All your 3 remotes dont belong to aygo/c1/107.
All your 3 remotes dont belong to aygo/c1/107.
There have diffrent format as far i know.
Got another fob which works with the 107 door opening/closing programming sequence. This fob transmits differently to the other ones discussed on this thread though is a 73373067D. It transmits for 165ms rather than 120ms like all the others. Will look into it further as still interested in figuring it all out.
Last edited by kosu; 26th October, 2019 at 09:09 PM.
Turn the other way.. bsi from other (donor ) car with the original remote, and reprogram the ecu ( original one ) might work.. ? ( with the locks original belong to the car )
wooooow
Okay it's something like you trying to push the broken car with a towing rope.
why don't you find a locksmith???
Sir, are you classified as human? Negative, I am a meat popsicle
Why dont we buy a new car? there,s also a challenge to do things by yourself..
Fantastic mihotd program modified for the pic12f675 (hex + asm)
Thanks to mihotd.
Col19 (23rd June, 2021), mexanico1971 (11th January, 2023), tawaf111 (9th January, 2023), vavrich (7th December, 2023), YASS59 (24th January, 2021)
What about these type of new keyless entry keys? Any luck ?
s-l300.jpgasd.jpg
As far as i know these are using PCF7945
What it have cross points with old PSA remotes?
This thread suggests that the 75076228 could be an MC33493 (PLL Tuned UHF Transmitter for Data Transfer Applications).
https://www.eevblog.com/forum/repair...fying-rf-chip/
The 75078020 is a MC68HC908RF2 which appears to contain the MC3349x as the transmitter module. I've ordered a few of those RF2s to play about with, but won't get them until Jan.
The MCU part of the RF2 is this one I think MC68HC908RK2. I got a 73372647G fob off ebay which seems to have these two as discrete components.
Last edited by kosu; 14th December, 2019 at 09:23 AM.
It's HC908 and there is "SS" implemented like conventional HC908's. How does your plan to manage to get the correct SS ? And this is a three volt MCU core.
Last edited by Zmann; 15th December, 2019 at 02:26 AM.
I don't have a plan, this is just out of personal curiosity. Maybe clock or voltage glitching, maybe there's a logical vulnerability that leaks memory via a side channel. The other alternative I thought of was reverse engineering the keydiy implementation, but I'm guessing that is well protected, perhaps more so than the 908.
Bookmarks