GM E38 E67 E40 Kernel/Bootloader Development Extravaganza

[Tazzi]

Not an assumption, NRC code 0x11 is pretty clear.

Definitely an assumption. So your telling me you've gone through every possible address with mode 23?
By definition, this allows reading any defined memory region. Clearly some may be locked, others not, but this includes flash AND ram areas, youd be amazed what stays in ram when it shouldn't as developers are not thinking about that. Clearly some addresses are locked, this includes the shadow flash.

I don't have the T87A,E41,E99 to just go rip it all out. But I certainly work with people that are doing so.

[gmtech825 Profile]

can confirm, $23 does work on at least some of the e41 ram addresses I've tried.

[Tazzi]

can confirm, $23 does work on at least some of the e41 ram addresses I've tried.

I have an E90 on the way to me currently. Time to join in the fun.

[crystal_imprezav Profile]

$23 only works in one range, so far nothing exciting. I've dumped about all that is open.

[kur4o Profile]

$23 only works in one range, so far nothing exciting. I've dumped about all that is open.

To get a better rate, try unlockin pcm first and increase the mec counter.
With unlocked pcm mode 23 can have more ranges available.

You can also test if pcm agrees to take mode 34 and mode 36

[gmtech825 Profile]

can confirm, $23 does work on at least some of the e41 ram addresses I've tried.

I have an E90 on the way to me currently. Time to join in the fun.

I think I have an E90 kicking around here somewhere

[crystal_imprezav Profile]

I am always working with the ECU unlocked, it is also patched. $34/$36 work fine. $35 NRC 0x11. Everything in the flash its self that I have tested I get a NRC 0x31. Only things readable are parts of the RAM.

Unless it has something to do with the patch which is highly unlikely (this is not an HP patch), I dont see a original giving more access. That being said, I will run the same tests on a E99(s) but I am thinking that may be locked down more but who knows. On a t87a, its not an issue, your can read/write what ever you want.

[Tazzi]

I am always working with the ECU unlocked, it is also patched. $34/$36 work fine. $35 NRC 0x11. Everything in the flash its self that I have tested I get a NRC 0x31. Only things readable are parts of the RAM.

Unless it has something to do with the patch which is highly unlikely (this is not an HP patch), I dont see a original giving more access. That being said, I will run the same tests on a E99(s) but I am thinking that may be locked down more but who knows. On a t87a, its not an issue, your can read/write what ever you want.

If it was used as an exploit to get in, then (personally) I would have patched it up. But this all depends how far someone goes to do this stuff.

*Edit
I believe the E88,E90 and E99 all use the same bootloader from what I have just looked at. At least the labelling for the loader has this labeling so Id assume this would be the case. Whether or not every single one can have the loader ripped is an uncertainty right now, but its a good 200+kb so its ALOT of decompiling ahead.

[Tre-Cool Profile Website]

Taz, Did you do a remote removal of this software?

I just got back from work and was going to read an ecu & the program is gone from my desktop pc.

hmm. looks like ESET is picking it up something. as soon as i disable it i can run the installer and it puts the exe file back and doesn't disappear.

Odd.

oh well exclusion folder you go.

[Tazzi]

Taz, Did you do a remote removal of this software?

I just got back from work and was going to read an ecu & the program is gone from my desktop pc.

hmm. looks like ESET is picking it up something. as soon as i disable it i can run the installer and it puts the exe file back and doesn't disappear.

Odd.

oh well exclusion folder you go.

Some antivirus's will flag it. It is safe to use, its just the oreans protector which causes the false positive.

After now successfully getting a certificate with OBDX Pro, I will begin the process for Envyous so all future softwares should (hopefully) minimize those false positives.