ok i read my rom 102 rev 240 with trex i sent a cmd4 to the card 983E748B4654CA5472F84E6C30B 16A49A4EAEB701410EE654D82CBC9E9B5E24E648CF96A9E176 1A2DF089024C this is

the responce cmd7 45 01 01 86 00 88 46 FE 13 E9 56 82 74 E1 6A 25 B4 75 9A 11 D3 B2 52 EC 50 6A 5C 19 83 E7 48 B4 65 4C A5 47 2F 84 E6 C3 0B 16 A4 9A 4E AE B7 01 41 0E E6 54 D8 2C BC 9E 9B 5E 24 E6 48 CF 96 A9 E1 76 1A 2D F0 89 02 4C then i take the ecm nag 2 decrypter and decrypt this is what i get

28D0E47CACF5475D010112D61CAE1080360101100900C93FBE C64764E18C110900AFD01E9D5EA1D2D100EE791411E649E9BB 620DBEDE33FFABB39AC600738027 then the break down

28D0E47CACF5475D signature
0101 provider id bell
12D61CAE date time present
1080 bitmaps
36 cmd ecm
01 length
0110 id channel
8c cw
11 length
00AFD01E9D5EA1D2 control word session key1bell?
d1 cw
length oo
791411E649E9BB62 control word session key 2 dish?

I take it this is good news. Can somebody comment???

I'm not sure but i thought provider id 0101 was for dish and not bell but it's late and i could be wrong.

0101 = Dish and as far as the above code, well it doesn't take a genuis to see its not an eeprom dump. And session keys will continually be changing. Therefore you have mostly encrypted garbage...

what you did is nothing new...

and new session keys will be released

its not dish i read it off my blue rom 102 card for bell and i used the encryption program to try to get the control words for bell i only saw this done at card coders for 101 not 102 so i tried it for the 102 and thats what i got

its not dish i read it off my blue rom 102 card for bell and i used the encryption program to try to get the control words for bell i only saw this done at card coders for 101 not 102 so i tried it for the 102 and thats what i got
102 cards are not blue they are yellow

Bells 102 cards are blue!

BEV cards are blue.

102 cards are not blue they are yellow
dish is yellow

ok i read my rom 102 rev 240 with trex i sent a cmd4 to the card 983E748B4654CA5472F84E6C30B 16A49A4EAEB701410EE654D82CBC9E9B5E24E648CF96A9E176 1A2DF089024C this is

the responce cmd7 45 01 01 86 00 88 46 FE 13 E9 56 82 74 E1 6A 25 B4 75 9A 11 D3 B2 52 EC 50 6A 5C 19 83 E7 48 B4 65 4C A5 47 2F 84 E6 C3 0B 16 A4 9A 4E AE B7 01 41 0E E6 54 D8 2C BC 9E 9B 5E 24 E6 48 CF 96 A9 E1 76 1A 2D F0 89 02 4C then i take the ecm nag 2 decrypter and decrypt this is what i get

28D0E47CACF5475D010112D61CAE1080360101100900C93FBE C64764E18C110900AFD01E9D5EA1D2D100EE791411E649E9BB 620DBEDE33FFABB39AC600738027 then the break down

28D0E47CACF5475D signature
0101 provider id bell
12D61CAE date time present
1080 bitmaps
36 cmd ecm
01 length
0110 id channel
8c cw
11 length
00AFD01E9D5EA1D2 control word session key1bell?
d1 cw
length oo
791411E649E9BB62 control word session key 2 dish?
also with the 101 on cardcoders the session keys they got from that card for dishnet are clearly different than the 2 session keys i got from a 102 for bell and i was wondering if these are the actual session keys for bell i dont want to argue about what colour the fucking card is mines blue lol so any answers??????????

00AFD01E9D5EA1D2 key 1
791411E649E9BB62 key 2
can somebody test these fta so at least we no dish on roof have to repoint

bev posts from dvbnetworks com:

quote:

Is BEV using CA-1234 instead of CA1810 for the N2 ECM now? S2emu doesn't seem to recognize 1234 as nagra?

. . . .

no 1801 and 1810 are there, the problem is the Header (8e/8f instead of 80/81)

. . . . .

0082: 8E stop ; STOP
0081: 8F wait ; Wait interrupt

. . . . ????

bev posts from dvbnetworks com:

quote:

Is BEV using CA-1234 instead of CA1810 for the N2 ECM now? S2emu doesn't seem to recognize 1234 as nagra?

. . . .

no 1801 and 1810 are there, the problem is the Header (8e/8f instead of 80/81)

. . . . .

0082: 8E stop ; STOP
0081: 8F wait ; Wait interrupt

. . . . ????
not sure what this is about can the mods look at this and see if i have anything or at least am i going the right direction anouther day and im going on the roof to try myself theres been 8000 views and no respectable answer??????

I do not believe that the keys you posted are the ones that are needed.

Find the softcam.key fix for dish and compare what was changed prior to Sep-14-05.

This is the part I believe is missing for BEV.




. . . . . ppl probably do not post if they know the answer, but they will definately post if they think I am wrong, or do not know, or speeelled somethign wrong, or used CAPS, - anthing but help mostly. sorry if previous post did not help direct you.

You may want to look at:

CMD48 and 49

This should give you N2 keys. Look forward to seeing your results

ok working on it now be back few hours

hi guys can someone help me out with a cmd $48 $49 please i cant find them cmds to send to my card does someone have a log from bell with them on 102 rev 240 thanx in advance

Uh these cmd's are used to gain access to 101's. However since the provider 0101 has disabled these cmd's, along with a few others. Advanced coders are working on a bugtable 44 long, with a 4 numbug trap thus numbug=48 . The 4 numbugs set can possibly act as a trap to allow access back into the cam while still disabling these functions.
You need to read read and read @ CC all your questiona have answers there...

I have a sticky flytrap hanging from the roof with a junebug 2 beetlebugs & 6 lighteningbugs...deadbugs=9 I wonder if I can get the keys with that :D :D

I have a sticky flytrap hanging from the roof with a junebug 2 beetlebugs & 6 lighteningbugs...deadbugs=9 I wonder if I can get the keys with that :D :D

I don't think these guys know what they are talking about, my sources tell me we're going to need a chicken leg, eye of newt and a full moon.

You guys are way, WAY OFF!
Everyone knows its done with mirrors and a BIG fuxxin magnet. Sheesh, friggen newbs, LOL



And chewing gum, almost forgot that. ;-)

haha that is funny right there I dont care who you are!

Didn't everyone read that this thread was for serious N2 Advanced technical discussions only. Besides everyone knows that you've got to combine and route the 04 and 08 into the reverse flow kanuder valve to get the correct keys for it to work, man you guys have to read some more.

I have a sticky flytrap hanging from the roof with a junebug 2 beetlebugs & 6 lighteningbugs...deadbugs=9 I wonder if I can get the keys with that :D :D

(I come here 10/15 times a day lookin & waitin for a fix...C'mon People...
I'ma goin CrAzY..)

this is one of your other posts at least im trying to learn not just sitting on my couch waiting for someone else to give it to me you see down the road when i know exactly whats going on your still going to be sat on your couch and no fuck all about nothing who do you thincks going to help your sorry ass then

(I come here 10/15 times a day lookin & waitin for a fix...C'mon People...
I'ma goin CrAzY..)

this is one of your other posts at least im trying to learn not just sitting on my couch waiting for someone else to give it to me you see down the road when i know exactly whats going on your still going to be sat on your couch and no fuck all about nothing who do you thincks going to help your sorry ass then
Hey Cid's a good guy, the only reason he can't focus on the learning issue is because his wife is nagging him since the shutdown of nagra1. Hard to concetrate on the finer points of coding with your wife yelling in your ear to fix the damn tv. Now BTW, no off topic posts will be tolerated in this section, sorry for doing so myself. I just had to stick up for Cid

Hey Cid's a good guy, the only reason he can't focus on the learning issue is because his wife is nagging him since the shutdown of nagra1. Hard to concetrate on the finer points of coding with your wife yelling in your ear to fix the damn tv. Now BTW, no off topic posts will be tolerated in this section, sorry for doing so myself. I just had to stick up for Cid

then i apologize just pissed me off

Sorry if I pissed you off Bud No harm intentended I was just playin..I have a messed up sense of humor :D Ask Crazy1
... its the damn Kids too..LOL Teachers here are on strike & the little buggers wont leave me alone.
Oh crap I might get in trouble for another off topic post...I better think of something quick to countermeasure it...& I already used my flytrap one... ;)

Crazy you been over to CC lately?...Dont throw out your R10/11's yet :)

I have a sticky flytrap hanging from the roof with a junebug 2 beetlebugs & 6 lighteningbugs...deadbugs=9 I wonder if I can get the keys with that :D :D

In a nutshell, a bugcatcher is a software patch to the hardcoded ROM. Since the ROM can't be changed (it's Read Only Memory), Nagra needs a way to introduce software patches... there are points throughout the ROM code where a 'software interrupt' call is made: these are called 'bugcatchers'. The ROM then looks at the 'bug table' in EEPROM, to see if there is any bugcatcher for the interrupt it just hit... if there is a bugcatcher that matches, execution immediately jumps to the 'patch' location in EEPROM (specified by the bugcatcher table) and starts executing that code.

So basically, the code flow goes through the ROM, hits an swi (software interrupt), checks for bugcatchers.. if there is a bugcatcher enabled for that particular swi, the patch code gets executed instead of the ROM code getting executed.

This is how we can patch things like EMM handling, we put a hook in the code where an EMM gets processed, when an EMM comes down it hits that bug and redirects to our code, which can use any number of methods to scan the EMM and make sure it's safe before passing it, or if it's bad, block it. This is the basic concept behind a blocker.

this is for you buddy lol

That was a good simple explaination

The guy that comes here every day looking for a fix. I thing he's on the wrong website or maybe I am. lol Just enjoying the posts.

That was pretty much the easiest explanation I've ever read.......ever. Good job, seriously, I never really understood what a blocker was or how it worked before now. :)

lol yes i like the easy documents makes it much more simpler to understand if anyone has an intrest in assembly let me know i got some good sites and the mods are very helpfull with newb questions pm me if you want to cant upload zips
how come theres no coding section in this site we should have one to so everyone can understand assembly a little?

I through mine in the oven