哪位大神给挑战一下我们小区的梯控系统

mengkang · 发表于 2023-6-30 16:21:41

最近小区刚换的电梯刷卡系统，原来用的是金博的最简单的系统，到期时间可以直接修改的那种，现在换系统后读出1，2扇区都有数据，而且还是加密的，关键是刷卡前后读出的数据还不一样，听说是滚动码，但是9扇区还有金博的数据资料，用分析软件分析出来的是9扇区金博梯控，日期都是明码的，修改后也没有用，哪位大神给挑战一下这个不一样的滚动码系统。
刷卡前
0 扇区
5A D0 3A 7F CF 08 04 00 02 FD 1F AA 6F 4D C6 1D
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

1 扇区
FB 3B 97 3F EB 11 0E 97 FF 47 78 A8 C0 2A AC 71
02 AC B1 33 80 47 13 AD F9 78 84 9C 37 CA 2C 4C
C8 1E 6B FC 72 C3 3E 61 29 EF 2D ED 5D 99 7D 3A
BC 9C 6D A7 12 E3 FF 07 80 69 BC 9C 6D A7 12 E3

2 扇区
00 00 6E DC BC 50 1C 63 31 00 63 3E 74 75 5C 2A
00 00 91 DA 3E 99 EA 62 E8 00 62 14 9E 8D 94 7E
BF D8 2C AC 0B 30 2B 2F 51 1E 12 2C B7 0C 98 74
BC 9C 6D A7 12 E3 FF 07 80 69 BC 9C 6D A7 12 E3

3 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

4 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

5 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

6 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

7 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

8 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

9 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
53 40 40 00 00 00 00 00 00 47 02 89 05 02 00 00
20 01 01 00 00 23 06 22 10 53 00 00 00 00 7F 00
47 42 49 43 83 75 FF 07 80 00 47 42 49 43 83 75

10 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
CD F5 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
47 42 49 43 83 75 FF 07 80 00 47 42 49 43 83 75

11 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

12 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

13 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

14 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

15 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

刷卡后的
0 扇区
5A D0 3A 7F CF 08 04 00 02 FD 1F AA 6F 4D C6 1D
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

1 扇区
FB 3B 97 3F EB 11 0E 97 FF 47 78 A8 C0 2A AC 71
02 AC B1 33 80 47 13 AD F9 78 84 9C 37 CA 2C 4C
C8 1E 6B FC 72 C3 3E 61 29 EF 2D ED 5D 99 7D 3A
BC 9C 6D A7 12 E3 FF 07 80 69 BC 9C 6D A7 12 E3

2 扇区
00 00 DA 1C 02 E6 75 7D CE 00 7D 82 5F 53 CB 80
00 00 E3 B2 80 68 A6 7C 5D 00 7C 58 17 24 EC DB
BF D8 2C AC 0B 30 2B 2F 51 1E 12 2C B7 0C 98 74
BC 9C 6D A7 12 E3 FF 07 80 69 BC 9C 6D A7 12 E3

3 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

4 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

5 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

6 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

7 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

8 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

9 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
53 40 40 00 00 00 00 00 00 47 02 89 05 02 00 00
20 01 01 00 00 23 06 22 10 53 00 00 00 00 7F 00
47 42 49 43 83 75 FF 07 80 00 47 42 49 43 83 75

10 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
CD F5 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
47 42 49 43 83 75 FF 07 80 00 47 42 49 43 83 75

11 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

12 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

13 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

14 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

15 扇区
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF FF FF FF FF FF 07 80 69 FF FF FF FF FF FF

fsjt7910 · 发表于 2023-6-30 18:13:39

所有软件还真都分析不出来，估计又是一个新的系统名称，只能靠多对比慢慢摸索了

水心游侠 · 发表于 2023-6-30 20:52:56

9扇区应该是系统升级后的遗留数据吧，要么已经没用，要么留着二次核对。主系统的数据既然还没解开秘钥，那就稍微等等？

nkzxlgq · 发表于 2023-7-1 10:42:07

刷卡前
2扇区
00 00 6E DC BC 50 1C 63 31 00 63 3E 74 75 5C 2A
00 00 91 DA 3E 99 EA 62 E8 00 62 14 9E 8D 94 7E
BF D8 2C AC 0B 30 2B 2F 51 1E 12 2C B7 0C 98 74
BC 9C 6D A7 12 E3 FF 07 80 69 BC 9C 6D A7 12 E3
刷卡后2扇区
00 00 DA 1C 02 E6 75 7D CE 00 7D 82 5F 53 CB 80
00 00 E3 B2 80 68 A6 7C 5D 00 7C 58 17 24 EC DB
BF D8 2C AC 0B 30 2B 2F 51 1E 12 2C B7 0C 98 74
BC 9C 6D A7 12 E3 FF 07 80 69 BC 9C 6D A7 12 E3

金博时间

到期时间	9扇区-2区块-第6-8字节	230622
起始时间	9扇区-2区块-第1-3字节	200101
功能位	9扇区-1区块-第3字节	40
楼层代码	9扇区-1区块-第4-10字节	00000000000047
发卡序号	9扇区-1区块-第11-12字节	0289
用户编号	9扇区-1区块-第13-14字节	0502

mengkang · 发表于 2023-7-5 15:40:28

nkzxlgq 发表于 2023-7-1 10:42
刷卡前
2扇区
00 00 6E DC BC 50 1C 63 31 00 63 3E 74 75 5C 2A

9扇区的这些数据是以前金博梯控的数据，到期时间是拿卡的日期，这些数据确实是用来核对的，主要的数据是在1扇区和2扇区，我找了很多高手都没解开

wyg918888 · 发表于 2023-7-19 16:37:57

路过。。。。。支持了

wyg918888 · 发表于 2023-7-20 10:47:57

舍得花钱，啥都能整明白。

帐号		自动登录	找回密码
密码			立即注册