Unfortunately we do not accept new members for free, Now Registration cost 30€, if you are interesting Send Email to [email protected]
Evo component protection active
18-03-2017, 02:08 AM,
Post: #1
|
|||
|
|||
Evo component protection active
Hi,
Is it true that you cannot downgrade the major software version (e.g. 005 -> 003 / 003 -> 001) if component protection is activated? Sent from my iPhone using Tapatalk Pro |
|||
18-03-2017, 10:05 AM,
Post: #2
|
|||
|
|||
RE: Evo component protection active
Sure you can, you just have to do it manually from QNX emergency IFS or "Bootloader" how is it called around here.
|
|||
19-03-2017, 10:54 AM,
(This post was last modified: 19-03-2017, 12:05 PM by aboulfad.)
Post: #3
|
|||
|
|||
RE: Evo component protection active
|
|||
19-03-2017, 21:07 PM,
Post: #4
|
|||
|
|||
RE: Evo component protection active
(19-03-2017, 10:54 AM)aboulfad Wrote: Slightly OT, so QNX is the RTOS used in NBTEVO, and that there is a way to access the image file system (IFS)? I guess the HU has to be benched? you dont have to bench it, you can reboot it into, and from BL you can flash chips, eeprom and attached with whatever you wish. And yes, QNX is used on all HU's from CIC, before that CCC used VxWorks (terrible OS and terrible motherboard design), and e65 iDrive used WindowsCE
|
|||
20-03-2017, 01:02 AM,
Post: #5
|
|||
|
|||
RE: Evo component protection active
(19-03-2017, 21:07 PM)intel123 Wrote:(19-03-2017, 10:54 AM)aboulfad Wrote: Slightly OT, so QNX is the RTOS used in NBTEVO, and that there is a way to access the image file system (IFS)? I guess the HU has to be benched? Hehe I've developed on VxWorks some time ago... I can't believe they used WinCE, now that's a terrible embedded OS. I've tried different methods, but there's almost nothing that can get me into HU_NBT, I know it runs a light httpd, and ssh ports are closed (although there's a public key stored in BL), so any clues how to reboot it into QNX? Please? |
|||
20-03-2017, 08:19 AM,
(This post was last modified: 18-04-2017, 11:13 AM by volavka.)
Post: #6
|
|||
|
|||
RE: Evo component protection active
(20-03-2017, 01:02 AM)aboulfad Wrote: you dont have to bench it, you can reboot it into, and from BL you can flash chips, eeprom and attached with whatever you wish. And yes, QNX is used on all HU's from CIC, before that CCC used VxWorks (terrible OS and terrible motherboard design), and e65 iDrive used WindowsCE Hehe I've developed on VxWorks some time ago... I can't believe they used WinCE, now that's a terrible embedded OS. I've tried different methods, but there's almost nothing that can get me into HU_NBT, I know it runs a light httpd, and ssh ports are closed (although there's a public key stored in BL), so any clues how to reboot it into QNX? Please? [/quote] Yes sure, its pretty simple, but way i see it you have two easy options: 1) you can connect to a console via UART TTL and go from IPL 2) create usb autorun script/bin which will enable sshd and telnet(inetd), and while you're at it you can modify shadow as well or any keys etc if you have background in vxworks this will be very easy then, after getting shell access it becomes very easy, architecture is very well known and documentet, it runs ELF so you can CK binaries, or just hotpatch them, make inline hooking or whatever else you wish with them... toolchain for compilation is more or less standard and fully provided by blackberry/QNX so...
|
|||
Reputation: +3 - ruben_17non [+1] , danyro [+1] , Czozen [+1] , aboulfad [0] | |||
20-03-2017, 11:07 AM,
Post: #7
|
|||
|
|||
RE: Evo component protection active
(20-03-2017, 08:19 AM)intel123 Wrote: Yes sure, its pretty simple, but way i see it you have two easy options: Thanks for sharing, now I did development in VxWorks eons ago, but i never said I was a hacker Option 1 requires physical access and you'd have to remove the HU. Now Option 2 is way interesting and that confirms what I've been wondering about for a while. I have qnx6.5 installed, so I need me to learn some stuff! Appreciate all the pointers. |
|||
22-03-2017, 03:31 AM,
Post: #8
|
|||
|
|||
RE: Evo component protection active
|
|||
22-03-2017, 06:32 AM,
Post: #9
|
|||
|
|||
RE: Evo component protection active
(22-03-2017, 03:31 AM)bmwdd Wrote:(18-03-2017, 10:05 AM)intel123 Wrote: Sure you can, you just have to do it manually from QNX emergency IFS or "Bootloader" how is it called around here. since you dont understand and its already explained in detail, maybe its better for your own good not to touch anything as you do not understand how this works and will mishandle it in one way or the other.
|
|||
« Next Oldest | Next Newest »
|
Users browsing this thread:
1 Guest(s)
1 Guest(s)
Return to TopReturn to Content