what exactly is a glitcher?

[agios_menelaos]

Hi all, im a bit of a newbie to all this glitcher programmer talk (t911 and nexus etc). Can someone please explain to me what they are and what they are capable of doing?

Cheers

 

[ice2004]

The original cards that come in boxes (the ones that have NTL or TW etc on them) are ROM cards. These cards are "stream locked" which means you cannot open them and obtain the boxkey and IRD off them without opening them.

To open them you use a glitcher (aka unlooper) which allows you to open them only. After the card is opened you can use a programmer and nagra edit to obtain the required information.

 

[nozzer]

A glitcher can work in a number of ways, the main ones being a clock glitch or a power glitch.

Normally, on a smartcard the clock is a steady frequency (usually between 2.5Mhz and 5Mhz) with an approx 50% duty cycle (high-lo period). A glitch disturbs this clock by inserting a relatively quick pulse (usually at least 5x, often a lot more, the speed of the clock) the idea being to cause corruption to some aspect of the smartcard processors operation.

The power glitch works in a similar way but instead of inserting extra clock pulses the power line (normally a steady voltage) is very quickly removed (or reduced or possibly even increased) and re-applied. Again, the intention being to cause corruption or mis-operation within the smartcard.

Corruption in the processor can take many forms, some possibilities being -

1/ The corruption of the program counter so execution continues from some other program address.

2/ Interfering with an instruction load or decode so the processor see's a different instruction from the one originally intended.

3/ The corruption of processor register contents

4/ The corruption of RAM contents

There are also many other forms of corruption that can cause processor malfunction but the general idea is to corrupt things in such a way that it does things that are beneficial to us - perhaps something like skipping a password check or maybe running some rogue code that has been inserted previously !

 

[charlie senator]

I was going to say that nozzer ! but i thought it might be too simple for him lol !!

 

[kyle]

A glitcher can work in a number of ways, the main ones being a clock glitch or a power glitch.

Normally, on a smartcard the clock is a steady frequency (usually between 2.5Mhz and 5Mhz) with an approx 50% duty cycle (high-lo period). A glitch disturbs this clock by inserting a relatively quick pulse (usually at least 5x, often a lot more, the speed of the clock) the idea being to cause corruption to some aspect of the smartcard processors operation.

The power glitch works in a similar way but instead of inserting extra clock pulses the power line (normally a steady voltage) is very quickly removed (or reduced or possibly even increased) and re-applied. Again, the intention being to cause corruption or mis-operation within the smartcard.

Corruption in the processor can take many forms, some possibilities being -

1/ The corruption of the program counter so execution continues from some other program address.

2/ Interfering with an instruction load or decode so the processor see's a different instruction from the one originally intended.

3/ The corruption of processor register contents

4/ The corruption of RAM contents

There are also many other forms of corruption that can cause processor malfunction but the general idea is to corrupt things in such a way that it does things that are beneficial to us - perhaps something like skipping a password check or maybe running some rogue code that has been inserted previously !

This is great and should be in downloads for all us newbs. I was wondering what the hell this t911 did, now i know - thanks

Actually if you dont mind i'll upload it for the benefit of all.