Forum: Mikrocontroller und Digitale Elektronik Bootloader für JTAGICE mkII clone


von Andreas B. (Firma: Privat) (bitleiste) Flattr this


Angehängte Dateien:

Lesenswert?

Hallo zusammen,

hat eventuell jemand Informationen oder eine Quelle über den Bootloader 
des JTAGICE mkII ?

Um diesen JTAGICE mkII geht es,
http://www.flickr.com/photos/recotana/2547222052/

Mit JtagIIUpgrade.exe (wird mit AVR Studio installiert) kann man ein 
JTAGmkII Upgrate machen, die Datei jtagicemkii.dat wird dabei in den µC 
Übertragen.

Ich habe im Internet Rescherschiert und bin mir nicht ganz sicher,

- Die Datei ist vermutlich eine Verschlüsselte HEX Datei AVR231: AES 
Bootloader Application

- In der Firmware Datei steht MonCoM_S_OCDS.a90 und MonCoM_M_OCDS.a90

- Das Protokoll ist das AVR067: JTAGICE mkII Communication Protocol

Schöne Grüße Andreas B.

von Dmitry Y. (dev_zzo)


Lesenswert?

Hi Andreas,

First, sorry for my English -- I don't speak German, unfortunately.

I have found this topic about the bootloader for JTAGICE mkII and want 
to say I'm pretty much interested in the same, but for the original 
device. Here's what I have found.

- As you probably know, there are a few clones going around, the one you 
have at hands is JTAGICE mkII Lite, it uses a single MCU compared to the 
original Atmel design which uses two.

- Not sure that the bootloader for clones is the same, neither should be 
the algorithm they employ -- all that is needed is that the data to be 
transferred to the MCU.

- The two data files inside jtagicemkii.dat are scrambled so you won't 
be able to view the contents directly by using some kind of viewer for 
MS Structured Storage format files (this is the format of that .dat 
file). The scrambling algorithm is in the .dlls that can be found in AVR 
Studio installation and is not very complex, considering that cloners 
have successfully reverse-engineered it to scramble their own firmware. 
The files can be extracted by SSVew utility -- you can google it.

- The original Atmel bootloader does not conform to that AVR231 appnote, 
as well as departs from the protocol specification for JTAGICE mkII in 
working mode. The firmware data is scrambled too, and the algorithm is 
still not very clear to me.

I'd suggest that you reverse-engineer the scrambling algorithm and 
obtain the unscrambled firmware files. From then on, you can try to 
guess what kind of algorithm (if any) is used for firmware encryption. 
As for me, I have written an JTAGICE mkII emulator to simulate the 
firmware upgrade process and save the data -- you can go this way too, 
but it will require you to reverse-engineer the bootloader protocol (it 
is very similar to the one used by older devices).

Kind regards,
Dmitry

Bitte melde dich an um einen Beitrag zu schreiben. Anmeldung ist kostenlos und dauert nur eine Minute.
Bestehender Account
Schon ein Account bei Google/GoogleMail? Keine Anmeldung erforderlich!
Mit Google-Account einloggen
Noch kein Account? Hier anmelden.