Now that we have a little excitement and challange in our lives... Someone (can't remember who) asked me to provide some info on Nagra commands (this is the code in rev updates). So, I've included a copy and paste from who know where. But it will help, for those who are interested, in understanding what goes on in nagra cam.
If you want to make a bin, to get the instruction set you will have to find out which processor is in the particular FTA receiver for which you are writing the bin. Then you will have to contact the chip manuf. and download the chip specs and instruction set.
Here it is... C/P ---------------------------------------------
Nagra2 is not as tough as people think, Its tougher.
What is Nagra2?
its the newest encryption system by the Kudelski group.
from there site:
Nagravision CA solutions allow television operators and content providers to: ? Protect revenue by restricting access only to paying subscribers ? Scale and upgrade their system to match business growth ? Increase average revenue per user by adding new services ? Benefit from a robust, simple to operate system that is extremely secure ? Minimize costs of deployment and limit implementation risk. Aladin and MediaGuard CA further address new market opportunities by enabling operators to introduce innovative concepts such as: ? Basic encryption providing authorization and authentication functionalities for the transition of the operators? subscriber base from analog to digital ? Disposable smart cards containing access rights to selected high value content for a limited period of time ? DVR based services enabling the introduction of content on demand services to generate new revenue opportunities.
Do the new SYNDROME card and AVR-X work?
The syndrome does , we have seen it, We also believe the AVRX works but have yet to confirm it.
How can I help?
To do your part, we strongly urge you to financially assist your favorite DSS INFO site. They need your help now more than ever.
Is the rumoured Rom 101 clone "hack" true?
yes it is, its been confirmed 100%. However, that is all we can say at the moment
How long will it last? will it crash?
our opinion is yes, but only time will tell.
I have lost most or all of my channels, will I ever get them back as I miss my PPV, Starz and P0rn?
good question, not easily answered. but maybe one day. not now or in the near future, just wait it out.
Will it ever be hacked?
eventually but it will require vast resources of money and capable people.
Will my Fta receiver work after Nagra2 takes over?
actually YES, FTA is the only platform working right now, and Nagra2 files have been released for all the major brands.
Will my Atmega, AVR or Rom 2,3,10 or 11 work after Nagra2 takes over?
Unfortunately, NO it will not. it cant be any simpler than that.
is it possible to program the new N2 cards yet?
no, not at this time, However Rom 101 has been comprised and 102 and 103 are rumored to be as well.
Before you listen to anyone who claims to know anything, heed this advice.
There is no known P4/P5 hack, anyone who says there is just wants to screw you out of your hard earned money!!!
some technical thoughts:
Nagra 2: The $07 and $1C commands - A technical discussion
First off, this discussion is directed to the handful of real technical experts out there. The layman is also welcome to read this thread for it will give him a realistic picture of the new encryption technology, but he should refrain from participating in this discussion if he has nothing of technical merit to contribute. Otherwise, this thread will degenerate into useless rambling.
I decided to post my findings because there is so much mis-information out there. There has been much talk recently that Nagra 2 is an impenetrable fortress that will never be compromised, much like the P4 card. At any rate, that is the prevailing view among the layman. Perhaps this thread will enlighten many of you.
Anyone who has logged the Nagra 2 datastream and compared it to the Nagra 1 datastream will be astonished - nothing much has changed! Some of the commands have been renamed and slightly re-formatted. Why were the commands re-named? Most likely so that a Nagra 1 card wouldn't get confused with commands directed to the Nagra 2 card and vice-versa, while both the Nagra 1 and 2 streams were active together.
Now, there are some commands that come down in plaintext and others that are encrypted. The plaintext commands are trivial and can be easily emulated for both Nagra 1 and 2 and we won't bother discussing them. The encrypted commands are $04, $07 and $1C for Nagra 2. (The corresponding ones for Nagra 1 are $00, $03 and $13).
We can completely ignore command $04 because it only provides updates to the card that are not critical to generating video. This was the purpose of the $00 command in Nagra 1 and as many of you know, when you put blocker code on your Nagra 1 cards, you are simply ignoring command $00, but you still get video!
So, that just leaves commands $07 and $1C. Since this is the heart of the Nagra 2 encryption, it is quite astonishing that nobody has much to say about these commands even when the demise of Nagra 1 is upon us. Well, here is where the discussion gets more technical, so do try to follow along.
Technical Discussion: Command $07
Well, it would help if we all knew what a command $07 looks like, so here is a recent log of that command:
21 00 4D ; A0 CA 00 00 ;Standard Header 47 ;Instruction Length 07 ;Command 45 ;Command Data Length 01 01 ;System ID 86 00 08 ;ECM Type, Key Select xx xx xx xx xx xx xx xx ;Valid Hash (Signature) xx xx xx xx xx xx xx xx ;Encrypted Packet 1 xx xx xx xx xx xx xx xx ;Encrypted Packet 2 xx xx xx xx xx xx xx xx ;Encrypted Packet 3 xx xx xx xx xx xx xx xx ;Encrypted Packet 4 xx xx xx xx xx xx xx xx ;Encrypted Packet 5 xx xx xx xx xx xx xx xx ;Encrypted Packet 6 xx xx xx xx xx xx xx xx ;Encrypted Packet 7 02 ;Expected Response Length cs ;Checksum
Well, for those of you who are familiar with Nagra 1, it looks exactly the same as the $03 command except we have 7 encrypted packets instead of 4. The first question we need to ask is why are there 3 more packets? The answer, as you will see later on when we discuss the $1C command is that 6 control words ?? are being sent as opposed to 2 in the Nagra 1 setup. So, we would expect 4 more encrypted packets over the original 4 in Nagra 1. But that would be a total of 8 packets and not 7? But remember, with Nagra 1, there were some pad bytes that they are probably now using for the extra control words. So 7 encrypted packets sounds about right.
Now, what is the encryption being used? We can certainly rule out 64 byte RSA because there are only 56 bytes of data. So it has to be a block cipher that operates on 8 bytes or 64 bits at a time. We can rule out any block ciphers that operate on 16 bytes or 128 bits at a time because we have 7 packets and not 8.
So what are the cipher candidates? DES, 3-DES, IDEA. There are other candidates like Lucifer, Madryga, NewDES, FEAL, etc. The problem with these latter ciphers is that they have either been proven unreliable or simply aren't widely implemented on silicon.
I am hesitant to even include IDEA in the list because there has been no rush by industry to adopt it as a replacement to DES and a commercial license must be granted by the inventors for its use. IDEA also uses a 128 bit key and operates on 64 bits of data. Also, patents filed by Kudelski indicate a 64 bit ECM key and not 128 bit.
Many in the testing community have suggested that 128 bit IDEA is being used. Yet, they have not offered any proof of this. They are welcome to substantiate their claims here.
This writer believes that DES or variation of DES such as 3-DES is being used, similar to Nagra 1. Why would they change this encryption algorithm when it was never compromised? I mean everyone was getting the DES keys from card dumps and NOT from a genuine attack on the DES algorithm. It would be like a shopowner installing a bigger lock on his shop door after burglars broke in through the window...he would be better off putting bars on the window instead.
Also, they had the DES crypto-processor in silicon already and my hunch is that they simply built around the Nagra 1 card.
Put very simply: If you can't get the DES keys in a roundabout way, DES is quite secure. And at this time, nobody can get the DES keys!
One way to settle this matter would be to perform a statistical power analysis of both Nagra 1 and 2 chips while they are decrypting $03 and $07 commands. If there 16 rounds of decryption, then it is DES. IF there are 8 rounds, then IDEA. If there are 48 rounds, then 3-DES. These patterns will be clear during the test. A secondary test, although less conclusive would be a to simply time the execution of the $03 and $07 commands. IDEA takes only half the time to execute on average.
If anyone has more information about the block cipher or about command $07, please feel free to post. We really can't go any further until we know the block cipher with certainty.
But the $1C command is much more interesting and easier to break! Keep reading... Technical Discussion: Command $1C
This command is used to encrypt the control words and send them to the IRD. It is the counterpart to the $13 command in Nagra 1. It is slightly different in format to the $13 command, which led us to our observations about the extra 3 packets in the $07 command.
12 00 38 ; 9C 34 ;Standard Response Header 00 08 ;Control Select? Filler? aa aa aa aa aa aa aa aa ;Control Word 1a bb bb bb bb bb bb bb bb ;COntrol Word 1b cc cc cc cc cc cc cc cc ;Control Word 1c 00 08 ;Control Select? Filler? AA AA AA AA AA AA AA AA ;Control Word 2A BB BB BB BB BB BB BB BB ;Control Word 2B CC CC CC CC CC CC CC CC ;Control Word 2C 90 00 ;SW1/SW2 cs ;Checksum
The response is exactly as expected from the Nagra 1 card except Control Words 1b, 1c, 2B and 2C are new! Now, since the control words come down in the $07 command, we are justfied in assuming the extra 3 packets in the $07 command are simply these extra control words coming down. These extra "control words" must be important or they would not be added to the $07 payload!
What are these extra control words and why are they there? The Mpeg-2 stream only needs 2 control words to be descrambled. Perhaps the extra "control words" are for future use on the Mpeg-4 stream. If there are any experts on the Mpeg-4 digital format, please enlighten us on the use of control words in Mpeg-4. As far as I know, there is an extra DEFAULT control word, in addition to the ODD/EVEN control words used in Mpeg-2.
Although we are not entirely certain that these extra "control words" are really control words, we shall call them by that name. We are certain that 2 of the 6 are indeed control words, or otherwise, the current MPEG-2 stream could not be descrambled.
Now, lets discuss the encryption used by $1C. First off, the encryption used by Nagra 1 and command $13 was DES and the 64 bit key used for encryption was the infamous IRD boxkey. Whatever the encryption for command $1C, the IRD boxkey is still being used as anyone can confirm by changing the IRD boxkey on a subbed Nagra 2 IRD. The result will be a black screen. Furthermore, one can easily clone receivers and still use a valid Nagra 2 card.
IDEA has been proposed as the new encryption schema here too, but no proof has been given. Nobody has publicly disassembled the firmware and reverse engineered the algorithm. If IDEA is not being used on the $07 command, it definitely not be used on a much less sensitive command like $1C. Again, thos who claim IDEA is being used are welcome to offer proof.
It is the opinion of this writer that DES or a variation of DES is being used. I am led to believe this because I have not succeeded in finding the S-box constants in any IRD TSOP dumps...leading me to believe that DES decryption is being done by a dedicated crypto-processor inside the IRD. A card swap does not mean any chips inside the IRD are changing...so unless an IDEA chip already existed in all IRDs (farfetched, but possible), they would have to implement IDEA in software and that would give the inner workigs of the algorithm away.
If anyone knows where the S-Box constants are stored, please tell us and that would settle this matter.
There has been some talk about a "secondary key" in some model IRDs. This supposedly prevents receiver cloning as both the boxkey and mysterious "secondary key" have to be known. Some have argued that this supports the hypothesis of IDEA being used with a 16 byte key. However, any secondary or tertiary keys may also be used in 3-DES or some variant. The model IRDs I have examined do not seem to have any "extra" keys.
The decryption process of the $1C command should not be too hard to break, and I expect it to be broken first. It would be the first step towards a married-sub solution.
More than likely, what is happening is the 6 "control words" are being decrypted using DES and then combined using basic logic functions to come up with the "valid" 2 control words that we were all used to with Nagra 1.
For if they sent down only 2 control words in Nagra 2, we could compare them with the known 2 control words being used by Nagra 1 and quickly break the cipher. Hence, the most logical reason for 6 "control words" is confusion.
Something to try: If anyone is running an emulation setup for Nagra 2, they could try changing control words 1b, 1c, 1B, 1C or, any combination thereof, before sending them to the IRD and see what difference it makes. Are you still getting video?
So folks, that is a realistic view of Nagra 2...it is one of the simplest Conditional Access systems around, but, when you don't have the cipher keys, one of the most complex too Command $1C - Important Observations
In our previous post we mentioned that the response to the $1C command included 6 encrypted packets. We concluded that 2 of these packets had to be control words. For lack of a better name, we called these packets "control words" 1a, 1b, 1c, 1A, 1B, 1C.
Some tests were done and we have confirmed that "control words" 1b,1c,1B and 1C do absolutely nothing. In fact, these packets were "zeroed out" and only 1a, 1A were returned to the IRD in the original format for processing. The IRD did not complain and video was generated as usual without interruption. If 1a or 1A were modified, then video disappeared. So this proves that the real Control Words are 1a and 1A. The other packets, at least for the moment, are not being utilized for any obvious purpose.
We can only speculate as to their purpose. Someone mentioned that Nagra 2 doesn't have the equivalent of an $02 command...Perhaps the additional 4 packets in response to $1C will be used in MECM logic operations on the 2 real control words sometime in the future??
It has also been proven (by using an AVR in blocker mode) that command $04 is currently not relavent to generating video. So this is a fact and doesn't need to validated as someone suggested.
So, it looks like the response to command $1C is now exactly the same as the old $13 command in Nagra 1. I am almost positive DES is being used on the 2 valid control words. If someone has disassembled the IRD firmware and found evidence of IDEA being implemented...it may have something to do with the other 4 packets. Please PM me your findings, as I would be very interested in any IRD disassembly, but unfortunately don't have the time to look into this myself!
As for command $07, firmware disassembly will not reveal the encryption algorithm because the IRD never processes command $07.
Brief introduction There are a great many misconceptions out there about how vulnerable Pretty Good Privacy is to attack. This FAQ is designed to shed some light on the subject. It is not an introduction to PGP or cryptography. If you are not at least conversationally versed in either topic, readers are directed to The Infinity Concept issue 1, and the sci.crypt FAQ. Both documents are available via ftp from infonexus.com. This document can be found there as well.
PGP is a hybrid cryptosystem. It is made up of 4 cryptographic elements: It contains a symmetric cipher (IDEA), an asymmetric cipher (RSA), a one-way hash (MD5), and a random number generator (Which is two-headed, actually: it samples entropy from the user and then uses that to seed a PRNG). Each is subject to a different form of attack.
Great post for the 2% advanced members at this satellite forum. Good work Jason, but I like to see credit to the author of this post added to the c/p founder
I like to create an advanced Satellite team that is willing to discuss/advanced topics on Satellites. Totally away from bashing and severe childish symptoms and noobies entirely
Can this actually work? Who is up for this? Even if it is one or two guys it might be a start? It was my goal when I first moved here I just want to make sure I'm not alone
Your response will be greatly appreciated We can Call it SOLO ADVANCED Satellite Club King
"willing to discuss/advanced topics on Satellites. " It can't see it happening under the Ecoustics umbrella. It is too open to anybody posting and interfereing.
Well, I asked my brother who is a electronic engineer with computer sciences degree in design and software programming from a well respected university working for a big firm up here, for help.He told me to go f...k myself and keep far away from him, and not to asscoiate him with this crap !
I'm sorry, King, but I'd give credit if I knew where I got the C&P from. I have many docs that I've gotten from god knows where.
It's a nice notion to form a group to develop bins to test, however, Nalin is correct: this is not a good place to do it. I've been down this road before. Plus, forums posts are archived and... well, you know what can come of that.
From what I understand, most coders work on their own in terms of defeating Nagra-related 'problems'. The coders may colaborate with one another using IRC and secure email, etc... Teams (usually hired by FTA manufacturers) develop the bins and incorporate the Nagra-related scripts developped by the coders.
I am not a coder, or tester. I'm just like most people here. But, I do like to understand what is going on under the hood of PTA coding. Also, I'm willing to share what I do know, and I hope that others will reciprocate.
I look at these ECMs as being a learning opportunity for this forum's advanced users. We all have something to offer. So let's keep on posting and discuss what was posted.
Besides, we've had many months of helping peeps aim their dishes, program their receivers, and explain the idiosyncrasies of usb-to-serial cables. :-p Now it's time to have some fun!
scanner said :Well, I asked my brother who is a electronic engineer with computer sciences degree in design and software programming from a well respected university working for a big firm up here, for help.He told me to go f...k myself and keep far away from him, and not to asscoiate him with this crap !
who would know you better than your brother ? u just confirm that you are the f*ucking a*ssss in the family i dont blame him .
Just because someone has degrees coming out of the ying-yang doesn't make them any smarter than the rest... it just means that they sat in a classroom longer.
King: Now you know what happens every time you want to try something serious. Nobody said anythig after Jason's first post, bu as soon as we try to talk about a serious thread the all want to ruin it.
Sats: A few receivers, notably the Pansat 2500A and clones and Fortec Ultra are not rolling well with new keys. Let the keys roll in and then do the following to the first number of key 00 and key 01:
real_number = number_seen XOR 43.
That way you will not have to go to internet to look for keys or look at your viewsat for keys.
Example, if the first number is 36H. It means 0011 0110 in binary. Xor it with 43H - 0100 0011
Xor is exclusive OR. Where 0 and 1 clash the result is 0 and where 1 and 1 or 0 and 0 clash there is a resulting 0. so see this 0011 0110........36 xored with 0100 0011........43 ____________________ 0111 0101........75
Hey, Sat We don't need to know your family business. but since you put it in the street, what type of trade is that you are in? You are like the 7/11 store here 24/7
- Well said Jason! - Cartier this was the funniest reply I've read yo do, just Don't go back smooking that stuff. - Scanner don't take it personally - Good stuff Nalin...that's what I'm talking about - I think we got our club Let's go to work
To avoid childish comment's Let's encrypt our replies Start>>>>
This is the Zodiac speaking I'm your new satellite group leader
Stop>>> Did yo get the encryption? Let me see how good yo R? King}
Ooops i meant that on a white canvas ShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshit ShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshitShitshitshit.
KING THAT WAS TRUE . THE GUY CAN NOT GET CHANCE FOR A HIGH EDUCATION AND HE BLAMES IMMIGRANTS IN CANADA HAHAHAHAHAH. U GOT TO KNOW SADSCANNER IF CANADA COUNT ON YOU THEY WOULD NOT HAVE A CHANCE TO MAE BELLVUE WORKS AND NO CANADIEN WOULD HAVE A TV. THEY HAVE TO CALL FOR SOME IMMIGRANTS TO SAVE YOUR FUCKKKKKKKKKKKKKKING A*SS SO THAT SADCSCANNER CAN WATCH.
KING I DONT SMOKE ANYMORE I CHANGED MY BAD HABITTE TO SOMETHING ELES KING YOU WANNA KNOW : I ONLY SCREW Nalin Bin Nadia MOTHER THATS' ALL
Hi everyone As you can see, this is my first post, but I have been lurking here for the longest time.
Regarding Key Morphing and the XOR method sited by Nalin, I find that it works perfectly and is generally faster than looking for the keys on the web. The wife and I play this little game where she looks for the keys and I work the numbers, generally I win. The secret to this is to use the Windows calculator, in HEX mode, it has an XOR function and this makes the operation very simple.
Nalin Bin Nadia YOU SAID YOU DONT HAVE A SISTER RIGHT ? SURE YOU DO AND LOT OF THEM . ASK YOUR MOM. IF I WERE YOU I WOULD GO FOR DNA TEST TO MAKE SURE THAT THE GUY YOU CALL DAD IS THE RIGHT ONE.
WELCOME TO THE CIRCUS at least we got an intelligent guy . yes i did try it and it was fun . i hope you come back sharing with us stuff in this hillarious place .