Oscam Support on CAID 0911 16E Total TV

This is over our heads.You can try to approach some hackers group like Dead duck or similar group.Nobody of us here has a lot of money and knowledge how to manage BCM technology.Forget about that.

Bye

Quote from Harald2

Your last Chance is to get a 091F Card from a Friend, and give him your Card with Receiver...

:thumbup:

Some Peoples have 091F old Cards you can get, ask a Friend...

If 091F running good at much Servers, never going public what to do for 0911. The Cracking need some Money and much Work, so all Hackers holding back long Time as possible!

At Germany we have 098C, this is also 3DES (or AES for UHD channels), some peoples have the Card in AES Mode, and get ECM for the UHD Channels. It works, but not become Public at the moment. How long to wait ? I don't know, i know is ist possible, but not for me, and i'm sure not for you. I Have 500GHash/Sec Brutforce Power, this is verry much Brutforce Power for DES, but at this i need incredibly much Years (thousends Years) to break 3DES! We need to exclude k2 from EMM's, i not know how to do!

You know what you can do, or use Original Receiver.

215328.png

mirodvd

1. Can you help Kartenali to read the Card ?

2. Is 0911 3DES ? Or other ?

it is picture from Iveco :)

it is only for special team not for public, you dont seen that public yet.

only forever team can get 3des of bcm,mstar CPU, i not know how to get 3deskey, true info 3deskey hacked via forever team

Mstar

BCM7335

BCM7358

BCM7301

not only NDS, also Tongfang

I have 091F active card, boxID and ins7e.

Can anyone help me get a ecw/dcw pair?

Thank you.

Quote from jerc

I have 091F active card, boxID and ins7e.

Can anyone help me get a ecw/dcw pair?

Thank you.

if you have public cline of this caid can get dcw .

- STEP 1 : Find BoxID / you can do it directly with OsCam (i.e. r11581) with option -S ((reader) tTV [internal] serial: 0000XXXX,

BoxID: XXXXXXXX, baseyear: 200X)

- STEP 2 : Find ins7e / you can find it via menu and to adapt it in this format 6E736BXXXXXXXXXXXXXXXXXXXXXXXXXX00010202030002020203 ?

- STEP 3 : how to find k1 /

step 3.1 : you need to switch in debug logs 6 via OsCam LiveLog -> Show Settings -> select 2 + 4 (Switch Debug from 6 to) than search

for (Search01: crypted CW is: and Search02: ecm hash than check Found Only

step 3.2 : check with someone who has a working card; in order to compare the ECM hash in the same time for the same channel

step 3.3 : once you have one working decrypted CW vs your encrypted CW with the same HASH (the most important thing) you can start DES

attack to find your unique k1 via hashcat <hashcat -m 14000 eCW:dCW -o /root/tTV.txt -a 3 -1 /usr/share/hashcat/charsets/DES_full.charset

--hex-charset ?1?1?1?1?1?1?1?1 -w 4 --force> (you can use vast.ai to RENT a several GPU configs)

Got it. Thank you guys.

Cheers!

big problem can't find working card ( cline) can't get dcw , must get way solve this problem first then can get k1

Quote from nagra

big problem can't find working card ( cline) can't get dcw , must get way solve this problem first then can get k1

try cardshare.us

Quote from jerc

Quote from nagra

big problem can't find working card ( cline) can't get dcw , must get way solve this problem first then can get k1

try cardshare.us

what is your mean ? some card has public working cline/card, then you can get k1 and dcw easy.

I mean... you can get public cline for test on cardshare.us, with that cline you get DCW which is same for all cards, but k1 has different value for every card as I understand.

So it is not big problem to get DCW/ECW.

k1 is bigger problem... I tried with my PC to hashcat... it would take 78 days to calculate k1.

Or am I missing something?