I am trying to learn how to reverse engineer firmware and figured it would be cool to pull the firmware off a chip. I purchased a BusPirate and have successfully pulled data off a couple chips but ran into an issue on one for an LCD screen.
The BusPirate connects to the chip and reads back the device identifier, but when I read the flash and the EEPROM they come back empty. The microcontroller I am reading the flash and EEPROM from is an ATmega48PA. The microcontroller I assume is the "brains" of how it communicated to the LCD but I find it strange that the memory is seemingly empty. The way the LCD works is through 3 wires, RX, 5v and GND. Looking at the pins on the microcontroller it is connected to PD0 which is part of USART. My question is if it is possible that the LCD is driven through USART and requires no firmware on the microcontroller at all? Or is it more likely something else is going on inside the microcontroller that is causing it to think it is empty when read from?
There are all sorts of LCD's which can be controlled by serial data.
For example, here is a small character display with a uC on it's back:
https://www.sparkfun.com/tutorials/289There are also bigger TFT modules with integrated uSD connector on which you can load an uSD card with pictures, and then these are contolled by a single uart. These usually are bundled with PC software to create pictures for the menu's and other things. Use the magic word "nextion" to find more info about this sort of displays.
... but when I read the flash and the EEPROM they come back empty. The microcontroller I am reading the flash and EEPROM from is an ATmega48PA.
... Or is it more likely something else is going on inside the microcontroller that is causing it to think it is empty when read from?
It is possible the lock bits have been programmed:
Protecting AVR flash from reading through ISP?
https://electronics.stackexchange.com/a/53293
Get a cheap $6 24MHz logic analizer from Ali, capture the data stream, figure out the protocol from the waveform, run a decoder on it...
And always post pictures, can't understand why people keep asking without pictures.
Otherwise, asking what it could be from the existing 39 trillions LCD types ?
Do you mean the flash and EEPROM that are inside the atmega? If so then the code protection bit is set, as is usually the case with commercial products. When the memory is protected it will read out as blank.
Thank you for the link that is really helpful.
That sounds like a good idea. Thanks for the tip.
Yes that is the flash and EEPROM I am talking about. The link posted earlier seems to go into more detail about it. Thanks for your input