 |
Reading firmware payphone cards
Connecting to a PC card for reading and writing primarily through LPT port.
Putting schema reader. (For 8 pin).
(для 6 контактных). OR on the table (for 6 contact).
location | appointment | Where to connect |
|
| 1.
- +5 V 2.
- 2 pin LPT 3.
- 3 pin LPT 4.
- 25 pin LPT 6.
- 11 pin LPT |
Powered via pulsed diode (anode to the port) with 6.9 contact LPT, you can also get it from the first pin GamePorta (joystick port) or the keyboard.
Working with software
So when everything is connected you can start working with the software. If everything is properly connected you will see something like this:
If all the data in HEX codes will be set to "FF" or a 16-tirichnoy notation "11111111", means that a bad connection or bad kontachit. On this screen vpolnennoy its task, it is up to you go for it! This program is not just a simple reader is still able to remove items from the map ...
2. Physical ISO standard
The figure shows the numbering of contact chip cards
Type of ISO 7816-1 |
|
|
|
| 1 - VCC (power) 2 - RST (reset) 3 - CLK (clock) 4 - GND (ground) 5 - no use (not used) 6 - I / O (input / output) |
What is written on the cards? (For St. Petersburg's cards)
purpose of each bit stored on the card.
The card uses only 16 bytes. All the rest are 0xFF.
Examples of memory cards
This map is for 50 units over. Number 0050415503.
Valid until 30.09.98
E9, 30, FF, 01, F1, E2, 80, C0
00, 00, 00, 00, 00, FF, 18, EA
This map is for 400 units as empty. Number 0400155921.
Valid until 30.09.98
E9, 30, FF, 01, 88, A7, 9B, E8
00, 00, 00, 00, 00, FF, D9, 79
Here is a map in 1000. It remains to 998. Number 1000013039.
Valid until 31.12.99
E9, 30, FF, 01, F7, 3F, 59, DC
00, 01, 7F, 0F, 3F, FF, 68, 6B
Then I called on this map. Remaining 6 units.
E9, 30, FF, 01, F7, 3F, 59, DC
00, 00, 00, 00, 3F, FF, 68, 6B
Finally, it ended.
E9, 30, FF, 01, F7, 3F, 59, DC
00, 00, 00, 00, 00, FF, 68, 6B
Field Assignment
1. The first 4 bytes - some ID. All maps
E9, 30, FF, 01.
2. The next 4 bytes - the serial number of the card. By placing the bits in the bytes in reverse order, and then do the bytes get 32-bit unsigned integer. For example, bytes, F7, 3F, 59, DC with the order of bits look like EF, FC, 9A, 3B. Obtain the card number 0x3B9AFCEF or 1000013039 in decimal. It is easy to see that number printed on the card, always consists of 10 digits, and the first 4 digits - Card capacity.
3. The next 5 bytes - number of units remaining on the card. The storage format is very interesting: use of individual bits in a byte, starting with Bush. Accordingly, the byte value 07 corresponds to 3 units, the value of 1F - five, and 7F - seven units. The maximum number of items stored in a byte - seven. Accordingly, using octal notation. Thus, bytes 00, 01, 7F, 0F, 3F correspond to 01 746 in octal or 998 units in the decimal system. The maximum number of units may be expressed in octal number 77 777 32 767 or in the decimal system.
4. The next byte is always set to FF. It seems that it is not used.
5. The last two bytes, seems to express the CRC or other control code for the first 8 bytes of permanent, because in spending units will not change, but
each card they own. While their purpose is not clear. It was found that the shelf life is not recorded on the map. Apparently, he has something to do with the card number.
Perhaps each correspond to a certain shelf life, a range of numbers.
As already mentioned, of the 10 digits of the first 4 express card capacity. The remaining 6 did not identify the card uniquely, because already produced more than a million cards. Results in this numbering system may be six million cards:
* At 25 units, numbered 0.025 billion to 0025999999
* At 50 units, numbered 0.05 billion to 0050999999
* The 100 units with numbers from 0.1 billion to 0100999999
* The 200 numbers from 0.2 billion to 0200999999
* The 400 numbers from 0.4 billion to 0400999999
* The 1000 numbers from 1 billion to 1000999999
-New game! 
|