Aller au contenu


Photo

DosFlash V2.0 : le flash par DOS est de retour


  • Veuillez vous connecter pour répondre
67 réponses à ce sujet

Posté 03 septembre 2011 - 12:20

#1
Razkar

Razkar

    HomeBrew Lover

  • Shining VIP
  • 6 098 messages
  • Sexe:Male

Le développeur Kai Schtrom nous livre aujourd'hui via le Xbins une nouvelle version de son application baptisée DosFlash et qui vous permettra de flasher vos lecteurs Xbox360 sous DOS. On remarquera principalement dans cette nouvelle version l'intégration des dernières méthodes d'unlock des lecteurs Slim avec chip Winbond/MXIC. L'auteur en profite d'ailleurs pour saluer le travail de Geremia et de la Team Maximus sur ces méthodes de déverrouillage.

 

Voici la liste des nombreuses modifications de cette version 2.0 :

 

DosFlash V2.0 Release Date 03.09.2011
---------------------------------------
- Key extraction task "LiteOn Key V3 (Tarablinda)" now supports the Slim firmware versions 9504, 0272, 0225, 0401, 1071 and also tries to discover the key on unknown firmware versions
- 2 new tasks added named "Lock SPI Flash" and "Unlock SPI Flash"
  The new unlock SPI flash task is used in combination with Geremia's MXIC and  Winbond Unlock method. 

  It is very much influenced by Geremia's unlockSPI program, which was the first bruter to unlock Winbond SPI flashes.

  To relock the flash after you have finished writing a patched firmware to it, use the lock SPI flash task.

  This will instantly make the SPI flash write protected for all blocks. BP0, BP1 and SRP status bits are activated afterward, so handle this function with care!
- Read Flash task now can create a full firmware dump of the Slim firmware versions 9504, 0272, 0225, 0401 and 1071

 To create full firmware dumps of 0225 drives and above you should get a compatible SATA2 controller and set it to IDE mode. In addition you should be able to do Geremia's MXIC or Winbond unlock method.  

 The compatible SATA2 controller is needed to unlock the MTK. Any installed drivers should be uninstalled, because they will switch the controller back to AHCI mode. In combination with the SPI flash status register unlock you are able to write to the firmware and inject Geremia's 8051 trojan, which can then dump the complete firmware. A risk level is added to show you how risky it is for your individual flash chip and firmware combination to write the patched firmware to obtain a full dump.
- Possibility during "Read Flash" task to write firmware sector 3E of Slim drives with unknown firmware version This feature should be useful if new, unknown Slim firmware versions get out. If you write the patched 3E sector to a new and unknown firmware version this could potentially kill your drive. So handle it with care!
- Portio.sys reimplemented as separate driver for DosFlash32 and DosFlash64
  The driver files portio32.sys and portio64.sys are again separated from the executable file. This way the
  user has the possibility to sign the drivers on his x64 system with the Driver Signature Enforcement  Overrider.
- SATA and IDE adapter list updated


Geremia's Tarablinda method on LiteOn PLDS DG-16D4S with other firmware than 9504 and DosFlash32/64
-----------------------------------------------------------------------------------------------------
- connect your Slim drive to a SATA2 controller set to IDE mode
- make sure the drivers for the SATA2 controller are uninstalled
- connect a separate power supply unit to the LiteOn PLDS DG-16D4S, don't turn it on yet
- power up PC and boot into Windows
- turn on the LiteOn psu
- run DosFlash32/64
- the drive and flash chip should identify properly
- choose the task "LiteOn Key V3 (Tarablinda)"
- press "LiteOn Key V3" button
- choose a destination directory for the extracted files
- after this DosFlash32/64 displays your DVD-Key and saves your key and identify data
- then DosFlash32/64 displays the following message:
  There seems to be a LiteOn Slim drive connected as Master
  to port 0xA000.
  You should try SATA2 MTK unlock method.
  - Use a compatible SATA2 controller set to IDE mode
  - Repower the drive which is connected to the SATA 2 controller
  - Press "Yes" if you are ready
  Are you ready?
- do the above and press "Yes"
- this repower is used to get DosFlash32/64 back to a known MTK state


Geremia's Tarablinda method on LiteOn PLDS DG-16D4S with other firmware than 9504 and DosFlash16
--------------------------------------------------------------------------------------------------
- connect your Slim drive to a SATA2 controller set to IDE mode
- connect a separate power supply unit to the LiteOn PLDS DG-16D4S, don't turn it on yet
- power up PC and boot into Ms-DOS 6.22
- turn on the LiteOn psu
- run DosFlash16 in auto mode
- the drive and flash chip should identify properly
- choose your drive number
- as task choose "LITEON K"
- as extraction method choose "V3"
- choose a destination directory for the extracted files
- after this DosFlash16 displays your DVD-Key and saves your key and identify data


Unlock flash on LiteOn PLDS DG-16D4S with other firmware than 9504 and DosFlash32/64
--------------------------------------------------------------------------------------
- connect your Slim drive to a SATA2 controller set to IDE mode
- make sure the drivers for the SATA2 controller are uninstalled
- connect a separate power supply unit to the LiteOn PLDS DG-16D4S, don't turn it on yet
- power up PC and boot into Windows
- turn on the LiteOn psu
- run DosFlash32/64
- the drive and flash chip should identify properly
- choose the task "Unlock SPI Flash"
- press "Unlock SPI Flash" button
- you will hear a test sound from the PC speaker and the following message is displayed:
  The sound that just played was a test. You will hear the
  same sound if unlocking is successful later on. If you
  have not heard a sound, you should skip the unlock and
  check your PC speaker.
  Unlocking the SPI flash requires you to use Geremia's MXIC
  or Winbond Unlock method. Proceed like follows:
  - Press "Yes" if you are ready
  - Start Geremia's MXIC / Winbond Unlock
  - Stop if you hear the sound
  Are you ready?
  (Press ESC key to abort!)
- press "Yes"
- start MXIC or Winbond dremel unlock
- stop if you hear the test sound again
- the SPI flash should now be successfully unlocked


Unlock flash on LiteOn PLDS DG-16D4S with other firmware than 9504 and DosFlash16
-----------------------------------------------------------------------------------
- connect your Slim drive to a SATA2 controller set to IDE mode
- connect a separate power supply unit to the LiteOn PLDS DG-16D4S, don't turn it on yet
- power up PC and boot into MS-DOS 6.22
- turn on the LiteOn psu
- run DosFlash16 in auto mode
- the drive and flash chip should identify properly
- choose your drive number
- as task choose "U" for "Unlock SPI Flash"
- you will hear a test sound from the PC speaker and the following message is displayed:
  The sound that just played was a test. You will hear the
  same sound if unlocking is successful later on. If you
  have not heard a sound, you should skip the unlock and
  check your PC speaker.
  Unlocking the SPI flash requires you to use Geremia's MXIC or Winbond Unlock
  method. Proceed like follows:
  - Press "Yes" if you are ready
  - Start Geremia's MXIC / Winbond Unlock
  - Stop if you hear the sound
  Are you ready?
  (Press ESC key to abort!)
- confirm with 'Y' for "Yes"
- start MXIC or Winbond dremel unlock
- stop if you hear the test sound again
- the SPI flash should now be successfully unlocked


Read flash on LiteOn PLDS DG-16D4S with other firmware than 9504 and DosFlash32/64
------------------------------------------------------------------------------------
- you should have unlocked the SPI flash prior to reading the flash, otherwise the following steps will not work
- connect your Slim drive to a SATA2 controller set to IDE mode
- make sure the drivers for the SATA2 controller are uninstalled
- connect a separate power supply unit to the LiteOn PLDS DG-16D4S, don't turn it on yet
- power up PC and boot into Windows
- turn on the LiteOn psu
- run DosFlash32/64
- the drive and flash chip should identify properly
- choose the task "Read Flash"
- press "Read Flash" button
- enter the name of your flash firmware output file e.g. fulldump.bin
- you read the following (the displayed checksum and risk level can vary):
  Risk Level: Minimal! Winbond SPI flash with empty 3D3E sectors.
  Firmware sectors 0x3D000 and 0x3E000 match known checksum
  0xFFFFF800.
  Do you want to write firmware with patched code to be able to read
  the firmware?
- press "Yes"
- then DosFlash32/64 displays the following message:
  There seems to be a LiteOn Slim drive connected as Master
  to port 0xA000.
  You should try SATA2 MTK unlock method.
  - Use a compatible SATA2 controller set to IDE mode
  - Repower the drive which is connected to the SATA 2 controller
  - Press "Yes" if you are ready
  Are you ready?
- do the above and press "Yes"
- after this DosFlash32/64 saves your firmware dump and displays the above message again, repower
  the drive again and press "OK"
- the last repower is used to get DosFlash32/64 back to a known MTK state


Read flash on LiteOn PLDS DG-16D4S with other firmware than 9504 and DosFlash16
---------------------------------------------------------------------------------
- you should have unlocked the SPI flash prior to reading the flash, otherwise the following steps will not work
- connect your Slim drive to a SATA2 controller set to IDE mode
- connect a separate power supply unit to the LiteOn PLDS DG-16D4S, don't turn it on yet
- power up PC and boot into MS-DOS 6.22
- turn on the LiteOn psu
- run DosFlash16 in auto mode
- the drive and flash chip should identify properly
- choose your drive number
- as task choose "R" for "Read Flash"
- enter the name of your flash firmware output file e.g. fulldump.bin
- you read the following (the displayed checksum and risk level can vary):
  Risk Level: Minimal! Winbond SPI flash with empty 3D3E sectors.
  Firmware sectors 0x3D000 and 0x3E000 match known checksum 0xFFFFF800.
  Do you want to write firmware with patched code to be able to read
  the firmware (Y/N)?
- confirm with 'Y' for "Yes" and press Enter
- then DosFlash16 displays the following message:
  There seems to be a LiteOn Slim drive connected as Master to port 0xA000.
  You should try SATA2 MTK unlock method.
  - Use a compatible SATA2 controller set to IDE mode
  - Repower the drive which is connected to the SATA 2 controller
  - Press "Yes" if you are ready
  Are you ready (Y/N)?
- do the above and press 'Y' for "Yes"
- after this DosFlash16 saves your firmware dump


Lock flash on LiteOn PLDS DG-16D4S with other firmware than 9504 and DosFlash32/64
------------------------------------------------------------------------------------
- connect your Slim drive to a SATA2 controller set to IDE mode
- make sure the drivers for the SATA2 controller are uninstalled
- connect a separate power supply unit to the LiteOn PLDS DG-16D4S, don't turn it on yet
- power up PC and boot into Windows
- turn on the LiteOn psu
- run DosFlash32/64
- the drive and flash chip should identify properly
- choose the task "Lock SPI Flash"
- press "Lock SPI Flash" button
- read the displayed warning carefully, because locking the flash is very risky
- press "Yes"
- the SPI flash should now be successfully locked


Lock flash on LiteOn PLDS DG-16D4S with other firmware than 9504 and DosFlash16
---------------------------------------------------------------------------------
- connect your Slim drive to a SATA2 controller set to IDE mode
- connect a separate power supply unit to the LiteOn PLDS DG-16D4S, don't turn it on yet
- power up PC and boot into MS-DOS 6.22
- turn on the LiteOn psu
- run DosFlash16 in auto mode
- the drive and flash chip should identify properly
- choose your drive number
- as task choose "L" for "Lock SPI Flash"
- read the displayed warning carefully, because locking the flash is very risky
- confirm with 'Y' for "Yes"
- the SPI flash should now be successfully locked


DosFlash16 Manual Mode Examples for LiteOn Slim 0225
------------------------------------------------------
- Extract drive key on a "PLDS DG-16D4S 0225"
  DOSFLASH LITEON K V3 1010 A0

- Unlock SPI Flash on a "PLDS DG-16D4S 0225"
  DOSFLASH U 1010 1 A0 3 0

- Read firmware on a "PLDS DG-16D4S 0225"
  DOSFLASH R 1010 1 A0 3 0 4 FWOUT.BIN 0

- Write firmware on a "PLDS DG-16D4S 0225"
  DOSFLASH W 1010 1 A0 3 0 4 FWIN.BIN 0

- Erase firmware on a "PLDS DG-16D4S 0225"
  DOSFLASH E 1010 1 A0 3 0 4 C7 0

- Lock SPI Flash on a "PLDS DG-16D4S 0225"
  DOSFLASH L 1010 1 A0 3 0


Excellent work on the MXIC / Winbond unlock by Geremia and Maximus.
As the Duke would say: Hail to the kings baby!
Kai Schtrom


  • Retour en haut

Posté 03 septembre 2011 - 12:23

#2
Falcon47

Falcon47

    Correcteur

  • Members
  • PipPipPipPip
  • 1 589 messages
  • Sexe:Male
  • Lieu:Agen (47)
Intéressant, le DOS reprend du service !
Flash tous lecteurs Xbox 360 dans le lot-et-garonne (47)
Réparation de R.O.D Xbox 360
  • Retour en haut

Posté 03 septembre 2011 - 12:25

#3
hans591

hans591

    Sunriseur elite

  • Members
  • PipPipPipPip
  • 1 095 messages
  • Sexe:Not Telling
  • Lieu:02, 59
merci... tout a l'ancienne...
Flash, jtag xbox 360 dans le 59,02...
Image IPB

Voir ici...
  • Retour en haut

Posté 03 septembre 2011 - 12:26

#4
cyberfred91

cyberfred91

    Sunriseur PRIVILEGE

  • Banned
  • PipPipPipPipPip
  • 3 586 messages
  • Sexe:Male
  • Lieu:Tours (37)
  • Passions:Jeux videos XBoX 360, informatique, Macintosh
Genial, mais c'est quand meme plus complexe que via junglflash.

Tres bonne alternative ceci dit.

ôô

  • Retour en haut

Posté 03 septembre 2011 - 12:32

#5
maxell

maxell

    Sunriseur elite

  • Members
  • PipPipPipPip
  • 1 204 messages
  • Sexe:Not Telling
Cool, moi qui n'ai jamais fait confiance à Jungle :)
  • Retour en haut

Posté 03 septembre 2011 - 12:33

#6
modif-console83

modif-console83

    Sunriseur PRIVILEGE

  • Members
  • PipPipPipPipPip
  • 8 147 messages
  • Sexe:Male
  • Lieu:France 83
  • Passions:hacking,cracking...
merci pour la maj de dos flash.
La cet vraiment le must car rien ne sera plus stable que dosflash de plus inclus le unlock et lock des MT de plus compatible winbond sa ces le top.

je testerai le unlock sur MXIC et WINBOND des que possible,

Un grand merci pour le travail effectuez

 OUVERTURE le 6 AVRIL dans le VAR à HYERES

Modification xbox 360 Fat&Slim tout lecteurs
Secteur: VAR (83)
Mise a jour gratuite*

Me Contactez, Mes Commentaires :Mon Annonce ici

http://www.logic-sun...360-hyeres.html

  • Retour en haut

Posté 03 septembre 2011 - 12:36

#7
DroYze

DroYze

    Sunriseur avancé

  • Technicien
  • 678 messages
  • Sexe:Male
  • Lieu:BZH
Cool ça ! ça rapelle des souvenirs

Flash en Bretagne, Pays de Lorient -----> Bzflash.56@gmail.com ou http://www.logic-sun...360-guidel.html

  • Retour en haut

Posté 03 septembre 2011 - 12:41

#8
ip-man

ip-man

    Sunriseur elite

  • Members
  • PipPipPipPip
  • 1 915 messages
  • Sexe:Male
  • Lieu:calais boulogne licques alembon coquelles etc ...
c le top merci .

[color ="#0000FF"] Je vous propose mes services pour le flash ou le montage jtag de votre console Boulogne, Calais et les alemtour. conctacter moi par [/color][color="#FF0000"]mail[/color]


[color="#FF0000"]mes feedbacks[/color]

  • Retour en haut

Posté 03 septembre 2011 - 12:44

#9
crash over ride

crash over ride

    Sunriseur avancé

  • Banned
  • PipPipPip
  • 637 messages
  • Sexe:Male
  • Lieu:02200 soissons
ah dosflash je l adore merci .
  • Retour en haut

Posté 03 septembre 2011 - 12:49

#10
KNi57

KNi57

    Sunriseur

  • Members
  • PipPip
  • 42 messages
Dosflash un des meilleurs softs pour le flash 360, depuis la v1.3 on voit largement bien comment il a évolué ! Enfin il me fera toujours peur sous Windows (bcp de freeze et de plantage) mais sous DOS il m'a permis de debrik plusieurs lecteurs dont pas mal de samsung !
  • Retour en haut

Posté 03 septembre 2011 - 12:50

#11
Toxyn

Toxyn

    Poney Volant

  • Modérateur
  • 4 524 messages
  • Sexe:Male
Oh, dosflash sur le retour :D

Perso jungle fait son office alors je vais y rester, mais j'en connais un paquet qui vont retourner sur dos :P

Hack de toutes vos consoles Xbox 360 et Wii sur Saint-Malo et sa région
Consoles Fat ou Slim - Flash, Hack JTAG, Reset Glitch Hack, pose Xkey

Modification des leds manettes et consoles
07.86.39.68.30
Plus de détails et commentaires sur mon annonce

  • Retour en haut

Posté 03 septembre 2011 - 13:22

#12
aza1234

aza1234

    Sunriseur

  • Members
  • PipPip
  • 129 messages
dos de retour XD
  • Retour en haut

Posté 03 septembre 2011 - 13:32

#13
sinceimdead

sinceimdead

    Sunriseur

  • Members
  • PipPip
  • 66 messages
Eh bien vous rigolez tous mais moi j'ai jamais réussi à faire reconnaitre ma carte pci par Jungle Flasher. Windows 7 et XP. Du coup, je passe toujours par Dosflash ! J'ai grandi à l'époque de Dos, du coup, ça me fait pas peur.

Moi qui venais sur le site pour revoir la procédure pour flasher le 1.91, je suis content de prendre une nouvelle version de Dosflash au passage !
Image IPB
  • Retour en haut

Posté 03 septembre 2011 - 13:37

#14
gohan6259

gohan6259

    Sunriseur elite

  • Technicien
  • 1 734 messages
  • Sexe:Male
  • Lieu:Douvrin
Dos est bien quand jungle plante, mais avec le x360usb pro, il risque de ne plus planter ^^
Image IPB
  • Retour en haut

Posté 03 septembre 2011 - 13:38

#15
COD F CONDUITE

COD F CONDUITE

    Sunriseur elite

  • Members
  • PipPipPipPip
  • 1 127 messages
  • Sexe:Male
  • Lieu:62 pas de calais
Super mais préfére rester sur le lizard y a pas foto ;)
Flash tous lecteurs xbox 360, xbox slim ; installation de puces ... dans le 62

consulter mon annonce
  • Retour en haut

Posté 03 septembre 2011 - 13:42

#16
shigure_parker

shigure_parker

    King Of Fighter

  • Technicien LS expert
  • 13 951 messages
  • Sexe:Male
  • Lieu:Marseille
Excellente nouvelle, dosflash n'a besoin d'aucun driver et ne plante jamais, je m'en sers comme solution de secours ^^

blue_forward.gifXbox360 : Flash, RGH, Réparation
blue_forward.gifPS3 : Downgrade, Custom Firmware
blue_forward.gifWii/U : USB Loader, Media Center

Travail propre et sérieux, de plus je conserve la garantie de la console !
Sur Marseille, sous vos yeux en 20min ! > > > Contactez Moi !

  • Retour en haut

Posté 03 septembre 2011 - 13:56

#17
leonkennedy

leonkennedy

    Sunriseur avancé

  • Members
  • PipPipPip
  • 348 messages
  • Sexe:Male
  • Lieu:Behind My PC :-)
Idem je flash tous mes lecteurs via DosFlash et sans aucun autre appareil.
Un simple Cable SATA, et une 360 pour alimenter le lecteur et hop tout roule comme sur des roulettes
  • Retour en haut

Posté 03 septembre 2011 - 14:03

#18
mopi

mopi

    Sunriseur avancé

  • Validating
  • PipPipPip
  • 473 messages
  • Sexe:Male
  • Passions:Toute la vérité, rien que la vérité !
Pareil toujours flasher sous DOS. C'est simple, rapide, et 100% no plantage ^^
  • Retour en haut

Posté 03 septembre 2011 - 14:12

#19
ptitgrec

ptitgrec

    Sunriseur elite

  • Members
  • PipPipPipPip
  • 1 286 messages
  • Sexe:Male
  • Lieu:CAEN
Ah ça j'aime c toujours pratique de l'avoir sous la main
  • Retour en haut

Posté 03 septembre 2011 - 14:38

#20
skedar

skedar

    Sunriseur elite

  • Technicien
  • 1 022 messages
  • Sexe:Male
  • Lieu:Caen (14)
une alternative à JF sous dos :O
plus old school
plus sûr
ça va plaire aux puristes :)
  • Retour en haut




0 utilisateur(s) li(sen)t ce sujet

0 invité(s) et 0 utilisateur(s) anonyme(s)