I have a arduino sketch that compiles fine and it runs my code as expected and I thought it would be neat to try and do the same thing with a bus pirate... further my lack of knowledge on SPI...
What I would like to understand is how to properly do the same thing with bus pirate syntax? I know I need to use [ to pull CS low and it looks like it sends data, then reads data, then sends data exct...
Could someone help out with the syntax when you go into the SPI mode? and then perhaps what string to type in on the command line?
I'm trying to learn the basics of how the BP works with I2c and how I2c works in general, the conciseness seems to be syntax like this I2C>[0xee 0xF4 0x2E] [0xef r:4] StartClock WriteChipID Register EndClock StartClock ReadChipID ReadRead EndClock
From what I have gathered what's pretty much static is PullCS Low | Identify chip "0xEE" | Select the register the data is in "0xF4" and any additional info "0x2E" | PullCS High | PullCS Low again| Select read register "0xE4" | then immediately read 4 bytes of data depending on what the spec sheet says it responds with |
From a "this is how all i2c devices work" is this the norm? or are there any tid bits of information that I'm lacking.
Last night I was poking around with my Bus Pirate and a i2c adafruit gyro thingy I had to buy and then It hit me...
I'm looking at sample code for things i2c and C++ and it seems to me ...that the amount of code that goes into writing i2c things from the arduino IDE seems like there might be a somewhat more interesting way to interface it.
Aside from owning a BusPirate "everyone should have one" I don't really know how people debug/attempt to program their arduino and interface an i2c device from scratch, granted there is a lot of sample code out there so I can't imagine anyone really starts with nothing these days when it comes to arduino sketches....
The idea I have is to be able to take the BusPirate i2c syntax and specify that right within the arduino sketch. Is this stupid? value = [0x7d 0xf4][0x7e r:3] <--- Wouldn't that be fantastic.
About a month ago the bus pirate syntax didn't make much sense, now after looking at some data sheets with i2c devices I understand what does what, and the syntax is so easy....
I picked up a BMP085 Baro/Temp i2c sensor off Dealextreme two weeks ago and connected it up to the BusPirate the other night and have been poking around with getting it working, the sensor is documented pretty well and there are guides online to interface it with the BP.
Before I get into the technical details, I'm pretty new to spi/i2c and other modes with the BP so if you spot something that's ovbious feel free to comment on it.
What I'm trying to do is read the uncompensated temp reading off the sensor and I have succussfully done this, except it's strange why this works.
The example I saw was to read register 0xAC which contained a single byte of data. I2C>[0xEE 0xAC [0xEF r] this is the same as I2C>[0xEE 0xAC] [0xEF r] This returns 0xFB ... thinking great I typed something in that worked.
0xEE is the device write address, 0xAC is the register that contains the data, 0xEF is the device read address, then r is read a single byte.
Moving on..
Looking at the sample code above "1st link" I scrolled down to the part where it shows sample uncompensated temp
I send the following statement from the BP Interface I2C>[0xee 0xF4 0x2E [0xef r:4] It returns READ: 0x0A ACK 0x00 ACK 0x61 ACK 0x0A READ: 0x0A ACK 0x00 ACK 0x61 ACK 0x0E <-- A few moments later after my finger is on the sensor to warm it up "its working"
so noticing that it looks like the first two bytes are junk.... or are they?????????
I change the syntax to
I2C>[0xee 0xf6 0x2e [0xef r:2] .. I'm incrementing the register two bytes to read "only the portion I need" and only reading two bytes. I am thinking doing this should give me READ:ACK 0x61 ACK 0x0E rather then READ: 0x0A ACK 0x00 ACK 0x61 ACK 0x0E
This is where it gets weird,
if I type in I2C>[0xee 0xf6 0x2e [0xef r:2] it returns READ: ACK 0x61 ACK 0x0E
Now if I put my finger on the sensor to heat it up or cool it down it *ALWAYS returns back the last sample it made....
WHY does it do this? Am I doing something horribly incorrect?
Thank you, --Aaron
Honestly these posts are getting so complicated it might be easy to just skype with someone for a couple moments...
Hi everyone I have this 16 character display from dealextreme... I love this place. I have this http://tronixstuff.wordpress.com/2012/0 ... y-modules/ and was trying to poke around with it on the bus pirate and would like to get it to do something.
I already have it working with the supplied source code off that page although...the source code isnt all that polished up.. More on that later if anyone has one of these
I want to connect this to my Buspirate v3b and the way its connected now clk goes to clk, gnd to gnd, +5 to +5 and the data in pin on the device connects to Moso and trying i2c mode and spi mode in various configs I cant get any digits to do anything.. I know it's something really minor but was wondering if someone who is a Buspirate expert to give me some pointers.
I have some eBay Receiver modules for a 8 channel transmitter made by FrSky two of them are D8R-II Plus two of them are D8RSP
Each receiver is an 8 Channel receiver although the D8RSP is the better of the two with the 8th channel being PPM output rather then a normal servo out channel, this is very helpful as you can run 1 wire to your arduino vs 8 to get all the channel data into the micro controller such as a quad copter or robotics for whatever reason.
Boredom got the best of me and I took both of these apart and they are identical in design.
My thinking is , can I dump the code off the better device and put it on the cheaper one so I don't have to buy the better boards?
I'm not very familier with the cortex cpu's although I have used a bus pirate to dump and reprogram code on an atmega chip... is it the same kind of wiring with these? I don't know where to start..
I have a DSO quad I have thats barely used that I want to get rid of. I have some of the MCX - BNC adapters for normal Oscope probes and two included probes.
I'm not sure what its worth although they are 200 new. -- Edit* 166 on ebay!
Feel free to send me a private message and I'll respond.
--- if this topic isn't something that should be here please feel free to send me a private message and remove my post. Thanks, --Aaron
1) what firmware should I be at? 2) Boot loader? should I update this? 3) Only once it showed up as CDC-232 or whatever the device manager name is.... not sure what thats about..
However I run it on my machine win7 x64 and for some reason the software says it cant find comport. I plug the device in and it shows up as com20 in dev manager.
The only thing I have done recently is update its firmware. I have tested it afterwords on my work PC.
I just have no idea what to try... funny is the driver for this thing is from 2007 is that right? I'm out of ideas... but I know whatever it is it has to be something stupid... because it always is!
I really know nothing about programming Atmel's however I find it best to dive in head first... the water is murky and hopefully its not 3 inches deep.
SO I'm going to go out on a limb here I want to know what the feasibility is of JTAG'ing a device after finding the correct pins and attempting to pull a firmware off it.
When really a lack of any documentation exists.. Lets say... no documentation exists although since the device is apart I can identify the chip.. so Having the bus blaster and also the bus pirate and a logic sniffer.
I'm trying to use the bus blaster to pull firmware off a known device such as the wrt54g once I find instructions for this , I'm hoping I can apply this to something of unknown origin. Personally I don't care about the wrt54g I'm just pointing this out as an example.
Where do I start?
I thought I'd make this a new thread since the other thread I started kinda went all over the place.
Hey everyone, I managed to pick up a Logic Sniffer and got it in the mail last night.
The logic sniffer has Jtag pins on them is this for programming the logic sniffer? or is this for other things? I also noticed that it has a lot of through hole items that can be soldered onto the board what are all these pins for? I couldn't find any info on this.. However I could be blind.
So I'm going to toss out an idea I think it would be really cool to see someone build a Giant POV display on like a wind turbine, have it display something like the time or pacman? i dont know something to make those wind turbines really cool at night.
Hey ya everyone. I picked up a BusbBlaster along with a JtagNT and a BusPirate..
Is there any how-to's on pulling/writing firmware with any of the windows and or linux jtag software on known devices like lets say the DDWRT54G?
In my quest to learn about devices I want to know how difficult it would be to identify jtag points on a device then pull firmware off it and then write it back? I'm kinda going into this semi blind but I have always wanted to poke around with some radios I have and compare firmware modify it and put it back on the device, perhaps attempting to decompile it and make better sense of it would be good too??
I have instructions to jtag the linksys device with a JtagNT and their software but wouldnt mind trying this BusBlaster device using other software to know what errors to expect when I poke around with some unknown stuff.
Hey everyone I'm new to this forum thought I'd post here.
I have always been interested in taking things apart and poking around with them and after I saw the bus pirate a while ago I decided to buy one and poke around with it also I'm kinda diving head first into the unknown with it and hopefully learn how to work the software and how to technically "Learn enough to learn on your own" type of thing if that makes sense.
I'm interested in attempting to jtag some radios and compare firmwares with each of them, and general mischief with jtagable devices.. long story short "attempt to pull firmware off of 2 identical devices and compare"... and go to town with a hex editor... Anyway "I'm not sure if this kind of discussion is open here, but if anyone want's to know they can feel free to PM me and we can take it off the forum"
Since I am diving into the unknown and my attempt to reverse engineer or throw random code edits on dumped flashes and re upload them to the device is there really any method of ..."Forgive me in my ability to come up with the right wording of this" Is there any method to take dumped flash contents of a specific chip, the chip in question is an Atmega32L I believe, and convert this into assembly or some other human readable format?
I'm really curious what the bus blasters abilities are in comparison to the bus pirate since it also has the ability to do jtag.
I have also ordered a JtagNT for use with its own software so I'm really curious now if all 3 of these devices all in the long run do the same thing "Or if its just individual software limitations for each one, also crossing my fingers for the DSO Quad to come out soon.
I understand I have just dropped a whole bunch of open ended questions which will lead to other open ended questions but everyone has to start hacking somewhere right??
