Work box win7 32bit, Laptop as a 3rd computer win7 64bit, desktop i'm having problem with is a win7 64bit. In both instances I notice the com port being assigned is below 10, however on my desktop its com20
and updated the Pic firmware "OLSv1.firmware.v3.0.hex" and the FPGA Rom "Logic_Sniffer_dynamic_depth_2.12.mcs/.bit" using the software ols-0308.zip.
Win7 64 see's the device fine the driver installs, everything is peachy although when I run the software and hit capture it displays "Capture aborted! Failed to open/use COM20! Possible reason: No such port!"
SO.... I'm wondering if there is a bug in the software that does not allow comports to be used above 10?
I can change the port to one lower then 20, such as 7 and it gives me the same error message.
are the two items I flashed onto the device the newest?
As it stands the device works fine on my laptop and desktop @ work... funny thing is I have never had an issue in the past with this..
One thing I do notice I'm not sure how to explain this, but it seems like when a device using the FTDI chip or some generic serial device is plugged in, windows assigns the device a port number then it always gets that number plugged in, which is why it says ports 1-18 on my machine are in use when in fact they are not in use...
1) what firmware should I be at? 2) Boot loader? should I update this? 3) Only once it showed up as CDC-232 or whatever the device manager name is.... not sure what thats about..
However I run it on my machine win7 x64 and for some reason the software says it cant find comport. I plug the device in and it shows up as com20 in dev manager.
The only thing I have done recently is update its firmware. I have tested it afterwords on my work PC.
I just have no idea what to try... funny is the driver for this thing is from 2007 is that right? I'm out of ideas... but I know whatever it is it has to be something stupid... because it always is!
I really know nothing about programming Atmel's however I find it best to dive in head first... the water is murky and hopefully its not 3 inches deep.
SO I'm going to go out on a limb here I want to know what the feasibility is of JTAG'ing a device after finding the correct pins and attempting to pull a firmware off it.
When really a lack of any documentation exists.. Lets say... no documentation exists although since the device is apart I can identify the chip.. so Having the bus blaster and also the bus pirate and a logic sniffer.
I'm trying to use the bus blaster to pull firmware off a known device such as the wrt54g once I find instructions for this , I'm hoping I can apply this to something of unknown origin. Personally I don't care about the wrt54g I'm just pointing this out as an example.
Where do I start?
I thought I'd make this a new thread since the other thread I started kinda went all over the place.
Hey everyone, I managed to pick up a Logic Sniffer and got it in the mail last night.
The logic sniffer has Jtag pins on them is this for programming the logic sniffer? or is this for other things? I also noticed that it has a lot of through hole items that can be soldered onto the board what are all these pins for? I couldn't find any info on this.. However I could be blind.
So I'm going to toss out an idea I think it would be really cool to see someone build a Giant POV display on like a wind turbine, have it display something like the time or pacman? i dont know something to make those wind turbines really cool at night.
No no I explained it wrong, I have yet to try OpenOCD so I'll use your info and poke with it, I am new to JTAG in terms of the debugging aspect, as for Jtag pulling/writing firmware, I thought that's the only use for it.
Hope that makes sense.
As for debugging the DDWRT what exactly can you do with the Ejtag when DDWRT is running on it? poke a memory address so that its transmitting at 251mw vs the default without going into the router config and applying it?
or is it more for checking ...............I drew a blank here.
I didn't think anyone condoned hacking but Ive always liked ripping into things like that, seem to be the most exciting, however I do it for myself not for others, the buck stops at me.
Tjtag,
I think maybe I did not explain myself as to my intentions towards the DDWRT. Basically since the wrt has a lot of documentation I thought Id take the wrt as an example and jtag it with the BusBlaster and attempt to pull firmware off and write it. Maybe its possible that the bus blaster was something un necessary in my poking around / hacking arsenal of tools. My main goal is to jtag targets that really don't have any or a whole lot of documentation and pull firmware/hex edit it/ then put it back onto the device for new features or simply the fact to do it and see if what I want to happen happens really.
I have a JtagNT as well as its software and it seems to work on the ddwrt very easily as it has config files for it "-Detect, ldram "address" "size in bits" and it pulls the data off it. Ian mentioned that BDSL files are used in jtag for communication with chips, so JtagNT software probably has that on the back end of things.
So maybe its a lack of windows software that does this for the bus blaster? I haven't really seen a whole lot of documentation on the bus blaster and maybe its too new
First off, you have been THE most informative person I have ever spoken with on a forum.
Well one of the chips is a St19af08 , appears to be some smartcard mcu <-- I can find a 2 page data sheet that tells me nil :( no pinout info. STA801 <-- DSP for sat radio also trying to find the pinout info on this. STA855 "BGA" <--- no pinout info either STA210 No pinout info And these 2 chips..
Also the link you posted a couple posts back on hackaday I like this info! I wish there was more documentation on the bus pirate and how to do certain things although this is a good start for me to poke around with it! digging it. I did get a kick out of the laundry card hack where the person makes his card hold 99.99
I see some very good info! I would really like to try that JtagEnum software on the Arduino but rather use a Mega "I have zero knowledge to these"
And scan for jtag pads.
What is the feasibility of 1) Finding jtag pads 2) pulling firmware off a flash chip?
Are these 2 things just giant leaps?
I'm not sure how the jtag NT does it, but when I do a -Detect in the software it probably compares it with a config file for the chip and lists it in plain text? probably the same thing with Urjtag right? an unknown chip will just spit out a binary id "if the jtag is connected correctly, and the Urjtag does not support the chip" am I spot on?
I see, well I'm not really trying to debug it, Mainly concerned with pulling flash off the device and putting it back, perhaps using a hex editor and comparing changes.
Is there a way I can do this without knowing really anything about the hardware , kinda attacking the problem blind?
So far this is what I'm planning on doing, since I have documentation about pulling firmware off the wrt54g with the JtagNT and its software I want to try it with Urjtag software and compare flash results to make sure its the same I probably wont have access to the bsdl files and svf files so that's a no go "Unless you said theres a way of creating them from a scan?? if so GENIUS good news for my project" But I thought pulling flash off a device was somewhat of a generic item? I can read flash type or have a general idea how big the flash is couldnt I just like trial and error the number since flash sizes are pretty generic.. perhaps?
However It would be awesome to start viewing ram while the device is running, like how you can edit memory address in emulators to cheat, I'm guessing the bsdl files break up memory so you can view each chips memory/data within the jtag chain?
So I wonder if anyone has any idea what that DR length is... Again I want to learn about this so later when I start attempting to learn about other unknown jtag targets, maybe I'm missing the big picture but is there any generalized documentation that anyone knows about?
Hey there Ian, I was able to get this working, I found a hole that had 3.2volts and once I connected it, the target LED lit up on the bus blaster. So thanks :)
So I was going though the list of stuff "I'm new to jtaging something that really isn't documented" SO that above image can you tell me what the values on the right are, 1, 594, 32, 594, 32 are??
I'm guessing this is jtagable hardware on the chain that you can debug??pull firmware/write firmware too??
Oh, Okay so that makes sense, I always wanted to know what the difference was between a buffered and un buffered jtag device
I guess I should poke around the board and find a suitable pin to pull the correct voltage off, I guess I thought that's why you ground the jtag device so you have a ground reference pin and the other pins monitor the voltage differential on the other pins.
Yes this works with my JTagNT. I'm guessing its my lack of knowledge in the subject and my effort into diving into things head first, but is there a way to test jtag adapters via a loop-back of sorts?
As for what's powering the buffer "Not sure what you mean" In my setup I have the router powered up with the jtag pins attached to the BusBlaster. I did some reading on what the VTG pin is, "Voltage Target Detect" is this something that needs to be jumpered? or does a wire need to be connected to it then onto another pin on my target device?
I'm not familiar with the VTG pin... I'm potentially guessing that its a bus blaster specific thingy?
And these 2 chips.. 
