Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
I was trying to update from an older version before com port support... I got the bootrom.elf to work and then fullimage failed with
Writing segments for file: ..\firmware_win\fpgaimage.elf
0x00102000..0x0010c4bb [oxa4bc / 83 blocks]...........
Error: Unexpected reply 0x00fe (expected ACK)
ERROR
Error writing block 80 of 83
I was able to flash the os.elf without an error.
This is using the new flasher. FYI I first tried r672 and it had the same message at the same block.
now when I do a
hw version
I get
bootrom: svn 756 2013-07-12 08:11:47
os: svn 756 2013-07-13 08:11:52
FPGA image built on 2012/ 1/ 6 at 15:27:56
because of the mismatched FPGA nothing seems to work.
I read of a similar problem someone else had due to some sort of bit lock but I don't have a jtag or have ever used one and not sure why I would have a bit lock set.... Am I stuck? I am guessing I could flash way back to before the new com port support but that would suck. I am trying to do t55xx stuff and want the latest version.
Thanks for any help.
Offline
The FPGA-image is pretty dormant during the flashing, afaik, and most problems occur if there is a discrepancy between the bootrom and the os, causing one to be pre-cdc and one post-cdc. I have no idea why an old FPGA-image should cause such problems, but I am not an expert in the FPGA-area...
Offline
Just try to fix your proxmark through JTAG, make generates the recovery files for your.
I've updated the wiki, this page shows how to simply to upgrade to the new bootloader with J-LINK.
The proxmark3_recovery.bin and fullimage.bin files both contain the FPGA image.
Offline
Sounds like I need to order a Segger J-link. Do you have a source? What I see on Digikey looks to be around $300. Wouldn't it be cheaper to just buy a new pm3 at that point? Maybe I am looking at the wrong thing. Is the J-link commander free software?
I have testing flashing the os and bootrom back to older versions and I can do that just fine. And then bring them back to r756. I just can seem to overwrite the fpga....
Thank you guys for your help.... Always seems these things go wrong when you are short on time... then you have to overnight parts etc and learn new stuff.....
Offline
I see very different price ranges... Some say educational etc.... Would this one for digikey for $63 work? part #899-1008-ND? http://www.digikey.com/product-detail/en/8.08.90%2520J-LINK%2520EDU/899-1008-ND/2263130?WT.mc_id=PLA_2263130
Offline
Try with Bus Pirate.
Offline
Yes, the EDU version (for educational and open-source projects) works fine! This will come with original license, software and support.
If you still find it to expensive, you might consider a chinese clone for $23 USD.
However, it is always good to support great initiatives. The original EDU version from Segger is a wonderful product.
Offline
Thank you all for your input. Ordered it today. Should have it by Monday...I will update you upon trying it out. Any idea how it ends up getting bit locked? I don't know enough about these programmable microprocessors yet. Is the FPGA stored in a different area of memory than the os and the bootrom? I seem to be able to update them at will. Just not the fpga.
Offline
Which one did you choose ?
Offline
Went with the Segger EDU for about $60 bucks.
Offline
Hi waltaugust
You can build Wiggler JTAG yourself(the parts cost me ~5 USD at local shop) and use software from http://proxmark.org/files/Flash/ to flash your pm3.
Offline
I did glance at that but I don't have any old computers left around with a parallel port on them.
Offline
ok. got my jtag programmer. I don't see a fullimage.s19 only fullimage.elf
Can I send over the elf? if not and I want to send the fpgaimage.s19 and the osimage.s19 what address do I put on the end of the command?
Offline
to be clear I have downloaded r756 and see *.bin I haven't set up my system to run the makefile to create my own.
Offline
Download r785 compiles for windows or later to find jtag .s19 or .bin files.
Last edited by asper (2013-10-07 22:04:20)
Offline
Thank you! That did the trick. So the jtag write was able to undo the bit locks apparently. I am up and running on r785! And that windows GUI is great!
Offline
@roel: converting proxmark3_recovery.bin to .s19 using bin2s19 requires a starting hex address... is 0 correct ?
Offline
The wiki describes how to recover a broken proxmark here:
https://code.google.com/p/proxmark3/wik … _Procedure
You will see that the actual addresses in the ATMEL chip should be aligned, the firmware is placed at:
bootrom.bin = 0x100000
fullimage.bin = 0x102000BTW, can't you just use objcopy?
arm-none-eabi-objcopy --set-start 0x100000 -I binary proxmark3_recovery.bin -O srec proxmark3_recovery.s19Offline
Thanks for the answer.
The parallel software only accept .s19 and unfortunately I am using Windows platform.
Offline