pcmhacking.net

Intel AB28F400B

BaaaaBlammo

Great job Gampy


[02:47:33:058] PCM Hammer - E54 TEST Build v5 (7/14/2020, 2:15 PM)
[02:47:33:158] AVT 852 Reset OK
[02:47:33:158] AVT Firmware 1.1
[02:48:37:123] Will save to C:\Users\Carl_Dell_D630_Win7\Desktop\2002_LB7_Duramax\2002_LB7_Duramax_TestV5.bin
[02:48:47:272] Querying operating system of current PCM.
[02:48:47:402] OSID: 15189044
[02:48:48:632] Using a User Defined Key of: 0xF81F
[02:48:48:662] Unlock succeeded.
[02:48:48:722] Attempting switch to VPW 4x
[02:48:48:752] Module 0x10 (engine controller) has agreed to enter high-speed mode.
[02:48:51:894] Requesting permission to upload kernel.
[02:48:51:924] Upload permission granted.
[02:48:52:124] Kernel upload 11% complete.
[02:48:53:054] Kernel upload 100% complete.
[02:48:53:184] Kernel Version: 010301AA
[02:48:53:184] kernel uploaded to PCM succesfully. Requesting data...
[02:48:53:194] Flash chip: Intel 28F400B, 512kb
[02:51:01:428] Read complete.
[02:51:01:438] All read-request messages succeeded on the first try. You have an excellent connection to the PCM.
[02:51:01:448] We're not sure how much retrying is normal for a read operation on a 512kb PCM.
[02:51:01:458] Please help by sharing your results in the PCM Hammer thread at pcmhacking.net.
[02:51:01:518] Clearing trouble codes.
[02:51:03:668] Clearing trouble codes.
[02:51:04:768] Elapsed time 00:02:16.1064699
[02:51:04:768] Saving contents to C:\Users\Carl_Dell_D630_Win7\Desktop\2002_LB7_Duramax\2002_LB7_Duramax_TestV5.bin

Did a compare in Hex Workshop

Thats a win! So what do we need? Kernel needs to be smaller, load a bit higher, and the app needs to handle a priority 6C kernel upload response. We have work to do, but we have the answers. Good work Gampy and In-Tech!

Pretty much the same boat as the P04 ... We need a swarm of worker kernels with a Mode36 Queen.

, Yup, I believe that's pretty much it ...
Kernel side.
1. Smaller kernel.
2. Kernel load address.

App side.
1. Accept Priority 0x6C Upload response.
2. Key Algorithm.
3. PcmInfo KernelBaseAddress

And whatever it may take for write.

Gampy wrote:Does anyone have a valid seed/key pair for these units??
Just need one valid GM pair.

here are some combos

seed 8020 key 885A
seed 8376 key 2825
seed 5343 key 5B24
seed B9F7 key 14BD
seed 1D0F key 9E8B

And a nice accompanying algorithm which works with those seed/keys..

For my curiosity, can you explain how the hell you came up with this algorithm for the seed/key pair? I'm legitimately lost as to how it's possible to look at 5 pairs and come up with.... that....

Tazzi wrote:And a nice accompanying algorithm which works with those seed/keys..

Code: Select all

private LB7KeyCalculation(uint16 Seed)
{
    uint16 key = 0x805C;
    int cnt1 = 0;
    int cnt2 = 0;
    int cnt3 = 0;
    for (uint16 i = 0; i <= Seed; i++)
    {
        if (i == 0x1)key -= 0x4;
        if (i == 0xA)key += 0x3;
        if (i == 0x1A)key -= 0x1;
        if (i == 0x5C9)key += 3;
        if (i == 0x5CA)key -= 3;
        if (i == 0x5D9)cnt3 += 1;
        if (i == 0x609)cnt2 += 1;
        if (i > 0x1) cnt1 += 0x1;
        if (i > 0xA) cnt2 += 0x1;
        if (i > 0x1A) cnt3 += 1;
        if (i > 1) key -= 0x1000;
        if (cnt1 == 0x40)
        {
            key -= 4;
            cnt1 = 0;
        }
        if (cnt2 == 0x40)
        {
            key += 3;
            cnt2 = 0;
            cnt3 = 0;
        }
        if (cnt3 == 0x10)
        {
            key -= 1;
            cnt3 = 0;
        }
    }
}

WooHooo, the fog is gone! Or at least whats possible to dissipate ...

In no specific order ...

kur4o, Thank you!

roughneck427, Thank you!

Tazzi, Thank you!

Antus, Thank you!

In-Tech, Thank you!

If I missed you, Sorry ... Thank you!

I just did the work, it was y'all's brains that got'er done!

-Enjoy