Gurak,
Цитата:
Цитата:
|
Цитата:
Цитата:
Ещё одна такая попытка - отправлю в РО. |
Нужна помощь. Что-то делаю не так
Каким образом можно получить серийный номер (тот который надо поменять на 35000000)
В папке MSID Dumper из четырех вариантов работает только 3хх (пробовал на прошивайке, виртуалке и фатке с версией 1.5 . Кернел в рекавери меню менял.ФАЙЛ С ДАМПОМ создается, но где в нем найти серийный номер. В программе он не высвечивается. Выпаивать несколько раз микросхему не хочется. Что делаю не так? Спасибо. |
kloun3, offset 1b4-1b7, снятого программой дампа.
|
Цитата:
|
дапер чудно работает на виртулках 5.03 gen-c и 6.20 PRO-B
на 6.39 лагал жутко и ничего не сдапмил |
Вложений: 1
gregorio,
кстати, видимо стоит выложить "правильную" версию под 3.xx =) P.S. Будет в аттаче этого сообщения. P.P.S. Прикрепил, на 6.39 PRO-B8 пашет отлично. |
Thanks Yoti, then is it really? Do you think there might be a way to do this without having to unsolder NAND?
Thank you very much. P.D.: By the way, here is someone who can speak Spanish, to guide me? Since English is not the domain very well, in my school there isn't an high level of English. |
Frostegater
Огромное спасибо. Полёт нормальный. Сорри за долгое молчание. Уезжал. ----------- Yoti >Руки кривоваты, видимо. Поглядел внимательно на руки. Ёпрст!!! Они ВООБЩЕ РАЗНЫЕ!!! (Одна левая, другая - правая :)))))))))))))))))) СПАСИБО ВСЕМ! |
Цитата:
Цитата:
Цитата:
|
Цитата:
|
ALEXYERGA,
for now we have some untested ideas. |
Цитата:
|
How NAND memory worked? If You now , and if You a BASCOM Programer - Please help in understanding how they work (procedures READ and WRITE). Thank You.
http://www.elektroda.pl/rtvforum/vie...467&highlight= |
Ok, very much
|
You not need a NAND flasher, just DMDE http://softdm.com/download.html . Full and free editor for memorycard. You can modyfi an ID and Serial number of this cards.
But be careful ! You use on own risk. |
Цитата:
|
it might be possible, but where exactly the offset location of the MSID thatshould be overwritten?
|
MSID is not in the chipset, but in the zero sector of NAND.
This program also provides direct access to sector zero. What do you mean Yoti,ErikPsHat ? |
so is it possible? at sector zero., too many blocks to look for wheres the exact loc?
|
Hmm... mystake ;) possible MSID in sector zero but possible in other sector. Find "FAT16" - HEX: 46 41 54
Few words about Pandora for 300x - maybe number (in battery chip) should fit in number ID of magic card ? |
lenovo3000,
DMDE works with logical sectors. Where are you found MSID in it? |
Yes ,i found MSID
images but can't change. :( Change is possible but not permanent. As if the controller back to save to NAND. You might think about making a controller that replaces the value (MSID). However, I need to know the sequence of reading MSID (BS , DATA1,SDIO/DATA0,DATA2,DATA3, and SCLK). If the sequence is simple to replace it, you can use AVR Atmega8. Something like ModBo760 ;) |
lenovo3000, full format your card and try again
you may found attr0.bin file on your card |
Possible to write /overwrite msid without programmer? or any otherway to boot jigstick w/o changing msid?
|
@Gregorio
With this program you can change everything in NAND but MSID returns after reboot card.Before reading through DMDE i removed attr0.bin from the card file .Therefore, to be able to replace the MSID, I suggest making interface for the popular AVR controller.Then the possibility of substitution would be possible on all cards, even in the new. I'm working on it. Was eliminated the need to buy an expensive NAND programator, and the need for technically complex soldering/desoldering.MSID swapping would take place outside the card. image I will spoof a MSID. Input and output would be equal outside &H1B0 (where the MSID is).This would depend on the software written for this AVR controller. Actually it's not about replacing MSID in NAND but beyond.Would match all the cards then. Card communicates with the PSP via a parallel transfer only? |
lenovo3000, removing file is not equal fully deleting it. You may restore your file after deleting. So, you need to do low-level format and try again.
And thanks for scheme! |
If you read only MSID_dumper &H1B0 and not the entire contents to &H600 then the designation will replace only the offset &H1B0.
While the programs read the entire contents of this sector is not the case, can replace a whole. But when there is only a reference to a particular offset is only passed an examination pretend specific offset. AVR controller to EEPROM can be saved and the entire sector from &H00 to &H600 but would be better to only the portion (one offset). It is possible that the substitution by the sector's interface with plowing low-level format writes the correct value of the relevant sector (Formatting using the Sony memory stick card formater). Permanent format with "correct" MSID will be possible (i dont now is it in realy - should check ) |
lenovo3000,are you sure that it will work?
|
Цитата:
and you works with logical sector mapped by controller first logical sector may be elsewhere in physical nand |
Full sequence is in attro.bin file :
http://i51.tinypic.com/x55pj8.png End is in offset 00000600 . I need to know a signal when is proceed of reading offset 000001B4 to 000001B7. Only this sequence will be activated the substitution of the content of this sector.Then it will be irrelevant in the real value of recorded NAND.Because this value will be sent to the PSP with a memory controller AVR eeprom. See how it is written in the sequence (and timing) of read and write longer between NAND and Controller Memory Stick (or SD controller) -> http://www.elektroda.pl/rtvforum/vie...467&highlight= The program (in this situation) is a simple substitution. AVR controller waits for a sequence of reading the sector in which the MSID, and then sends the entered value in this place which is on the memory card.Besides this sequence as if the controller was not (Signals coming from the card would be sent to the PSP as if card was planted directly in the console).It does not matter where in the nand memory (in which the sector) is MSID. It is important where the offsets caused by the PSP sits this code.The interface is designed to replace the MSID in the stream of data between the card and the PSP Memory Stick and not in the same NAND. This interface will allow the substitution of the value of anything we want to make it visible.Except that I need to see that the signal comes before and what the value is sent in sequence. To select the AVR controler frequency well I have to know what is on the MCLK frequency. This will give me the opportunity to understand how long it takes a high state as the shortest signal low.:unknw: Powiem po polsku : interfejs podmieni tylko wywołany odczyt offsetów na wartość która ma być widoczna (zmieniona). Do tego potrzebuje timingi jakie występują w przypadku zapisu pliku attri0.bin na kartę. Najlepiej w takiej postaci jak przykład na elektroda.pl , plus wypisane wartości jakie pojawiają się w tej sekwencji. Wiadomo że inna sekwencja jest dla zapisu a inna dla odczytu z karty.W tym przypadku ważna by była ta od odczytu. @Gregorio - Replace after all as far as I can be good a program written. Compare what happens when the PS2 MODBO760.Here, theoretical assumptions might want to check how it is actually because it's a good chance of success. |
>>End is in offset 00000600
Because we read 3 attribute blocks (per 0x200 each): first, second, third. |
Is it possible to change in the program MSID_dumper to read and wrote only the first sector 0x200? If you need to replace only the first sector is easier than all the 3 sectors.I made corrections in the schema.I added the keys mosfet 4066 ,because the AVR pins can be set either as inputs or as outputs. And there is a need for bidirectional communication.
The point is that the key 4066 is always in active state (bidirectional communication betwen MemoryStick <-> PSP) with the exception of the sequence of substitution of the first sector 0x200. In total, how read and write the card in the PSP is the same as the computer's card reader. If you do not find on the internet information of the sequence of read and write Memory Stick, then I will have to construct a sniffer which will be followed at one time a few channels (which is connected to the respective pins are the card). It's as if the plug in multichannel oscilloscope recorder with (something like Terminal for COM). I admit that an ambitious plan ;) |
Парни, прочесал всю тему и, чесслово, ничего не понял. Видимо, потому что я простой обыватель и в электронике ни в зуб ногой. У меня только один вопрос: чтобы оживить свою брикнутую ПСП мне надо либо обращаться к человеку с такой вот чудо-карточкой, либо самому мудиться со всеми этими программаторами и вырезанием микросхем (чего я, ясен пень, делать не буду)))?
|
eatchildren, ты всё правильно понял, придётся искать человека с нужной карточкой.
|
>>it possible to change in the program MSID_dumper to read and wrote only the first sector 0x200?
If we able to write block with msid work will be done. |
Well now remains for me to know the sequence of read and write to the card memory stick. I will write again as I will have some concrete news about my idea.
PS. The adapters, microSD -> Memory Stick when you change cards (tFlash) also varies MSID? Is it generated by the adapter chip? Could someone check? ThankYou About reading/writing microSD/SD card : http://www.ulrichradig.de/home/uploa...sd/doc/MMC.doc http://www.ulrichradig.de/home/uploa...CSDTimming.pdf |
msid stored in adapter's controller
and it's permanent |
Цитата:
Compared the reading of the same card tFlash two adapters. Not only do they differ MSID but also other data. Just in this topic focus on the unfortunate MSID. But there is still a chance.I undressed one adapter (the one in worse condition), and here's what I see : http://i52.tinypic.com/2ajw6du.jpg The EEPROM certainly sits MSID.This chip flooded with resin is only a translator between the device readings (eg PSP, card reader) and a memory card tFlash. If my assumptions are accurate this is out of the situation :). Just reprogram the eeprom ! :dash: 93LC66 but 24LC65 better. GND -1,2,3,4 , Vcc 8 pin Example programmer for 24LC65 - easy to work :) http://www.mcselec.com/index.php?opt...=103&Itemid=57 And this site : http://mirley.firlej.org/programator_eeprom in Polish (language). |
lenovo3000,
it's good, but did you have firmware for contoller? Dumped one (don't remember from which chip) doens't have msid in plain state. |
| Текущее время: 02:35. Часовой пояс GMT +3. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2025, vBulletin Solutions, Inc. Перевод: zCarot
PSPx Forum - Сообщество фанатов игровых консолей.