How can u expect someone to wanna watch this crap? Imagine ur grandpa trying to understand this mumbo jumbo.. that’s what 90% of the popular is like when it comes to this. Ur a small niche
I just got a bus pirate 3.6a and, I'm wanting to connect to a device using JTAG. The available pins on it are: TDO,TDI,TMS,TCK,GND,RESET Do I just connect it the same named pin, as from the bus pirate to the device? (Like TDO - TDO, TDI - TDI...etc etc for all of them). Years ago, I used uart but, I'm not seeing those connections on the board I'm trying to mess around with. I just can't seem to find a guide / tutorial that explains how to set it up, for newbs.
Just in case you do not know, using USB JTAG NT can read the 4M flash under 20 seconds. Not 5 hours. That is too long. Check my videos on routers programming.
Is this process just dumping the spi firmware? So i have xgecu on hand i can just read it straight from the rom instead of waiting 5 hours through jtag, correct?
Great teacher,cfe mac generator for back to the life a dead wrt,im lost the original firmwares,v2,im looking for a cfe bootloader generator to match with generic original firmware,any clue?,and many thanks
hi joe, I just received my bus blaster v4.1 but I'm experience some issues... can you tell me some tips about it? the error: warning: TDO seems to be stuck at 1
is there a situation where you end up with something similar to a process dump and have to RE some unknow program in order to get the data you're looking for ? I mean grepping / parsing through the output of strings looks relativeley easy, but what if there are defensive contermeasures ? I can imagine ways to protect a private key, but this would always be defeated as the CPU is basically dong what we' re asking it to do. I guess that' s what Apple secure enclase is about
That's awesome if you have 'ejtag' support, but what if your target is MIPS32 and your 'initbus ejtag' request gets you 'error: not found EJCONTROL or EJIMPCODE register'? I've tried this on a linksys-wrt54gl v6 router, same exact setup using busblaster with no luck... thanks for your great videos. I love my JTAGULATOR btw
UGH v6 is the cheapest of the cheap of the WRT54G series... hardly any memory to work with and very limited features. You can barely get DD-WRT on them and they still work sort of stable snd that DD-WRT is a stripped down version designed to fit on the small memory of the v6.. You are better off with a V2 or something in the 802.11N era. 54G was nice 20 years ago but is a dead horse these days..
Hi Joe. Any chance you would consider learning how to jtag newer WD HDD PCBs? WD has decided to lock out their PCBs in a way that prevents the normal vendor specific ATA commands from doing things like read/write the ROM code, etc. and it's becoming an issue for data recovery. I know some guys are already unlocking them via jtag, but they are selling their unlocked boards at a crazy markup. The knowledge of how to do this is definitely worth some $$ for me, but I'm no jtag expert. It's knowledge I'd be willing to pay for.
Thanks for the demo of poor man Bus Blaster JTAG 8-) I mostly use/loan the BDI2000/3000 from where I worked and I feel pain when you waited 5h to extract 4MB. When I say "poor man" it does not mean pejorative, more of MacGyver compliment.
you put the wrong firmware in or tried to load a "hacked" firmware and got it in a good ole loop huh? Phones are not worth it once the bootloop, as cheap as they are these days you can buy a brand new tracfone smartphone with service cheaper than you can buy the jtag reader for..
@@Elfnetdesigns Your answer seems to be a bit over generalised to me. Phones that are expensive can get bootloop too and it would be interesting to know if you can repair them with this technique.... @John Papadopoulos: In principle, yes you can repair them using this same technique. BUT..... firmware for cellphones require a lot of knowledge if you start poking into them yourself..... They might have encryption that you need to defeat before you can write the code to the device, the more expensive ones (Iphones) do not have JTAG anymore. Or if they do, you need to know very good whoch part of the firmware is for what part of the phone (baseband, phone itself etc.). In my opinion: not an easy task.
Five hours? Thankfully I have a FlashcatUSB and USBJTAG NOT that can read this much faster! P.S. I already know the pinout but, can the JTAGulator be used with the WRT54G?
hollyyy.. how in the world only 5000+ people interested in this sort of thing to date...
the other billions are more interested in Twitter drama and the next new iPhone..
@@Elfnetdesigns good one... Heart breaking fvcking truth..
Gthvfrt!!!!!
How can u expect someone to wanna watch this crap? Imagine ur grandpa trying to understand this mumbo jumbo.. that’s what 90% of the popular is like when it comes to this. Ur a small niche
True only 57k + after 3 years, this is a depressing world
Great content, thanks from Palermo, Sicily
Thank you for explaining every step. It's so frustrating when a tutorial just pulls some information out of their arse without explaining it.
I wonder if this would work on new iphones to retrieve icloud email?
Nice one Joe! Good to see you hackin hardware! :) Have a great new year and...
KEEP ON HACKIN!
I just got a bus pirate 3.6a and, I'm wanting to connect to a device using JTAG. The available pins on it are:
TDO,TDI,TMS,TCK,GND,RESET
Do I just connect it the same named pin, as from the bus pirate to the device? (Like TDO - TDO, TDI - TDI...etc etc for all of them). Years ago, I used uart but, I'm not seeing those connections on the board I'm trying to mess around with. I just can't seem to find a guide / tutorial that explains how to set it up, for newbs.
Just in case you do not know, using USB JTAG NT can read the 4M flash under 20 seconds. Not 5 hours. That is too long. Check my videos on routers programming.
SO SIR , SHOW US YOUr CHANNEL!!! SO we can be fully inform about this stuff your talking about!!!!
Is this process just dumping the spi firmware? So i have xgecu on hand i can just read it straight from the rom instead of waiting 5 hours through jtag, correct?
I'd like to see a tutorial using the rasberry pi gpio pins and openocd to say recover a bricked netgear n900 (wndr4500v1/2)
I wish I could upvote this video a thousand times. This is awesome !
Could this be used to get a proprietary boot loader out of a chip? Like say, the Teensy 3.2?
Hi joe do you have a course i have another tipe of Device the metros will work?
can you use jtagulator new features and not busbluster for this?
? when the software don't have chip information ? how will identify the parameters?
I just get "invalid parameter: unknown cable driver 'jtagkey'" ... I have installed the necessary drivers please help and thanks
buenas noches como podria conectar launchpad EXP430G2ET A UN CHIP M430F149 VIA JTAP
I'd be curious as to the processing power of these things and if any type of software can be run on them. Maybe games.
Great teacher,cfe mac generator for back to the life a dead wrt,im lost the original firmwares,v2,im looking for a cfe bootloader generator to match with generic original firmware,any clue?,and many thanks
Im use a usbjtagnt
Why would users not use higher level GUI-based software (Free) to do the same thing with pull-down menus?
What would be a way to use JTAG to learn about the devices' internal serial communication? Could you point me in a direction?
I'v done a loads of JTAG in the early 2010's sometimes it can be a pain...
Question, would this work if instead of using a sound blaster adapter, I were to use a small female 20pin to female USB 3.0 output adapter?
Or how edit cfe mac adress in firmware
hi joe, I just received my bus blaster v4.1 but I'm experience some issues... can you tell me some tips about it? the error: warning: TDO seems to be stuck at 1
is there a situation where you end up with something similar to a process dump and have to RE some unknow program in order to get the data you're looking for ?
I mean grepping / parsing through the output of strings looks relativeley easy, but what if there are defensive contermeasures ? I can imagine ways to protect a private key, but this would always be defeated as the CPU is basically dong what we' re asking it to do. I guess that' s what Apple secure enclase is about
can you do this on an altera max7000?
You can acces data from Arm processor with password protection ?
Wooooooaaaahhh!!! Thanks!!⚡🤖👌🏼
what if the data shown by string function is encrypted??
It will always have a lot of false positives, just ignore those.
Can u extract anki robot vector firmware? Pls , and thanks
That's awesome if you have 'ejtag' support, but what if your target is MIPS32 and your 'initbus ejtag' request gets you 'error: not found EJCONTROL or EJIMPCODE register'? I've tried this on a linksys-wrt54gl v6 router, same exact setup using busblaster with no luck... thanks for your great videos. I love my JTAGULATOR btw
UGH v6 is the cheapest of the cheap of the WRT54G series... hardly any memory to work with and very limited features. You can barely get DD-WRT on them and they still work sort of stable snd that DD-WRT is a stripped down version designed to fit on the small memory of the v6.. You are better off with a V2 or something in the 802.11N era. 54G was nice 20 years ago but is a dead horse these days..
Hi Joe. Any chance you would consider learning how to jtag newer WD HDD PCBs? WD has decided to lock out their PCBs in a way that prevents the normal vendor specific ATA commands from doing things like read/write the ROM code, etc. and it's becoming an issue for data recovery. I know some guys are already unlocking them via jtag, but they are selling their unlocked boards at a crazy markup. The knowledge of how to do this is definitely worth some $$ for me, but I'm no jtag expert. It's knowledge I'd be willing to pay for.
You are such a great teacher. I wish I could shadow you.
How do you install or set urJTAG for MAC ?
Joe any comment ?
Thanks for the demo of poor man Bus Blaster JTAG 8-) I mostly use/loan the BDI2000/3000 from where I worked and I feel pain when you waited 5h to extract 4MB.
When I say "poor man" it does not mean pejorative, more of MacGyver compliment.
God i love WRT54G routers. I was sad when i smoked mine :(
How do you identify where to connect cables from the interface to the target machine?
datasheets
He is so engaging and real! Great presentation!
Can someone please tell me best JTAG vendors in market?
Nice job. Is it possible to use that jtag for bootloop phone brick? TIA
you put the wrong firmware in or tried to load a "hacked" firmware and got it in a good ole loop huh? Phones are not worth it once the bootloop, as cheap as they are these days you can buy a brand new tracfone smartphone with service cheaper than you can buy the jtag reader for..
@@Elfnetdesigns Your answer seems to be a bit over generalised to me. Phones that are expensive can get bootloop too and it would be interesting to know if you can repair them with this technique.... @John Papadopoulos: In principle, yes you can repair them using this same technique. BUT..... firmware for cellphones require a lot of knowledge if you start poking into them yourself..... They might have encryption that you need to defeat before you can write the code to the device, the more expensive ones (Iphones) do not have JTAG anymore. Or if they do, you need to know very good whoch part of the firmware is for what part of the phone (baseband, phone itself etc.). In my opinion: not an easy task.
Thanks. It helps a lot.
can we do it in windows
Good video!
how would UrJTAG damage your hardware?
deleting the firmwarw from the device without backup or when an error occurs
thank you!!!!
You just used this in the recent samsung video!!
To kingpin 👑
Five hours?
Thankfully I have a FlashcatUSB and USBJTAG NOT that can read this much faster!
P.S. I already know the pinout but, can the JTAGulator be used with the WRT54G?
nice
Cool !
Creo que Te amo
Cool Man
well, today I think 90% of JTag extracting is impossible, all vendors locking it.
5hrs to get 'admin' paaswd. Nice work,bro :)
hi joegrand wanna some help
you need a mounain with your name on , youtube is not enought
Quite fascinating that you pour your money in an Apple laptop where nothing works like everywhere else Unix…😅
🖒🖒🖒
in short, Software control Hardware
yes yes just like the xbox360 jtag
U know how I know ur vegan?
JTAG