Had 3 each, rom 10 a24 's glitched into like this.........

FFF6F6F6F6F6F6F6F6F6F6FFF6FFFFFFF6F6F6F6F6F6F6F6F6 FFFFFFFFF6F6F6FFF
now we will try 0C36 delay
FFFF6F6F6F6F6F6F6F6F6FFF6F6FFF6F6FFFFF6F6F6F6F6F6F 6F6FFFFFFFFFFF6F6FFFFF6F6F6F6F6F6F6F6F6F6FFFFFFFFF FFFFFF6F6F6F83
*********** we hit our bug *************
1200078303
===========================================
83 was hit at 0C36 delay ----VCC WAS 23
TX Data : 0A 15 A3 21 92 00 B3 0E 03 85 00
RX Data : 0A 06
RX Data : 12 92 00 80 21
***************************
* A24 CAM should be OPEN *
* test in Nagra to see. *
* if not, try again. *
***************************
Script D:\Rom10\A24unlocker\A24UNLOCKER\A24-StreamORchecksumlocked fast .XVB Transmission Completed


Popped all three rom 10 card with my nexus,I did'nt know why password aabbccdd or deadbeefbaadf00d would not
unlock. this is where it is now.
I did not attempt to do the other cards....but,saved the bin on this cam.
Clean card did not finish sucessfully.



Data editor reads
Backdoor key 0 ff 21 93 3c 2c 29 e3 5c Will one of these unlock cam?
75 46 7f 34 fb 3c 1c df
'' '' 1 b4 43 b2 8f b5 f1 52 21
82 6b 3e 81 7d 05 6a dc
'' '' 2 f3 ad 06 42 5d 15 43 9c
a1 58 fe 67 b1 4f 99 b9
'' '' 3 ff f6 f3 a6 9b 8d 68 b8
c3 df a4 ec 8f 1f fd 05

dataspace address d0 00
revision level 52 65 76 41 31 36
cam ID 00 XX XX XX
decrypt keys
verify key 56 bf 16 b8 44 85 04 cf or is this the key?
ird info box keys 2f db f0 a0 af XX XX Xx
ird nbr 02 20 6f 6c

opening of COM2 was successful
ATR String: 3F FF 95 00 FF 91 81 71 A0 47 00 44 4E 41 53 50
30 31 30 20 52 65 76 41 31 36 4D
ROM Revision: 010
EEPROM Revision: RevA16
ProviderID: 00
CamID: 00 XX Xx Xx
Using BD3 Key: 4E 69 70 50 45 72 20 49 73 20 61 20 62 75 54 74
Attempting to login to BD3
BackDoor login verified
Dumping Dataspace
Using BD0 Key: FF 21 93 3C 2C 29 E9 5C 75 46 7F 34 FB 3C 1C DF
Attempting to login to BD3
Attempting to login to BD0
BackDoor login verified
Dumping CodeSpace
Reading ROM10 successful
Card read successfully
Efficiency: 82.3%, Packets: 141, Retries: 25, Time: 40.51s
Closing of COM2 was successful



I guess what I'am looking for is a Nagra step by step guide or where to set new password, etc etc .
I have instruction to reprogram a programmed cam.


Thanks
DaKazman

Had 3 each, rom 10 a24 's glitched into like this.........

FFF6F6F6F6F6F6F6F6F6F6FFF6FFFFFFF6F6F6F6F6F6F6F6F6 FFFFFFFFF6F6F6FFF
now we will try 0C36 delay
FFFF6F6F6F6F6F6F6F6F6FFF6F6FFF6F6FFFFF6F6F6F6F6F6F 6F6FFFFFFFFFFF6F6FFFFF6F6F6F6F6F6F6F6F6F6FFFFFFFFF FFFFFF6F6F6F83
*********** we hit our bug *************
1200078303
===========================================
83 was hit at 0C36 delay ----VCC WAS 23
TX Data : 0A 15 A3 21 92 00 B3 0E 03 85 00
RX Data : 0A 06
RX Data : 12 92 00 80 21
***************************
* A24 CAM should be OPEN *
* test in Nagra to see. *
* if not, try again. *
***************************
Script D:\Rom10\A24unlocker\A24UNLOCKER\A24-StreamORchecksumlocked fast .XVB Transmission Completed


Popped all three rom 10 card with my nexus,I did'nt know why password aabbccdd or deadbeefbaadf00d would not
unlock. this is where it is now.
I did not attempt to do the other cards....but,saved the bin on this cam.
Clean card did not finish sucessfully.



Data editor reads
Backdoor key 0 ff 21 93 3c 2c 29 e3 5c Will one of these unlock cam?
75 46 7f 34 fb 3c 1c df
'' '' 1 b4 43 b2 8f b5 f1 52 21
82 6b 3e 81 7d 05 6a dc
'' '' 2 f3 ad 06 42 5d 15 43 9c
a1 58 fe 67 b1 4f 99 b9
'' '' 3 ff f6 f3 a6 9b 8d 68 b8
c3 df a4 ec 8f 1f fd 05

dataspace address d0 00
revision level 52 65 76 41 31 36
cam ID 00 XX XX XX
decrypt keys
verify key 56 bf 16 b8 44 85 04 cf or is this the key?
ird info box keys 2f db f0 a0 af XX XX Xx
ird nbr 02 20 6f 6c

opening of COM2 was successful
ATR String: 3F FF 95 00 FF 91 81 71 A0 47 00 44 4E 41 53 50
30 31 30 20 52 65 76 41 31 36 4D
ROM Revision: 010
EEPROM Revision: RevA16
ProviderID: 00
CamID: 00 XX Xx Xx
Using BD3 Key: 4E 69 70 50 45 72 20 49 73 20 61 20 62 75 54 74
Attempting to login to BD3
BackDoor login verified
Dumping Dataspace
Using BD0 Key: FF 21 93 3C 2C 29 E9 5C 75 46 7F 34 FB 3C 1C DF
Attempting to login to BD3
Attempting to login to BD0
BackDoor login verified
Dumping CodeSpace
Reading ROM10 successful
Card read successfully
Efficiency: 82.3%, Packets: 141, Retries: 25, Time: 40.51s
Closing of COM2 was successful



I guess what I'am looking for is a Nagra step by step guide or where to set new password, etc etc .
I have instruction to reprogram a programmed cam.


Thanks
DaKazman
kinda lost me there.
at a16 the cam is unlocked. when a cam gets locked, its in the proggy u used, or it is streamlocked by charlie. streamlock needs popping. if the card has an image u placed on it, thats where the password is set.

I did load a dc2 onto cam, that dc2 is what is posted above. so would the password be one of the listed? these were on the data editor page and I left them their after I wrote dc2.

Backdoor key 0 ff 21 93 3c 2c 29 e3 5c Will one of these unlock cam?
75 46 7f 34 fb 3c 1c df
'' '' 1 b4 43 b2 8f b5 f1 52 21
82 6b 3e 81 7d 05 6a dc
'' '' 2 f3 ad 06 42 5d 15 43 9c
a1 58 fe 67 b1 4f 99 b9
'' '' 3 ff f6 f3 a6 9b 8d 68 b8
c3 df a4 ec 8f 1f fd 05

dataspace address d0 00
revision level 52 65 76 41 31 36
cam ID 00 XX XX XX
decrypt keys
verify key 56 bf 16 b8 44 85 04 cf or is this the key?

Could it be, backdoor not present?

In nagra get this msg after read card
Opening of COM2 was successful
ATR String: 3F FF 95 00 FF 91 81 71 A0 47 00 44 4E 41 53 50
30 31 30 20 52 65 76 41 31 36 4D
ROM Revision: 010
EEPROM Revision: RevA16
ProviderID: 00
CamID: 00 XX XX XX - changed
Using BD3 Key: 4E 69 70 50 45 72 20 49 73 20 61 20 62 75 54 74
Attempting to login to BD3
BackDoor login verified
Dumping Dataspace
Using BD0 Key: FF 21 93 3C 2C 29 E9 5C 75 46 7F 34 FB 3C 1C DF
Attempting to login to BD3
Attempting to login to BD0
BackDoor login verified
Dumping CodeSpace
Reading ROM10 successful
Card read successfully
Efficiency: 87.2%, Packets: 141, Retries: 18, Time: 34.54s


Info
free space in the data space appears to be corrupt
would you like to attempt to fix this by consolidating the free space? Yes / No

Is the card streamed locked or what?

It didnt quite copy correctly


C000: D7 C8 E0 11 30 E7 80 00 29 00 00 00 00 00 00 FF | ×Èà.0ç€.)......ÿ
C010: FF FF FF FF FF FF FF FF FF FF FF FF 0A 01 F5 00 | ÿÿÿÿÿÿÿÿÿÿÿÿ..õ.
C020: 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C030: 00 00 00 00 00 00 00 00 00 FF 00 00 00 00 00 00 | .........ÿ......
C040: FF 21 93 3C 2C 29 E9 5C 75 46 7F 34 FB 3C 1C DF | ÿ!“<,)é.uF.4û<.ß
C050: B4 43 B2 8F B5 F1 52 21 82 6B 3E 81 7D 05 6A DC | ´C².µñR!‚k>...jÜ
C060: F3 AD 06 42 5D 15 43 9C A1 58 FE 67 B1 4F 99 B9 | ó..B].Cœ¡Xþg±O™¹
C070: FF F6 F3 A6 9B 8D 68 B8 C3 DF A4 EC 8F 1F FD 05 | ÿöó¦›.h¸Ãߤì..ý.
C080: D0 00 52 65 76 41 31 36 00 E9 29 C0 00 00 27 05 | Ð.RevA16.é)À..'.
C090: 0D 0B 0D 38 79 1D 26 29 23 12 00 00 0F 54 54 68 | ...8y.&)#....TTh
C0A0: 06 00 4E 69 70 50 45 72 20 49 73 20 61 20 62 75 | ..NipPEr Is a bu
C0B0: 54 74 20 6C 69 43 6B 65 52 21 45 71 F6 01 9A D8 | Tt liCkeR!Eqö.šØ
C0C0: 5D 86 02 03 00 00 00 2E FF 7F 7F E3 00 FF FF FF | ]†......ÿ..ã.ÿÿÿ
C0D0: 00 00 29 40 41 C1 DA 81 F3 C1 D3 8A 83 C1 ED 89 | ..)@AÁÚ.óÁÓŠƒÁí‰
C0E0: 9B C1 F3 5F 26 C1 F9 5F 4A C2 0F 82 2A C2 32 99 | ›Áó_&Áù_JÂ.‚*Â2™
C0F0: DE C2 2A 00 00 00 00 00 00 00 00 00 00 00 00 00 | ÞÂ*.............
C100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C1D0: 00 00 00 A6 08 B7 64 CC 81 F3 4F 5F E7 40 D7 01 | ...¦.·dÌ.óO_ç@×.
C1E0: 30 D7 02 20 D7 03 00 5A 26 F2 CC 40 41 9B CD 8A | 0×. ×..Z&òÌ@A›ÍŠ
C1F0: 83 9A 81 9B CD 89 9B 9A 81 88 B6 52 C7 01 E9 B6 | ƒš.›Í‰›š.ˆ¶RÇ.é¶
C200: 53 C7 01 EA B6 59 C7 01 EB 84 10 7F CC 5F 26 CD | SÇ.ê¶YÇ.ë„..Ì_&Í
C210: 5F 4A 3D FF 2A 13 88 C6 01 E9 B7 52 C6 01 EA B7 | _J=ÿ*.ˆÆ.é·RÆ.ê·
C220: 53 C6 01 EB B7 59 84 11 7F 81 96 5A 5A AD 2A CC | SÆ.ë·Y„...–ZZ.*Ì
C230: 99 DE C6 03 A0 CA 03 A1 CA 03 A2 27 03 CC 99 86 | ™ÞÆ..Ê.¡Ê.¢'.Ì™†
C240: 96 01 7F 07 AD D0 CD 41 C5 20 0B D6 03 01 A4 FC | –....ÐÍAÅ .Ö..¤ü
C250: A1 40 26 02 AD 03 CC 82 2A D6 03 06 A1 99 26 42 | ¡@&...Ì‚*Ö..¡™&B
C260: D6 03 07 A1 A1 25 3B A1 D0 22 37 25 30 D6 03 0B | Ö..¡¡%;¡Ð"7%0Ö..
C270: C7 01 E7 D6 03 0C C7 01 E8 5F 20 07 C6 01 E8 5C | Ç.çÖ..Ç.è_ .Æ.è.
C280: 5C 5C 5C C3 C0 A1 27 13 D1 C0 D6 26 F2 C6 01 E7 | ...ÃÀ¡'.ÑÀÖ&òÆ.ç
C290: D1 C0 D3 26 E7 D6 C0 D5 C7 01 E5 20 05 A6 9A D7 | ÑÀÓ&çÖÀÕÇ.å .¦š×
C2A0: 03 07 81 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C2B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C2C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
C2D0: 00 00 00 00 00 00 00 00 00 00

cleaned card again
everything good, up and running in 301-13 single tsop