Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2015-03-17 09:20:32

asper
Contributor
Registered: 2008-08-24
Posts: 1,409

PM3 & JTAG using a Blackcat USB hardware flasher

Using this hardware can someone explain me the pinout to eventually re-flash proxmark3 via JTAG interface ? Is it possible ?

Flasher:
nncc7Ml.jpg
xIckzpg.jpg

Flasher Manual

Last edited by asper (2015-03-17 09:21:47)

Offline

#2 2015-03-17 13:22:44

asper
Contributor
Registered: 2008-08-24
Posts: 1,409

Re: PM3 & JTAG using a Blackcat USB hardware flasher

I tested PM3 jtag pins 5-7-9-13 +GND and 5-7-11-13 + GND connecting them to the correspondig pins on the blackcat hardware:

PM3 JTAG Pinout:
185px-Ulink_arm20pin_proxmark.gif

PM3  -  BlackCat
5(TDI) - TDI
7(TMS) - TMS
9(TCLK) - TCK
13(TDO) - TDO
20(GND) - GND

5(TDI)- TDI
7(TMS)- TMS
11(RTCK)- TCK
13(TDO)- TDO
20(GND) - GND

but with both configurations pm3 was not found... any help ?

Last edited by asper (2015-03-17 13:45:54)

Offline

#3 2015-03-17 15:10:05

thefkboss
Contributor
Registered: 2008-10-26
Posts: 198

Re: PM3 & JTAG using a Blackcat USB hardware flasher

the pm3 (atmel) need power, so don´t forget to plug usb connetor ( to your pm3)

Last edited by thefkboss (2015-03-17 15:10:35)

Offline

#4 2015-03-17 15:28:13

asper
Contributor
Registered: 2008-08-24
Posts: 1,409

Re: PM3 & JTAG using a Blackcat USB hardware flasher

I connected pm3 to USB but when I open the BlackCat flashing software it says no device connected (BlackCat is recognized but not the jtag connection).

Is the pinout connection correct ?

Last edited by asper (2015-03-17 15:29:18)

Offline

#5 2015-03-17 19:43:35

thefkboss
Contributor
Registered: 2008-10-26
Posts: 198

Re: PM3 & JTAG using a Blackcat USB hardware flasher

this one
PM3  -  BlackCat
5(TDI) - TDI
7(TMS) - TMS
9(TCLK) - TCK
13(TDO) - TDO
20(GND) - GND
maybe you need Test Reset...(is not necessary.....but...)
3(TRST)- TRST


in the software do you select the correct micro? and the correct clock for jtag??

AT91SAM7S256 or AT91SAM7S128 and 5khz??

Offline

#6 2015-03-17 19:49:58

thefkboss
Contributor
Registered: 2008-10-26
Posts: 198

Re: PM3 & JTAG using a Blackcat USB hardware flasher

I have read the manual....
Have you upload to your black cat this firm BCUSB.6.01.EJTAG.hex and not this BCUSB.1.05.SPI.hex??

Offline

#7 2015-03-17 20:01:22

asper
Contributor
Registered: 2008-08-24
Posts: 1,409

Re: PM3 & JTAG using a Blackcat USB hardware flasher

No luck. Unfortunately I cannot specify anything in the blackcat software interface, here are some screenshots:

nVoe6aq.jpg
cV12uWf.jpg

I just noticed one thing: with my 1st and your jtag configuration, after some seconds (almost 15-20) pm3 auto-rests itself.

Maybe I need to make a script ? Here are some examples inside the software /script folder.

I read that blackcat is something similar to a teensy... maybe someone with teensy experience can help out.

Any other suggestion ?

Last edited by asper (2015-03-17 20:04:32)

Offline

#8 2015-03-17 20:24:03

asper
Contributor
Registered: 2008-08-24
Posts: 1,409

Re: PM3 & JTAG using a Blackcat USB hardware flasher

Also should I use 3.3 or 5V ?

Offline

#9 2015-03-17 20:53:05

thefkboss
Contributor
Registered: 2008-10-26
Posts: 198

Re: PM3 & JTAG using a Blackcat USB hardware flasher

asper wrote:

Also should I use 3.3 or 5V ?

for???

you don´t need power on the jtag becuase when you plug the pm3 usb the atmel is powered foR that reason you need the pm3 usb connected.

I think is 3.3 the atmel vcc but....I have to look the datasheet
I´m going to look the script examples

Offline

#10 2015-03-17 21:03:10

thefkboss
Contributor
Registered: 2008-10-26
Posts: 198

Re: PM3 & JTAG using a Blackcat USB hardware flasher

on the scripts are only the memory position, nothing related with clock, frecuency......I don´t know if is going to work, because first you need to detect the atmel and then run the script to write the memory position.
but if you don´t detect the atmel there is nothing to write

Offline

#11 2015-03-17 21:13:46

asper
Contributor
Registered: 2008-08-24
Posts: 1,409

Re: PM3 & JTAG using a Blackcat USB hardware flasher

Maybe BlackCat is not suitable for those kind of processors...

Offline

#12 2015-03-17 22:41:01

thefkboss
Contributor
Registered: 2008-10-26
Posts: 198

Re: PM3 & JTAG using a Blackcat USB hardware flasher

I think this is the problem

http://electronics.stackexchange.com/questions/94018/what-is-the-difference-between-jtag-and-ejtag

Offline

#13 2015-03-18 08:58:06

asper
Contributor
Registered: 2008-08-24
Posts: 1,409

Re: PM3 & JTAG using a Blackcat USB hardware flasher

Thanks for pointing that out. Maybe you are right.

What hardware is the cheapest one to perform jtag operation and has a free good software for windows systems?

Offline

#14 2015-03-18 10:21:26

thefkboss
Contributor
Registered: 2008-10-26
Posts: 198

Re: PM3 & JTAG using a Blackcat USB hardware flasher

J-LINK segger (clones) the originals are to expensive.
clones (15-20 dollars)

but with clones be carefull:

you have to used old version of program from 2013 and disconect from internet because:
1 they used invalid serial numbers and you get blacklisted
2 some stupid, change in the frimware a line, and is possible detect that line, and you get blacklisted again
3 the new soft detec false ftdi http://hackaday.com/2014/10/22/watch-that-windows-update-ftdi-drivers-are-killing-fake-chips/  and reprogram frimware

advise: if you are going to use DON´T CONECT TO INTERNET AND USE ALL VERSIONS FROM 2013

IF YOU DON´T FOLLOW THIS ADVISE.
1 you must know IDA
2 have another programmer to re-program segger

Last edited by thefkboss (2015-03-18 10:21:59)

Offline

#15 2015-03-18 13:36:50

asper
Contributor
Registered: 2008-08-24
Posts: 1,409

Re: PM3 & JTAG using a Blackcat USB hardware flasher

Windows update removed the bricking driver: http://www.ftdichipblog.com/?p=1053

Brick can be resolved, see the step by steb guide for win and linux; software is also available (you need ft_prog software and win drivers).

I paste here the procedure if the above article from reddit will become unavailbale:

Solution to reset the PID with windows 8.1

- Download FT_Prog http://www.ftdichip.com/Support/Utilities.htm
- Download the VCP Drivers http://www.ftdichip.com/Drivers/VCP.htm
- Extract and edit the ftdibus.inf file and change all PID values from 6001 to 0000
- Activate loading of unsigned drivers (corner of the screen -> change pc settings -> Updates -> Restore Windows -> Advanced Start -> Restart now -> Troubleshoot -> Choose advanced options -> Disable driver signature enforcement
restart
- load the modified driver in the hardware manager
- Start FT_Prog
- Scan
- Change the device descriptor to 6001
- flash

Here you can find already signed win drivers (not tested).

I just bought a clone from ebay, it will arrive in some weeks. Software should be this, if you want to take a look and inform others IF IT IS GOOD it will be a good thing: software

Last edited by asper (2015-03-18 14:17:35)

Offline

#16 2015-03-18 21:17:12

thefkboss
Contributor
Registered: 2008-10-26
Posts: 198

Re: PM3 & JTAG using a Blackcat USB hardware flasher

https://www.segger.com/j-link-older-versions.html

is not a really windows problem..
segger rewrite the frimware when you install a new version if they detect that yours is a clone they corrupt the flash and  the ftdi so unless you make reversing of the software and the firm.
1º DON´T CONNECT TO INTERNET WITH CLONE PLUG IT IN
2º DON´T USED NEW VERSION (UNLESS YOU PATCHED IT WITH IDA)

I  don´t remember but i think 4.20 was right

Offline

#17 2015-04-02 17:07:29

asper
Contributor
Registered: 2008-08-24
Posts: 1,409

Re: PM3 & JTAG using a Blackcat USB hardware flasher

Thank you for the further explanations !

Offline

Board footer

Powered by FluxBB