Print

[ProphetOfPain]

QUOTE(ruciz @ Aug 5 2011, 03:32 PM)

If you have a dump, you can buy ANY slim liteon board (TX or OEM) and unlock that and write your stock or modified firmware back. Each firmware and each board is locked to each console.

I believe I read that if you have the KEY ONLY from SLIMKEY that alone is not enough to reflash an OEM board and would require the tx one, but having the full dump can flash oem no problem?

[360newb617]

QUOTE(ProphetOfPain @ Aug 5 2011, 10:26 AM)

I think you are trying to reinvent the wheel.   After you unlock it and flash it, it will lock again.  So yes, in the future if you want to UNLOCK you can touch the 3.3 volt/resistor to your previously dremmeled spot.  OR, just click the piezo lighter (be mindful of components near so focus just above the chip) and click!  THe spark will set the bit to unlock and you can flash again.

I believe you have to unlock to get a full dump so you would want to do slimkey and save the key of course just as tutorial says.  I don't know if you have only the key if that's enough to program another original slim board since it has the serial data etc, someone else have to answer.  BUT, of course once you have the key you can save yourself with a tx pcb if you have too.  

NOW.. I would like to know how do you perform this without a lizard?  I'm running spiunlock but its just bouncing from 80 to 52 when I power cycle.  Can't I get the slim pcb into vendor mode with a probe or what not?  All i've done is phats.  I seen a video where the guy probed it but was in another language and he didn't show the board.  Looked like he had a reisistor to ground and then touched it somewheres but want to be 100 certain as to where.

but if you cant get a full dump from a locked board, then if you get a tx board then how do you get a full dump from your locked board to put on the tx board? i mean you can do a  slimkey and get the key ,just the dummy.bin and put iextreme fw on it wih no problemwith just that right?you dont need a full dump for that do you? ,you just need it to put the stock fw back right?or make it easier to put the stock fw back? but then what if you want to to put original fw back on it ,like to update the dash and iextreme in the future? you wont have a full dump of the stock fw,

[360newb617]

QUOTE(ruciz @ Aug 5 2011, 10:32 AM)

yes
after initial unlock with 3v3 drill probe, lighter will do the same thing after that. if you were talented, and quick, you could use the lighter and drill bit. I think you would burn stuff though.
The lighter is connected to nothing. The lighter will create the weak high signal due to itself. it don't need a reference.
If you unlock the chipset, you can do a full firmware dump from the chipset. If you screw up and DON'T unlock the chipset and kill the board, you better hope you have a backup key or the console is officially dead. X360USB can pull the key from the console as well as the lizard. I don't know if the key dumper geremia wrote (tarablinda) for the 9504 will work on the locked 225 or 0401. I presume it would.
If you have a dump, you can buy ANY slim liteon board (TX or OEM) and unlock that and write your stock or modified firmware back. Each firmware and each board is locked to each console.

wait so your saying i cant just do a slimkey with JF and get my key, the dummy.bin? doesnt that dummy.bin have the key i need? insnt all i have to do is extract the key/dummy.bin with JF using slimkey? ,but without the full stock fw dump i should still be able to put lt+ 1.9 on no problem right? ,but then if i want to go back to stock fw it will be harder without the full dump right?
if you cant get a full dump from a locked board, then how is getting a tx board any different? you still wont have a full dump of your stock fw, if you cant get a dump from a locked boad right?
why would you need a full dump with this method ,but not if you get a tx board?
isnt the only thing you need the full dump for , to put the stock fw back? like if you want to go back to stock fw before a dash update?
why cant i just grab the key with JF ?and then use that dummy.bin to flash lt+1.9?

[uN0pEn]

Thanks Geremia!

[uN0pEn]

Just wanted to add that I have re-unlocked SPI simply by running my finger over the drill hole.

Oh and I have not used the 3.3v 100 ohm resistor method as I have feared that the 3.3v could carry and damage other parts of the chipset. I am unlocking Winbonds just fine without it. Just the dremel (no 3.3v) to be clear. I also havent had any strange side effects either with this method.

[360newb617]

QUOTE(uN0pEn @ Aug 6 2011, 04:40 PM)

Just wanted to add that I have re-unlocked SPI simply by running my finger over the drill hole.

Oh and I have not used the 3.3v 100 ohm resistor method as I have feared that the 3.3v could carry and damage other parts of the chipset. I am unlocking Winbonds just fine without it. Just the dremel (no 3.3v) to be clear. I also havent had any strange side effects either with this method.

so did you wear your dr dentons and slide across the carpet 1st?
its summer where i am ,we dont usually get static shocks in the summer with the humidity and all
but i could see this being really easy n the winter, like if you got it to work without static and someone else isnt so lucky, then they could try a static shock but  do you think that a static shock or a spark froma piezo ,is less dangerous than the resistor? im not so sure

[Bitte3602]

Hi all

I need alternative point for this point whit the ORANGE SQUARE becouse my friend give me the pcb whit the orange selection full broken pad and i want repair for him.

edit:
all ok i hav fix it wire in the pin mt

[360newb617]

can someone please make a start to finish tutorial video on how to mod 0225 winbond with the new JF and a via or onboard sata card?

one that shows how to dump the key and stock fw , all the way through flashing the new 1.91 fw
and maybe how to dump the stock fw,and how to flash stock fw back as well
without crappy music or silence,one where you explain step by step what you are doing clearly in each step
and use a camera with good focus so we can read the screen and jf screens
now that the new jf has been released

or wrte a really good noob friendly one with lots of pics?

also will the new jf just support the gremia hack? or it wont?  or will it ,or does it have a better way ,like one that does not involve drilling something?like could the new jf just unlock it ,dump it ,and flash it with the russian method or a probe or something,or software only?

[ichigoxxx]

QUOTE(360newb617 @ Aug 7 2011, 11:05 PM)

can someone please make a start to finish tutorial video on how to mod 0225 winbond with the new JF and a via or onboard sata card?

one that shows how to dump the key and stock fw , all the way through flashing the new 1.91 fw
and maybe how to dump the stock fw,and how to flash stock fw back as well
without crappy music or silence,one where you explain step by step what you are doing clearly in each step
and use a camera with good focus so we can read the screen and jf screens
now that the new jf has been released

or wrte a really good noob friendly one with lots of pics?

also will the new jf just support the gremia hack? or it wont?  or will it ,or does it have a better way ,like one that does not involve drilling something?like could the new jf just unlock it ,dump it ,and flash it with the russian method or a probe or something,or software only?

 did u read the read me txt
and there's a tutorial in JF in the folder call documentation
and yes both hack are supported Russian and Geremia

[DARKFiB3R]

x360usb > JungleFlasher > 0225 winbond > soldering iron > beep >

Spi Status: 0x00
Manufacturer ID: 0xEF
Device ID: 0x11
Flash Name: Winbond/NEX(W25P20/NX25P20)
Flash Size: 262144 bytes

Click read

Getting Status from port 0x0000
Invalid Status 0x0



Status 0x80
Re-sending Vendor Intro:
..........
Serial flash found with Status 0x72

Sending Device ID request to port 0x0000
Spi Status: 0x8C
...........................................

Keep digging? Probe? Help!!!!  

[ichigoxxx]

QUOTE(DARKFiB3R @ Aug 8 2011, 11:19 AM)

x360usb > JungleFlasher > 0225 winbond > soldering iron > beeb >

Spi Status: 0x00
Manufacturer ID: 0xEF
Device ID: 0x11
Flash Name: Winbond/NEX(W25P20/NX25P20)
Flash Size: 262144 bytes

Click read

Getting Status from port 0x0000
Invalid Status 0x0



Status 0x80
Re-sending Vendor Intro:
..........
Serial flash found with Status 0x72

Sending Device ID request to port 0x0000
Spi Status: 0x8C
...........................................

Keep digging? Probe? Help!!!!  

 can u post a picture?

[uN0pEn]

QUOTE(DARKFiB3R @ Aug 8 2011, 10:19 AM)

x360usb > JungleFlasher > 0225 winbond > soldering iron > beep >

Spi Status: 0x00
Manufacturer ID: 0xEF
Device ID: 0x11
Flash Name: Winbond/NEX(W25P20/NX25P20)
Flash Size: 262144 bytes

Click read

Getting Status from port 0x0000
Invalid Status 0x0



Status 0x80
Re-sending Vendor Intro:
..........
Serial flash found with Status 0x72

Sending Device ID request to port 0x0000
Spi Status: 0x8C
...........................................

Keep digging? Probe? Help!!!!  

The heat from the soldering iron may create false positives.

[DARKFiB3R]

Seems the chip had re-locked somehow, dabbed the hole with a bit of isopropyl alcohol on a sock (I'm all out of cotton buds/q-tips lol), and it unlocked again.

Write verified OK !
Restore verified OK !

Happy days

Just a few twists of the iron each time, with a bit of pressure. Started hearing crackling through the speakers in time with the twisting of the iron, thought it was taking too long so stopped for a while, thought I had gone too far.

Decided to carry on, because if it was already fucked....

Few more twists of the iron and I heard the beep. I think JungleFlasher uses Windows default beep, so maybe you should make sure you haven't disabled windows sounds.

[DARKFiB3R]

The finest tip you can get your hands on, a flat tip would not be good.

I used the tip that came with my rework station (Aoyue 968) and had it set to around 330 °C



Some other useful items

[BTslo]

I can't seem to get into vendor mode, I'm using a RRoD box as a power source. The drive is recognized in JF, but when I power cycle nothing happens. (tried turning the xbox on/off and unplugging and plugging the power connector to the drive. Could it still be a chipset issue even though the drive is recognized in JF? Do I need to do the MPX01 probe trick?