be set from 0 to 1 but not from 1 to 0 ... thats why its OTP. Bear in mind that each byte is 8 bits.
So
02 is 00000010 < if one check fails this happens
and
04 is 00000100 < if the other fails then this happens

You can see if they set both of these bits you end up here:

06 is 00000110 << if you fail both you end up here - and thats what the kill looks for

edcase
 
Last edited:
IAmATeaf said:
Looks like each emm that does the checking increase the number by 2. What I don't understand is if that area is one time programmable then how is the emm able to update from 2 to 4 then 6? Doesn't make sense to me cause one that bit has been set you'd think that it couldn't update/write to it again.
Click to expand...
i didnt say 1 time write i said write only
 
fes_786 said:
maybe because they got the front door key??

looks like we need to use a crow bar to force the front door open...lol

1 quick Q

coudn't we use a bruteforce method to gain entry into a card through the front door???
Click to expand...
we wish m8
the encyription is massive
 
Hiya, I have know got a good working image on a tit 2 but have set the rights date 12 months ahead and working ok but marking the otp with 2 because of the rights date. As previous threads have stated the otp can only increase in value so if we set this to 8 or greater what is the emm,s looking for.
1:A value equal to 6
2:A value greater than 6

Ps: i was thinking about the subbed cards which where knocked and would they only be able to reinstate these cards by increasing the byte to 8
 
Last edited:
Im not sure exactly what its looking for because I still havent seen the EMMS lol. Im sure I will get my F-ing emmstudio working tonight.

But i would guess that it wont be looking for bytes, but rather just looking for bits.
And once the bits are set you cant do anything with them - even though you could set the other bits around it to chnage the byte.

edcase
 
edcase said:
But i would guess that it wont be looking for bytes, but rather just looking for bits.
And once the bits are set you cant do anything with them - even though you could set the other bits around it to chnage the byte.

edcase
Click to expand...

Indeed, the killer looks for specific bits being set in the OTP. Changing the surounding bits will have zero effect !
 
hiya Nozzer, makes sense but could you tell me how subbed cards have been reinstated if these bits are set and can not be undone. How are the cc,s reinstating the subbed cards.
 
Geronimoe said:
hiya Nozzer, makes sense but could you tell me how subbed cards have been reinstated if these bits are set and can not be undone. How are the cc,s reinstating the subbed cards.
Click to expand...


I think its rubbish.
There is no way they could recover the card from them loops remotely. And once the OTP is set its set for life. Im not saying that theres no way around the problem of having a marked OTP - but in this case if your OTP contains 06 then the card is most probably already dead lol.

edcase
 
edcase said:
I think its rubbish.
There is no way they could recover the card from them loops remotely. And once the OTP is set its set for life. Im not saying that theres no way around the problem of having a marked OTP - but in this case if your OTP contains 06 then the card is most probably already dead lol.

edcase
Click to expand...

Ignore my ramblings :)
 
Last edited:
Geronimoe said:
hiya Nozzer, makes sense but could you tell me how subbed cards have been reinstated if these bits are set and can not be undone. How are the cc,s reinstating the subbed cards.
Click to expand...

Telewest have been replacing the cards that went down.
 
You must log in or register to reply here.

Similar threads

eon
    • Like
ND$ EMM Breakdown
Replies
0
Views
3K
eon
eon
D
Technical topic solo2 clone (please only technical talk)
11 12 13 14
Replies
271
Views
52K
albeixon
A
Mick
IPTV Quality - HD Satellite Streaming English and Scottish Premier League Games
Replies
16
Views
12K
GIO
GIO
totalgenius
Number of children blackmailed into webcam sex acts increasing, says report
Replies
7
Views
1K
D 8 RCS
D 8 RCS
skinz
A look at how we have impacted our world over the last 30 years "Explore the World"
Replies
0
Views
1K
skinz
skinz
Back
Top