Print

[opencube]

Ive done a bit of reading up and it seems some people have problems with Dosflash reading their drive chip data when they have a Liteon with a 'winbond' chip on the drive.

Im not sure if this is an issue?

Heres another pic i took the other day before I attempted this hack.

i dont know how to identify the Winbond chip so thought this image may help?



Uploaded with ImageShack.us

[Buzzcut]

Hey..I use a similar Hacking Jungle method but use the same probe as them here.  When they talk about the probe points all this is doing is connecting the 3.3v pin on the probe to the lower trace and GND on theh probe to pad101, you should be in exactly the same position with your switch set to ON as at 1.45 i.e. your 3.3v line and GND are both connected.

Make sure you've got the correct SATA port connected, Hit Intro then power on, you should see your flash properties like in the vid.  Flick the switch and hit Read...this is the same as in the vid where the probe is tilted to break the p101 contact.  I have to do things slightly different, when I power on I don't get the full flash properties all that happens is the status changes to 0x72, as soon as I see this I cut the GND and only then do I get it.  If I leave the GND connected I get an error about "returning the switch to the normal position"

[opencube]

QUOTE(Buzzcut @ Sep 21 2010, 10:43 AM)

Hey..I use a similar Hacking Jungle method but use the same probe as them here.  When they talk about the probe points all this is doing is connecting the 3.3v pin on the probe to the lower trace and GND on theh probe to pad101, you should be in exactly the same position with your switch set to ON as at 1.45 i.e. your 3.3v line and GND are both connected.

Make sure you've got the correct SATA port connected, Hit Intro then power on, you should see your flash properties like in the vid.  Flick the switch and hit Read...this is the same as in the vid where the probe is tilted to break the p101 contact.  I have to do things slightly different, when I power on I don't get the full flash properties all that happens is the status changes to 0x72, as soon as I see this I cut the GND and only then do I get it.  If I leave the GND connected I get an error about "returning the switch to the normal position"

Thanks for the info.

So best to use Jungleflasher rather than Dosflash then?

Also at 1:55 just after the guy resends the command, he says he switches on and off.... is that the soldered switch I have applied to the circuit board or is that power from the ck3?

Ill give this a go around lunchtime today, and will post back further update. thanks for your help its very much appreciated.

[Buzzcut]

Yeah JF all the time especially if you've successfully done other Liteons before.

Cut the power and turn back on...not the switch (no idea why he says "on then off"...maybe it's "on after off", either way you should end up with having power to the drive).  You can either have the drive off and power it on or else have the drive on and just cycle the power as he does.  I always have it turned off then just power on after the Intro, dunno why, just works for me.

[opencube]

Back again!  


I did the following...

1) Turned on CK3 power to Liteon

2) Loaded Jungleflasher

3) Jungleflasher picked up the drive properties OK.

These are:

Vendor: PLDS
Name: DG-16D2S
F/W Rev: 9345

Reserved: a long line of numbers and letters (not posting them here in case they are serials?!)

4) Clicked Intro / Device ID button, got the pop up window, clicked OK, turned CK3 Power off then on quickly, but JF continued to Re-Send Vendor Intro.

I did it also the way you tried where the drive isnt powered on until after you ok the pop up message when pressing Intro Device ID button.

I have pasted 2 logs below of some attempts.


----------

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

JungleFlasher 0.1.73 Beta (108)

Session Started Tue Sep 21 13:45:15 2010



This is a 32 bit process running on 2 x 32 bit CPUs

portio32.sys Driver Installed

portio32.sys Driver Started, thanks Schtrom !

Found 4 I/O Ports.

Found 1 Com Ports.

Found 5 windows drives A: C: D: E: F:

Found 0 CD/DVD drives



Sending Vendor Intro to port 0x1150

Status 0x51

Re-sending Vendor Intro:

.....................................................................................................................................................................................................................................

[opencube]

think ive cracked it  

i had been having the soldered switch in the wrong position.

I Have to have it in the off position so that JF could pick up the chip data, then turn the switch to on (towards the resistor) to get it to read the drive key.

So all good so far...but i get a warning saying that there is missing drive data... i clicked proceed and was then offerent to repair the serial from drive barcodes... what do i do?

Thanks

[Buzzcut]

No that's fine...if the serial data is missing then it's missing.  You CAN repair it but there's no point, just go ahead without rebuilding the serial.  

You've then got a choice, you can disconnect everything, repair the traces then flash as any other Liteon but you CAN Write the CFW straight back after you Read.  I always save the new LT firmware, repair then write.

Glad to hear it's finally going smooth...

[opencube]

Im stuck at the last hurdle!


Got the Key, and saved it, and also saved the spoofed fw too.

With the Soldered switch set to OFF (away from the resistor) I pressed LiteOn Erase

Then used Write to write the CFW to the drive, howver it fails verification.

What am i doing wrong here?

ADo i need to power cycle or toggle the soldered switch at all?

Thanks

[Buzzcut]

As I say, as soon as I've got the key and saved my cfw I repair the traces then flash as normal.

Repair your cuts and do the following.

Connect drive and power it, open JF, load your cfw, choose correct port and drive properties should appear.  Click Erase twice, recycle power and you should get into Vendor mode...click Write.  Done.

Don't worry if you don't get any drive properties as you may have erased the drive with your previous attempt.  If this is the case then just hit Intro and recycle power, you should get Flash properties now...click Write.  Done.

EDIT - Try the SATA port on the side of the VIA card.  I don't use the one furthest in on the back of the card.

[opencube]

whoop whoop! great success!!

lol

thanks for all your help, its been much appreciated!

[yahooman123]

I just fried my 93450c. Can someone clear some things up for me?

I thought I soldered everything perfectly. When I hooked up the drive to the power, it would not start. The xbox would flash green eject light, and jungleflasher was not detecting any drives with a FF error. The main chip on the drive was not getting warm.  

Afterward I decided to desolder and restore the drive to normal. I soldered a wire across the top trace (above pad 101), and tried again. This time the power was going through but pad101 started shooting fireworks. The hole got fried and now looks black as sun dried shit.

I need to know if pad101 actually needs to be connected to the trace (between the jump) because I noticed it is in the pictures. I'm assuming pad101 is the point where power first starts circulating through the whole PCB, and on my first try I did not solder the pad101 hole to the trace, therefore the drive was powerless?

Also, when it is time to patch the traces, the trace no longer needs to be connected to pad 101, right?

A reply would be helpful. Thank you.

This post has been edited by yahooman123: Sep 25 2010, 03:03 AM

[Dark Mod]

QUOTE(yahooman123 @ Sep 24 2010, 10:00 PM)

I just fried my 93450c. Can someone clear some things up for me?

I thought I soldered everything perfectly. When I hooked up the drive to the power, it would not start. The xbox would flash green eject light, and jungleflasher was not detecting any drives with a FF error. The main chip on the drive was not getting warm.  

Afterward I decided to desolder and restore the drive to normal. I soldered a wire across the top trace (above pad 101), and tried again. This time the power was going through but pad101 started shooting fireworks. The hole got fried and now looks black as sun dried shit.

I need to know if pad101 actually needs to be connected to the trace (between the jump) because I noticed it is in the pictures. I'm assuming pad101 is the point where power first starts circulating through the whole PCB, and on my first try I did not solder the pad101 hole to the trace.

Also, when it is time to patch the traces, the trace no longer needs to be connected to pad 101, right?

HOLY LITEON BATMAN.....you assassinated a good drive mate.....you have the drivekey or not?

[yahooman123]

No, I do not have the key. I know..the xbox is useless now. I just want to be sure I'll get the soldering right on my next try.

[ravendrow]

QUOTE(Suicyde @ Dec 16 2009, 01:22 PM)

Having real difficulty getting a "clean" cut on the traces - and a dremel tool isn't an option at the minute. I've been using a small flat head screwdriver, and had very limited success, and not a very good result!

Any tips on a particular tool to use?

Thanks in advance -
Cyde

dude! WTF!! seriously go and get a box cutter stop using the screwdriver . why would you even try?? razors are cheap and i mean CHEAP and they cut threw the traces like butter

[yahooman123]

I have a brand name razer and could not get any good cuts with it. All it did was make thin hair line scratches on the traces. When I applied more pressure the blade slid across the board and I scratched the whole thing. Using a razer sucks in my opinion.