Author Topic: Question about backdoor.doc by eric  (Read 6520 times)

rweber

  • Jr. Member
  • **
  • Posts: 1
    • View Profile
Question about backdoor.doc by eric
« on: March 08, 2006, 02:26:08 am »
Dear Sirs,

i've got a question about erics description installing a bootvector backdoor. He writes:


bootck:
     jb  P3.1,xxxyyy ;TxD always high without cliplead
     mov  AUXR1,#020h  ;enable boot
!!insert parametres for set boot vector as in AN 461 pg 14
     call 0fff0h
!! insert parametres for set status byte as in AN 461 pg 14
     call 0fff0h
     jmp  $            ;wait for reset


I understand the comments about adding code for setting the boot vector and status byte.

But first, I think, the boot vector and status byte must be erased before they can be reprogrammed?


regards,
robert

erikm

  • Full Member
  • ***
  • Posts: 113
    • View Profile
Re: Question about backdoor.doc by eric
« Reply #1 on: March 08, 2006, 05:05:43 am »
never erased them, NoTouch works same way, never heard of it not working.

Erik

erik

Jan Waclawek

  • Full Member
  • ***
  • Posts: 220
    • View Profile
    • EFTON homepage
Re: Question about backdoor.doc by eric
« Reply #2 on: March 08, 2006, 09:13:20 am »
Yes, but they erase - contrary to the rest of FLASH - to 00h, so if you have the chip running the application from 0000h, you have at least the status byte in the erased state...

Not anything you will read out from the datasheets but you can find it out yourself experimenting with IAP using a terminal program rather than [inserted]FlashMagic[/inserted][strikethrough]FLIP[/strikethrough], if you are brave enough (or if you have a parallel programmer at hand :-)

Jan Waclawek



Post Edited (03-09-06 01:17)

erikm

  • Full Member
  • ***
  • Posts: 113
    • View Profile
Re: Question about backdoor.doc by eric
« Reply #3 on: March 08, 2006, 01:26:11 pm »
Not anything you will read out from the datasheets but you can find it out yourself experimenting with IAP using a terminal program rather than FLIP, if you are brave enough (or if you have a parallel programmer at hand :-)

FLIP??? in a FlashMagic forum, that is high treason

Erik

erik

Andy Ayre

  • ESAcademy Staff
  • Sr. Member
  • *****
  • Posts: 2156
    • View Profile
    • Embedded Systems Academy, Inc.
    • Email
Re: Question about backdoor.doc by eric
« Reply #4 on: March 08, 2006, 01:27:39 pm »
Not high treason, just a bit confusing. :)

Embedded Systems Academy, Inc.
support at esacademy dot com

Jan Waclawek

  • Full Member
  • ***
  • Posts: 220
    • View Profile
    • EFTON homepage
Re: Question about backdoor.doc by eric
« Reply #5 on: March 09, 2006, 12:19:48 am »
Sorry, tired a bit...
But it would be nice to have a common tool, wouldn't it? I'd guess it would be a piece of cake for Andy to support all of them, just the sponsor of FM would not like it at all...
;)

Jan Waclawek



Post Edited (03-09-06 01:20)