|
Title: MEG1.1 IROM Dump - need to check Post by: nighthunter on December 03, 2018, 01:35:30 AM Hi friends.
Today after reversing the PCB, its time to make CPU dump. Ive dumped the C167CR with minimon. Can someone take a look on it and tell if the data are valid? Dumped from 0-7FFF; Title: Re: MEG1.1 IROM Dump - need to check Post by: 360trev on December 21, 2018, 06:56:08 AM Well its definitely looking good IROM dump.
Q. Can you also upload the firmware too. Usually they are a mirror of the 1st 32kbytes of firmware (but ofcourse not every variant is like that)... Has all the boot loader jumps, signatures and is C167 code... Would be a great guide to document exactly what you did to help others. Very few guides explain how to dump IROM and not a single guide on here. Title: Re: MEG1.1 IROM Dump - need to check Post by: nighthunter on January 01, 2019, 10:56:49 AM Hi,
firstly happy New year to all Nefmoto readers. Yes i will definitively write an guide, but for now im running out of time. This was the first attempt to read it out. I have plenty of these Ecus here from the types 0261 205 004, 0261 205 005 and 0261 205 006. I am reversing the PCBs layer by layer (yes i grind it down to internal layers) and they seems to have only minor differences, one thing i noted, that some of them - 004 and 005 are using the C167 with internal ROM as stated on the package marking, but 006 is stated that is an C167 romless, but i didnt yeat read it as i was last 3 weeks laying sick :-(. My guess it that the marking is just an camouflage and i also read out some ROM. Q.: Btw, is there an abitiy to inject code to RAM and run if from specific location in MINIMON, or breakpoint the current loaded code ie running the ecu and halt on breakpoint? |