Page 4 of 4 FirstFirst 1234
Results 61 to 66 of 66

Thread: Sellers cards

  1. #61
    Administrator
    admin's Avatar
    Join Date
    Jan 2008
    Location
    Victoria
    Age
    56
    Posts
    31,150
    Thanks
    2,238
    Thanked 13,731 Times in 5,823 Posts
    Rep Power
    4552
    Reputation
    165805

    Default

    Agreed , knock it off xonia or I will remove you. If you want to know why they dont work , try using the search button to read why , not to ask why.



  • #62
    Junior Member
    Join Date
    Jun 2009
    Location
    East Gippslnd
    Age
    61
    Posts
    137
    Thanks
    9
    Thanked 1 Time in 1 Post
    Rep Power
    185
    Reputation
    12

    Default Silver

    While all you guys are in on this topic
    anyone have a quick way of editing or resetting the ATR and the ATascCII in CRD window FMCARD
    THATs all I need
    Mick

  • #63
    Senior Member gw1's Avatar
    Join Date
    Jan 2008
    Location
    Hobart
    Posts
    957
    Thanks
    49
    Thanked 608 Times in 213 Posts
    Rep Power
    267
    Reputation
    1901

    Default

    No. For most cards the ATR is fixed in code, never changing. The intended purpose of ATR is for cards to declare their communication format, clock and voltage requirements. The ATR allows general-purpose hosts to accommodate some card variation.

    DVB Conditional Access smartcard emulators have traditionally just reproduced verbatim the ATR of the provider card they're mimicking. In such cases you could change the ATR if you wanted by editing the hex or binary files, or perhaps the CRD script, but in practice there was never any reason to. Unless there was a problem with the emulation code, changing the ATR would either have no effect or reduce compatibility.

    As you're asking about silver and FMCard, I imagine in your case you're having problems writing GhostSilver or AusGold to your card. The solution to your problem isn't to find some way of editing the ATR, it's to program the files properly. The reason your ATR isn't correct is because you haven't programmed the files correctly. You should keep reading until you understand better what needs to be done, then experiment patiently. It typically takes newcomers several weeks of patient reading and experimentation before they get things to work, at which point they look closely at what they did, write it down, and by further study understand what they were doing wrong. It's no different to learning things at tech college or university: by reading and patient experimentation you learn; if you copy off someone else you'll get it to work faster but won't learn as much.

    In recent times some emulators, such as Gamma, have multiple ATRs during their lifecycle. The ATR changes depending on what commands and key files have been given to it. In theory a card that supports multiple roles or personalities could do this legitimately so it interoperates with different equipment that expects particular ATRs. In practice though the only reason Gamma did it was to impersonate other cards in order to avoid interception by customs, ie to conceal its true identity.

  • The Following 2 Users Say Thank You to gw1 For This Useful Post:

    OSIRUS (05-07-09),thatslife (05-07-09)

  • #64
    Junior Member nathj's Avatar
    Join Date
    Jan 2008
    Location
    somewhere over the rainbow
    Posts
    200
    Thanks
    18
    Thanked 5 Times in 3 Posts
    Rep Power
    204
    Reputation
    36

    Default

    Quote Originally Posted by mortsamis View Post
    Yeah, we just need a setup like Tarnovsky's..

    thats great but once you have logged all the data off the card how the hell would you compile it

  • #65
    Senior Member gw1's Avatar
    Join Date
    Jan 2008
    Location
    Hobart
    Posts
    957
    Thanks
    49
    Thanked 608 Times in 213 Posts
    Rep Power
    267
    Reputation
    1901

    Default

    That link's broken now, try .

    Reversing organisations have experience with a bunch of cores and know how to recognise them and where their best tapping points - just as experienced tourists know the best places for food and accommodation in cities they've visited. One of the first steps is to get the processor to cycle through its code space from start to finish, often by jamming its instruction decoder to . That gives not only the algorithm but attack vectors for tricking it into reading out its secure NVRAM, which sometimes is hard to probe directly.

    Plenty has been written about bus probing, too much to cover on this thread, but if you search with google you'll find tons of papers to read. A lot of work has been done in the last decade to combat those techniques, eg bus encryption, burying or sandwiching the buses under other metal layers with tripwire logic, photosensitive triggers etc. Countermeasures were in turn developed to defeat those protections, in particualar disabling the programming voltage generators. For most of us though it's just an interesting story. Fuming only gets you so far, the fun doesn't start until you have access to expensive probing facilities.

  • The Following User Says Thank You to gw1 For This Useful Post:

    nathj (05-07-09)

  • #66
    Junior Member nathj's Avatar
    Join Date
    Jan 2008
    Location
    somewhere over the rainbow
    Posts
    200
    Thanks
    18
    Thanked 5 Times in 3 Posts
    Rep Power
    204
    Reputation
    36

    Default

    Quote Originally Posted by gw1 View Post
    That link's broken now, try .

    Reversing organisations have experience with a bunch of cores and know how to recognise them and where their best tapping points - just as experienced tourists know the best places for food and accommodation in cities they've visited. One of the first steps is to get the processor to cycle through its code space from start to finish, often by jamming its instruction decoder to . That gives not only the algorithm but attack vectors for tricking it into reading out its secure NVRAM, which sometimes is hard to probe directly.

    Plenty has been written about bus probing, too much to cover on this thread, but if you search with google you'll find tons of papers to read. A lot of work has been done in the last decade to combat those techniques, eg bus encryption, burying or sandwiching the buses under other metal layers with tripwire logic, photosensitive triggers etc. Countermeasures were in turn developed to defeat those protections, in particualar disabling the programming voltage generators. For most of us though it's just an interesting story. Fuming only gets you so far, the fun doesn't start until you have access to expensive probing facilities.
    thanks for the tips gw iv been looking for a new project to sink my teeth into, i use to be an electronics tech so iv got the digital scope, and now im an industrial chemist the stripping down of the chip should be a peice of piss, its just the interpretation of the code where ill strugle, think ill start with a goldy

  • Page 4 of 4 FirstFirst 1234

    Bookmarks

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •