|
Jtag help, again....
|
|
Member
|
7. September 2010 @ 23:29 |
Link to this message
|
Ok, so I've wired up my box with this guide... http://www.boxxdr.com/boxxdrjtag.html
However, instead of using that alternate point I used the top red circle in this picture...
http://www.dports.me/Xmods/alt.jpg
I believe its a verified alternate point for db1f1. And I soldered my second wire to the aud clamp. I then followed this guide
https://docs.google.com/View?id=dnfmv5h_30dw33vpf4
All the way through, didnt work got an e79... Then I went back actually changed the smc using smc_io and renencypting it with sbtool back into free60.bin, however that did not work either. e79.
Any idea whats wrong?
All input is appreciated.
PS I know its exploitable... Zeyphr 4558.
Comp
-6-core 3.2 AMD, 12gb DDR3, Geforce femi 560ti, Running Win7 x64
Laptop
-Dual boot Win7 + Ubuntu 11.10 Gnome Classic
|
|
Advertisement
|
|
|
|
|
moten
Member
|
8. September 2010 @ 05:37 |
Link to this message
|
|
I know you probably already have, but just recheck all soldering and make sure there are no shorts.
|
Member
|
8. September 2010 @ 11:41 |
Link to this message
|
|
I am redoing the entire jtag soldering, ill get back to you when I finish
Comp
-6-core 3.2 AMD, 12gb DDR3, Geforce femi 560ti, Running Win7 x64
Laptop
-Dual boot Win7 + Ubuntu 11.10 Gnome Classic
|
Member
|
8. September 2010 @ 13:06 |
Link to this message
|
Well, I successfully ripped all the db1f1 alternatives off the board... Going to rewire to the dvd eject, change the smc, and reflash. Ill try to get to that by tomorrow night.
Comp
-6-core 3.2 AMD, 12gb DDR3, Geforce femi 560ti, Running Win7 x64
Laptop
-Dual boot Win7 + Ubuntu 11.10 Gnome Classic
|
Member
|
8. September 2010 @ 13:15 |
Link to this message
|
Sorry one more question. When it says splice into that wire
http://dayton360mods.com/wp-content/uploads/2010/07/trayopen.jpg
What exactly does that mean? Do I have to have a wire coming off that one going to my transistor? Or can I just solder to the point where that wire goes into the board, because that would be a lot less hassle.
Comp
-6-core 3.2 AMD, 12gb DDR3, Geforce femi 560ti, Running Win7 x64
Laptop
-Dual boot Win7 + Ubuntu 11.10 Gnome Classic
|
AfterDawn Addict
2 product reviews
|
8. September 2010 @ 14:34 |
Link to this message
|
|
So you have ruined the original DB1F1 and FT1U2?
You are really going to want to stick to a setup like the BoXXDR page that you linked since you have a Zephyr.
This message has been edited since posting. Last time this message was edited on 8. September 2010 @ 14:40
|
Member
|
8. September 2010 @ 21:34 |
Link to this message
|
Ok, I am following the guide https://docs.google.com/View?id=dnfmv5h_30dw33vpf4
I changed the smc points from db1f1 to aud_clamp, and the one from the RF board to the DVD open. Following the guide, got the free60.bin file, however when you patch the smc to different points, it says that you need to encrypt before flashing back to the nand, however in this guide they don't use SBtool to encrypt the smc and then put into the free60.bin file. I will keep following the guide however. Going to try to flash it again tomorrow
However I was wondering if that was an error in the document, or if I am just wrong in my assumption about the encryption?
Comp
-6-core 3.2 AMD, 12gb DDR3, Geforce femi 560ti, Running Win7 x64
Laptop
-Dual boot Win7 + Ubuntu 11.10 Gnome Classic
|
AfterDawn Addict
2 product reviews
|
8. September 2010 @ 22:12 |
Link to this message
|
Originally posted by Nelmeco:
Ok, I am following the guide https://docs.google.com/View?id=dnfmv5h_30dw33vpf4
I changed the smc points from db1f1 to aud_clamp, and the one from the RF board to the DVD open. Following the guide, got the free60.bin file, however when you patch the smc to different points, it says that you need to encrypt before flashing back to the nand, however in this guide they don't use SBtool to encrypt the smc and then put into the free60.bin file. I will keep following the guide however. Going to try to flash it again tomorrow
However I was wondering if that was an error in the document, or if I am just wrong in my assumption about the encryption?
I believe you have got the points wrong. You don't want to replace the DB1F1 with the AUD_CLAMP.... you replace the point from the ring of light with the AUD_CLAMP. You still need to use the DB1F1 or alternate points.
Easy way to encrypt the patched SMC is through freeBOOT Toolbox or ibuild. You just drop in your SMC and Toolbox/ibuild will re-encrypt.
|
Member
|
9. September 2010 @ 09:39 |
Link to this message
|
Thanks for clarifing the smc thing. I also found this tutorial
http://team-xecuter.com/forums/showthread.php?t=55189
it uses the aud_clam an Tray_open points, changing the smc to use these points.
Im not trying to fight, I just want to know if this method is also valid because this would be a lot easier, and from what i've read, alot stabler.
Comp
-6-core 3.2 AMD, 12gb DDR3, Geforce femi 560ti, Running Win7 x64
Laptop
-Dual boot Win7 + Ubuntu 11.10 Gnome Classic
|
AfterDawn Addict
2 product reviews
|
9. September 2010 @ 09:57 |
Link to this message
|
|
Going off of the TRAY_OPEN can cause unwanted ejects at startup or shutdown. Honestly, I've never used that point and don't plan on it.
I actually just used the Blackaddr method you originally linked (BoXXDR setup) on a Zephyr and have no issues.
I used the DB1F1 point and the AUD_CLAMP point.
If you can't use the DB1F1 point, use the FT1U2. The trick to soldering those points I've found is to set my iron at 15w and then use flux to tin the pad (if it doesn't have any solder). You should also be using 30 AWG Kynar wire for these points since they are so small.
|
Member
|
9. September 2010 @ 13:34 |
Link to this message
|
That's the problem, I have literally destroyed every single db1f1 alternate point there is. I was a noob at soldering when I tried a year ago and killed most of them. I tried one last time and it stuck but it ripped the point off after about 10 seconds. I'm ok with the dvd tray opening and closing randomly, its the only option I have left. I don't even care if this works, I just want to know why mine isn't working. I cant stand not knowing why.
Yeah and the wire is why i was screwing up, I used bigger wire when i was doing the db1f1 alt points, that's why they ripped off. I was an idiot.
Im going to follow the guide https://docs.google.com/View?id=dnfmv5h_30dw33vpf4
And if that does work ill do http://team-xecuter.com/forums/showthread.php?t=55189
Ill post results afterwards. Which will be tonight. Flashing lpt takes forever...
Also on the google doc guide when it says flash free60.bin
14. Flash free60.bin to your XBOX.
This command is compatible with all NAND sizes.
nandpro lpt: -w16 free60.bin 0
Is it supposed to be nandpro lpt: -w16 free60.bin 0 50? Or will it just flash it from block 0 to block 50 automatically when using the command from the doucment.
Sorry for the abundance of questions, I'm just trying to cut out as many possible mistakes as I can.
Comp
-6-core 3.2 AMD, 12gb DDR3, Geforce femi 560ti, Running Win7 x64
Laptop
-Dual boot Win7 + Ubuntu 11.10 Gnome Classic
This message has been edited since posting. Last time this message was edited on 9. September 2010 @ 13:53
|
|
Advertisement
|
|
|
AfterDawn Addict
2 product reviews
|
9. September 2010 @ 13:58 |
Link to this message
|
Here is more DB1F1 alternatives that might be able to help you:
|
