This may help some of you...
- Thread starter CG121
- Start date
For disassembling the Emm's you will need EmmStudio. The Sosia emulator can also be very useful to actually see what the Emm's are doing.
hmm is it just me or could we possibly code this into e.g. chaos V3 and alter the bits to match this new keyroll method?
and then u have a au fun?
i got a feeling everything is here in this thread to make the flash
with aq bit of testing you should have a working au?
@nozzer if i take a look at the atmega challenge thread are most of the things similar for fun cards?
and then u have a au fun?
i got a feeling everything is here in this thread to make the flash
with aq bit of testing you should have a working au?
@nozzer if i take a look at the atmega challenge thread are most of the things similar for fun cards?
- Joined
- Jan 7, 2007
- Messages
- 1,106
- Reaction score
- 188
welcome to dw CG121 its a bit off topic but just wanna say keep it up m8 i think you will do well on this forum i dont see a lot of new members get in and get there hands dirty from the start well done mate:Clap:
hey coolguy
thanks for joining, coolguy i remember your old opos work and your right it did last 11 months, for those who dont know coolguy needs some respect, guys like him keep this scene alive, and people try commenting on his post count? please grow up
Coolguy i have constructed a patch but i am confused when you say opcodes, do i run both elements as a patch in nagra edit? some light or guidance is appreciated
thanks
paimai
thanks for joining, coolguy i remember your old opos work and your right it did last 11 months, for those who dont know coolguy needs some respect, guys like him keep this scene alive, and people try commenting on his post count? please grow up
Coolguy i have constructed a patch but i am confused when you say opcodes, do i run both elements as a patch in nagra edit? some light or guidance is appreciated
thanks
paimai
done a search for emmstudio but I can't seem to find it could someone point me in the right direction.
Cheers
Over 400 hits on Yahoo. One of em must be a download !
CG121
Inactive User
- Joined
- Jun 1, 2007
- Messages
- 520
- Reaction score
- 113
Try not to confuse the patch with a ROM10 image patch in Nagra Edit.
You are patching the ROM code in the opos flash file (or if you're feeling clever, the register routines)...
I've recently updated my last effort to include the previous register $07 call now. Thats 1 less area in the ROM fucked about with...
CG121
I have uncrypted the Opus flash and have opened it in wordpad this is what I have got:-
:100000000C9573090C955C044F504F500A00020286
:100010001000FFFF8F980F900F900F90189553448A
:100020004B75A8F2FFFFFFFFFFFFFFFFFFFFFFFF82
:10003000E0E01AC0E6E018C0E5E016C0E8E014C051
:10004000E9E012C0EBE010C0ECE00EC0EDE00CC047
:10005000E1E10AC0E2E108C0E4E106C0E5E104C074
:10006000E6E102C0E7E100C00E940C0008950A9595
:10007000F1F70895FA92EA92DA92CA92BA92AA92A3 ect....................
What the next step?
I have uncrypted the Opus flash and have opened it in wordpad this is what I have got:-
:100000000C9573090C955C044F504F500A00020286
:100010001000FFFF8F980F900F900F90189553448A
:100020004B75A8F2FFFFFFFFFFFFFFFFFFFFFFFF82
:10003000E0E01AC0E6E018C0E5E016C0E8E014C051
:10004000E9E012C0EBE010C0ECE00EC0EDE00CC047
:10005000E1E10AC0E2E108C0E4E106C0E5E104C074
:10006000E6E102C0E7E100C00E940C0008950A9595
:10007000F1F70895FA92EA92DA92CA92BA92AA92A3 ect....................
What the next step?
R
rahatahmed
Guest
It might help you
Hi guys
i am a simple man dont know nothing about codes and programing but do kow a bit of linux.
I am using MythTv and its using sasc.ng to generate all the keys and is working solid like always without a slightest problem. I was woundering after reading all the posts in this thread it might be useful for you lot let me know if it is and where to post it.
Cheers
Hi guys
i am a simple man dont know nothing about codes and programing but do kow a bit of linux.
I am using MythTv and its using sasc.ng to generate all the keys and is working solid like always without a slightest problem. I was woundering after reading all the posts in this thread it might be useful for you lot let me know if it is and where to post it.
Cheers
Last edited by a moderator:
- Joined
- Nov 17, 2004
- Messages
- 2,634
- Reaction score
- 68
wots this about then mate? u watching cable on ur linux pc? explain a little more please, sounds interesting
- Joined
- Nov 17, 2004
- Messages
- 2,634
- Reaction score
- 68
- Joined
- Nov 17, 2004
- Messages
- 2,634
- Reaction score
- 68
dude, that last post of yours and this one seem really useful and straightforward, and omg, they actually explain so much in plain english!!Hmmm, time for a hint..
If you wanted to break out of the regular subroutines just prior to your EMM being executed, why not take a peek at $74EC..
Instead of following the jsr instruction, jump to some free space, run all your patches (you can even include the previous keyroll method patch here instead of jumping from $823D...)
If you do include the previous keyroll, you won't need to duplicate the code that was at $823D in your free space, which therefore reduces the patch size allowing more space for future patches
Anyways, once you've jumped from $74EC, don't forget you need to return to it (and if you jump from within your patch to the end, you'll require 2 returns)
Simply use the same opcodes you see in the EMMs posted here to construct a patch, add it to your ROM, encrypt it and bingo
OH & CAN SOMEONE PLEASE MOVE THIS TO THE MAIN FORUM
i think i gotta print off the emm and dump stuff so that i can reference it while you talk through it. but cant do that at the mo.
wots ur background in? in terms of computing i mean
R
rahatahmed
Guest
It might help you
Well Mythtv is a part of Mythbuntu which is a very strong windows rival same as working on Apple its all linux. And as you all know even the boot sector of widows Vista is Linux now and all the boxes are Linux bassed. So to get an answer we have to cunsult The Mother(Linux) If you google Mythbuntu you will find all the info you need its open source and available to everybody. Only problem is, this is not everybody's cup of tea.
Anyways come to the point now inside mythtv is a file which does all the magic its called sasc.ng this recent key madness didn't effect it at all it is so damn powerfull that it modified the rolling keys as well and updating as normal. Now when its come to this point my experties stops cause i do know linex but know nothing about codeing etc. If you guys can get something out of it and can modify it for ur use i will post it where ever you want me to
Bed is calling will take it on tomorrow
Well Mythtv is a part of Mythbuntu which is a very strong windows rival same as working on Apple its all linux. And as you all know even the boot sector of widows Vista is Linux now and all the boxes are Linux bassed. So to get an answer we have to cunsult The Mother(Linux) If you google Mythbuntu you will find all the info you need its open source and available to everybody. Only problem is, this is not everybody's cup of tea.
Anyways come to the point now inside mythtv is a file which does all the magic its called sasc.ng this recent key madness didn't effect it at all it is so damn powerfull that it modified the rolling keys as well and updating as normal. Now when its come to this point my experties stops cause i do know linex but know nothing about codeing etc. If you guys can get something out of it and can modify it for ur use i will post it where ever you want me to
Bed is calling will take it on tomorrow
