Will There Be a new Emu For Ireland?

slim19198 said:
OMG, that is the most info i have ever seen in one post
Click to expand...

I like to do the odd techy post once in a while. It keeps the old braincells from ozyfying.

Excellent post nozzer, too bad nearly all of it was over my head
Click to expand...

Study it for a while and maybe ask some questions. You may realise that its not as far over your head as you think it is
 
If the example would haveB8 A7/ B7 A7 instead of B8 AF/ B7 AF. I would be able to understand it.
 
Great post nozzer. It's after getting me thinking again! hehe
 
mgb said:
If the example would haveB8 A7/ B7 A7 instead of B8 AF/ B7 AF. I would be able to understand it.
Click to expand...

Substitute whatever values you like, my example Emm was purely fictional and just for use as a teaching aid.

If you want to understand the real Emm's then you need to capture/aquire them and work from there. If the real Emm's bear any resemlance whatsoever to my example then its purely coincidental.
 
Last edited:
so what we need is an emu that rewrites a new keyline where each digit is correct to 2 out of the 3 roms

how easy or hard is that to do . . .
 
nozzer said:
Substitute whatever values you like, my example Emm was purely fictional and just for use as a teaching aid.

If you want to understand the real Emm's then you need to capture/aquire them and work from there. If the real Emm's bear any resemlance whatsoever to my example then its purely coincidental.
Click to expand...

As far as I understand your example you point at the wrong memory allocation.
21 is located at A7.
 
mgb said:
As far as I understand your example you point at the wrong memory allocation.
21 is located at A7.
Click to expand...

Well spotted !

Even I screw up occasionally ;)


Edit: ok, corrected I think. You may find more errors if you look closely though !
 
Last edited:
It looks like I understand the new keyroll now.
You simply need the wrong key from a evocamd rom7 auto update and only the fifth byte has to be xored with 8.
Time for windows calculator in scentific mode and switching the thing to hex.
 
mgb said:
It looks like I understand the new keyroll now.
You simply need the wrong key from a evocamd rom7 auto update and only the fifth byte has to be xored with 8.
Time for windows calculator in scentific mode and switching the thing to hex.
Click to expand...

Bear in mind that my example isn't necessarily the same as the real keyrolls and that each of the six keyroll emm's are themselves different.

There are 2 keyrolls for each card type (Rom7/10/11). A standard keyroll and a signature swapped keyroll.

The signature swapped ones are for the later revision cards (cant remember exactly but I think it may be > RevA38) where the Emm decryption algorithm is a little different (the 8 byte signature is swapped with part of the 64 byte Emm payload after stage1 decryption - hence the name SigSwapped)

If you are going to apply fixes based on any particular keyroll then you need to make sure that you are actually dealing with the results of the correct keyroll
 
You must log in or register to reply here.

Similar threads

O
    • Like
Microsoft to cease all support for older MS Office versions
Replies
0
Views
104
Oggiman
O
alimac
Arc for Windows is a beautiful and unique web browser, on the inside and out, and it's available for download now
Replies
0
Views
90
alimac
alimac
G
Receiver choice advice
2
Replies
33
Views
611
Gedwal
G
Trabbs
Amazon Fire TV Help please - Firestick setup?
Replies
9
Views
302
Trabbs
Trabbs
Fangface
After a new tv
2
Replies
37
Views
1K
sneaker
sneaker
Back
Top