EEVblog Electronics Community Forum
Electronics => Microcontrollers => Topic started by: planc on January 25, 2023, 03:33:34 pm
-
(https://imagizer.imageshack.com/img924/9822/5UW9f2.jpg)
Is anyone familiar with the PIC18F1320 MCU? This is the MCU inside a $15,000 Raman Spectrometer. Is the PCB Evaluation board some kind of Evaluation board that you can buy elsewhere?
Also I can't seem to find anything about JTAG security blown feature in that MCU. Doesn't it have any copy protection?
I want to copy it and sell stuff like that. Are there laws that says reverse engineering is a crime? or reading firmware is a crime?
-
I want to copy it and sell stuff like that. Are there laws that says reverse engineering is a crime? or reading firmware is a crime?
LMGTFY (https://www.google.co.uk/search?q=reverse+engineering+is+a+crime)
-
The MCU has code protection enabled in the configuration bits.
There are definitely laws against copying stuff. The firmware binary is intellectual property and is protected. But how are you going to copy it if you can't find the eval board or the obvious information in the datasheet?
At 4K instructions and 256 bytes of SRAM, it is not going to do anything hard or important. It is likely jsut simple control functions. You can just figure out what it does functionally and re-implement it yourself avoiding IP issues at least in this part. Other design elements may be protected too.
-
If MCU can have code protection enabled in the configuration bits. Why do some MCUs like the MSP430 have JTAG fuses that can be blown?
Why not just use code protection enabled in the configuration bits? In the market, how may percentage of MCUs have JTAG fuses that can be blown?
A few weeks ago I downloaded a 27K firmware from an MSP430 device with the JTAG fuse intact. It was used for backup because an old device I owned (based on the HC11) bought in the 1900s got the firmware bricked after the latest PC software just overwritten the original opcodes at certain memory. It took me so much time just tracing what it has altered by means of Serial Port Monitor. So in some cases, reading firmware for backup is important.
I noticed also that in MCU with EEPROM, the variables data were written directly to the EEPROM because you can change a byte at a time, like changing opcode 86 to 7E. That's why EEPROM based MCUs can be bricked by incompatible PC software. But with new flash based MCUs where the entire segment has to be erased. All of them uses external EEPROM to put variables or other data, right? Or you have you used the flash to just alter a few data like one byte (for example, one byte written in a certain MCU flash memory if 1 channel chosen, another different byte if 2 channel chosen).
-
Configuration bits, fuses, lock bits - it is the same thing, different vendors use different names. The idea is the same - prevent further access to the device. Sometimes the change is permanent, sometimes the device can be unlocked after the firmware is erased. Some recent devices use unlock key, which you set while locking it. It makes it hard to unlock for cloning, but possible to unlock for failure analysis and debugging.
I don't understand the EEPROM part. MCUs use complicated flash controllers that are vendor-specific. What you can and can't change depends on the specific flash controller. Completely incompatible PC software would not even be able to start interaction with the flash controller in the MCU.
-
I mean. Old devices like the 68HC11 or even the PIC18F132 uses internal EEPROM inside the chip as memory (with no other addtional external memory). I found out the PC program can alter some of the chip internal memory while running it for example to store channel 1 or channel 2 in EEPROM location B645. In purely flash based MCU like the MSP430. Can you store and do you store single byte memory inside the flash (within the chip)? Or do you use entirely use external EEPROM even for a few single byte variables or data?
-
PIC18F132 uses flash for program storage. It has small EEPROM for data storage, but it can't run the code from it. PC program connected though what interface? If it is just a serial port and the firmware executes commands, then the extent of what you can do depends on the commands. An actual programmer can do whatever it wants, but it would be highly vendor-specific.
If you are talking about data storage, then whether you can use internal flash like EEPROM depends on the flash controller. Often you can program erased locations (0xff) to any value where bits are cleared, but not set . But in order to write logical "1" into bits, you have to erase a bigger sector. You can read the data into SRAM, modify it, and write the whole buffer back.
On modern MCUs flash is very often used for data storage like this. After MCUs gained ability to erase the flash outside of the external programmer (integrated charge pumps to generate high programming voltages), integrated EEPROMs disappeared because they are a huge pain to manufacture in the same process as flash.
-
Have you not actually used the ancient 68HC11 before?
(https://imagizer.imageshack.com/img923/9150/2ilsUY.jpg)
Main program is written into internal 512 Bytes EEPROM. The PC software communicates to the HC11 via RS-232 serial port. It runs the firmware by using call function (for example Call B620). This outputs the ADC data right at the serial port.
HC11 was all I was familiar with because I was trying it out for 3 months late last year after the latest PC software meant for newer hardware altered the memory location B632 and changing opcodes bricking the firmware. And I recovered it after figuring out the missing opcodes.
The HC11 has internal resident BUFFALO Program. I can just access the EEPROM memory by typing simple commands. I don't know what would happen if there was no BUFFALO. One has to include subroutines in the firmware to access the EEPROM controller and read it?
(https://imagizer.imageshack.com/img924/7199/LCmcbR.jpg)
This part of your sentence is puzzling "If you are talking about data storage, then whether you can use internal flash like EEPROM depends on the flash controller." What would be the use of built-in EEPROM in any MCU if it can't be used for data storage?? therefore all MCU with EEPROM should have flash controller that can use it as data storage. Isn't it.
Lastly, Have you worked with modern MCU that has no internal EEPROM for data storage and you don't use any external EEPROM either. But by reading the original written flash data into SRAM, modify it and write the whole buffer back as you described? I'm asking because if I'd use the MSP430 without any internal EEPROM and no external EEPROM. Where will you store the data? Thanks.
-
Have you not actually used the ancient 68HC11 before?
No, I did not and I never made any claims about it. I don't really care about stuff from 40 year ago.
What would be the use of built-in EEPROM in any MCU if it can't be used for data storage??
None of the modern MCUs have true EEPROM. EEPROM is hard to manufacture on the same die as flash.
therefore all MCU with EEPROM should have flash controller that can use it as data storage. Isn't it.
EEPROM and flash are two completely unrelated technologies.
Of whatever device you are talking about has EEPROM, it can be used for storage. But if you have a device that has only flash, this flash may or may not be used for dynamic data storage. This depends on the design of the flash controller.
Lastly, Have you worked with modern MCU that has no internal EEPROM for data storage and you don't use any external EEPROM either.
Yes, all the time. Here is appnote written by me on the subject https://ww1.microchip.com/downloads/en/DeviceDoc/EEPROM_Emulation_for_Flash-Only_Devices_DS90003222A.pdf and here is a practical implementation in a real project https://github.com/ataradov/open-5012h/blob/master/config.c
But this appnote is for robust implementation tolerant to power failures while writes are happening. In the simplest case you can just erase the block and write the data. The details depends on the MCU being used.
-
(https://imagizer.imageshack.com/img923/713/syDgsf.jpg)
I owned 2 EEG devices. One made in 1999 based on the HC11. The second one was made in 2010 based on the MSP430. The first one was bricked by running the 2nd EEG PC software. But I managed to restore the firmware and in learning it able to JTAG download the firmware of the MSP430 based for backup. However, I couldn't back up the EEPROM connected to the MSP430 shown in the above (see violet arrow). How you back up the EEPROM too?
(https://imagizer.imageshack.com/img923/2326/d6ypgr.jpg)
They didn't implement your EEPROM less approach. But in the external EEPROM used in the MSP430 (see 93LC46CI spec). Is this EEPROM also commonly used in other MCUs? Or what other EEPROMs they use?
I connected to the MSP430 JTAG pins by tapping the 4 pins at the pcb (lower left of photo) above.
After downloading the PIC18F1320 datasheet above at https://ww1.microchip.com/downloads/aemDocuments/documents/MCU08/ProductDocuments/DataSheets/30009605G.pdf
(https://imagizer.imageshack.com/img923/3985/1daAJf.jpg)
Note the chip package is not the same as in the Raman chip photo in first message. But I just want to have idea what pins are equivalent to the 4 JTAG pins where one can download the firmware? The Raman spectrometer is connected to PC USB. Does Microchip have standard USB BSL access to the chip? In PIC, is there mass erase if wrong password entered in the BSL? Thanks!
-
Please don't hijack threads. And there is no need to attach so many screenshots. I'm not an expert on any of those devices. I have no idea how to dump them.
-
Please don't hijack threads. And there is no need to attach so many screenshots. I'm not an expert on any of those devices. I have no idea how to dump them.
How can I hijack my own thread? But many thanks for all the ideas. Modern day MCUs are just so difficult to use. So I guess my last MCU I'd ever use would be the HC11. Even with the HC11 I spent many late nights just figuring out how it works (there is no debugging mode because I don't have any evaluation board).
I already returned the Raman spectrometer I borrowed. A year ago, I thought Microcontroller meant something like a USB or standard interface that controls peripherals. I didn't know an MCU is like a computer. That was why I opened up the borrowed spectrometer thinking one can just replace the whole circuit by getting device that can control(ler). The pc software bricking the HC11 is blessing in disguise, for I learnt what a Microcontroller meant For after that. I never opened the spectrometer again before I returned to the lab. Had I destroy it, I had to pay for it. So I won't attempt to read the firmware anymore. Thanks for your warning.
-
How can I hijack my own thread?
My bad, I thought this was someone else thread.
Modern day MCUs are just so difficult to use.
They are not. But you need to be methodical about it and not expect immediate results. And things like Arduino make it even easier.
(there is no debugging mode because I don't have any evaluation board).
This is where modern MCUs have a huge advantage. Developer tools for them are something they would not imagine in the wildest dreams 40 years ago.
-
Note the chip package is not the same as in the Raman chip photo in first message. But I just want to have idea what pins are equivalent to the 4 JTAG pins where one can download the firmware? The Raman spectrometer is connected to PC USB. Does Microchip have standard USB BSL access to the chip? In PIC, is there mass erase if wrong password entered in the BSL? Thanks!
what are you talking about? the PIC in the first picture is the PIC18F1320-I/SO, which is the SOIC version. It's clearly SOIC, it's clearly 18pin, and the markings on the chip say so.
PIC microcontrollers don't use JTAG for programming, nor have integrated bootloaders. If Raman had programmed in there a bootloader which require access and deletes everything if wrong access, who knows? (THEM, of course)
The device programming pins they are /MCLR, PGC, PGD. If you take for example the pickit manual there you will see how to connect to them. But i have no doubts that it will be code protected so you can't read, only erase and write
-
I guess my last MCU I'd ever use would be the HC11. Even with the HC11 I spent many late nights just figuring out how it works (there is no debugging mode because I don't have any evaluation board).
Above you showed "Buffalo" output. That was how most people used to debug HC11 code. At least that is what I did, and I also used similar tools on 6800 and 6809.
But it is not clear to me if what you showed there was from Buffalo running on the actual HC11 that you have.
-
I guess my last MCU I'd ever use would be the HC11. Even with the HC11 I spent many late nights just figuring out how it works (there is no debugging mode because I don't have any evaluation board).
Above you showed "Buffalo" output. That was how most people used to debug HC11 code. At least that is what I did, and I also used similar tools on 6800 and 6809.
But it is not clear to me if what you showed there was from Buffalo running on the actual HC11 that you have.
Too late. Just when I was about to sell the old EEG unit, which I bought in 1999 but never used. I tried to enable its debugging mode when I saw your message. You see. Even though the 68HC11 MCU it used has Buffalo in it. The debugging mode was disabled because it is not an evaluation board, but one that used the chip with Buffalo and custom board.
(https://imagizer.imageshack.com/v2/640x480q90/923/wphato.jpg)
(https://imagizer.imageshack.com/v2/640x480q90/922/QOiqGC.jpg)
So I had to put a jumper (the black wire) in between the XIRQ and PA3 pin and holes tracks. I didn't try it before because I didn't want to experiment and ruin the unit before I could figure out how they could display 2 channels in one serial stream (I found out at last it used synchronization characters). I spent a month trying to understand the firmware after learning Assembly from scratch and figuring out the missing code the manufacturer bricked on purpose with their latest software (I used paper writing all the registers and loops and using THRSim1 simulator). A while ago. I used the trace function in Buffalo for the first time. It worked so nice. Didn't know the unit could really do that. But I noticed that whenever it passed through an interrupt enable (for example the CLI which enabled the Real Time Interrupt) . The trace got stuck on the next instruction. See:
(https://imagizer.imageshack.com/v2/1024x768q90/924/Ukvn5L.jpg)
Since you are one of the last few HC11 users. Let me ask you these questions:
1. Why did it get stuck after passing through instruction that enabled the interrupt? How do you proceed after it got stuck?
2. Have you encountered any commercial product with Buffalo in it? Is this the first time you see Buffalo in a finished product?
3. I find MCU to be incredibly time consuming. I had to spend hours just studying very simple functions. So I wanna ask what kinds of people participate here? Are they students or engineers of electronics? Or hobbyists?
4. The HC11 may be the last MCU I'll ever used. I don't have any applications for MCU at all. I want to know how they handle debugging in modern software that encounters an Interrupt enable instruction. Do the debugging also freeze after it?
5. If you understand the HC11 assembly language. Can you also understand the assembly languages of modern MCUs? Or do you need to start from scratch. I don't know any C language and don't plan nor have time (or application) to learn it.
6. Lastly. Do you have any ideas (or anyone at all) what kind of MCUs they used in thermonuclear warheads? Do they manufacture their own MCUs or used commercial MCUs like the MSP430 or PIC? In a post nuclear war scenerio, the most valuable product and job would be the ability to hack (or JTAG read) the MCUs of the unexploded nukes as you reprogram the firmware to aim and detonate at cities still unscathed. So if you will be given to choice to choose just one modern MCU to learn, I wonder if it would be something that you should be familiar with in a possible coming dystopian future like in Mad Max.
7. Btw. What is that exact brand of your CH340G USB-serial converter that can do non-standard 125k baud? All your ideas worked including Audacity. You made me spend one day just doing all you asked. MCUs are indeed so time consuming thing or hobby to do that's I'm moving to other areas.
Thank you for all the tips.
-
was the thread about PIC18F1320 loll
Sometimes the programmation pins are put on a header, keypad etc .... put a programmer on it and try to read it, if not, it's locked and nothing can or could be done ...
-
Worse: if you can get at the programming pins, an 8 bit FLASH PIC will always *appear* to read OK with a programmer, but you wont know whether or not a good read till you look at the lock bits in the read back CONFIG words, and the program memory contents, which read back as NOPs if the chip is locked (apart from a few early FLASH PICs which scrambled the read-back program data).
-
Are you guys sure there are no mass erase security feature in any PIC18F1320 chip? It would be easy to trace the pins you can see in the initial pic with the MCLR, PGC, PGD in the chip then plug in the PIC debugger.
Raman Spectrometer has MCU because it's mostly connected to PC with an app interacted with it. But does this deserve the $15,000 tag? Has anyone built one with good sensitivity? I plan to build one so as not to damage the main one. I need it to study the effects or changes in the molecular structures after they got altered by the likes of Dr. Manhattan. There are several in China.
(https://imagizer.imageshack.com/v2/640x480q90/924/M1N1LK.jpg)
-
What is "mass erase security feature"? PIC can be locked from reading. This lock could be removed by erasing the device. This ensures that you can always put your own firmware in, but can't get the firmware from the locked device out.
And in the worst case scenario you can always replace the whole IC.
I assume electronics is not the most expensive part of the device. Mechanical and optical components would be way more expensive. And the market it limited, so the price is relatively high.
-
In the MSP430 I copied the firmware for backup (since I had experience as I explained the manufacter latest pc software bricking the HC11).
There are 2 kinds of access in the MSP430F2617 version. One is via 4-in JTAG pins. If the fuse was blown. You can't read it. There would be no mass erased. If it's not blown, you can read the entire firmware. The second access is via BSL, here you need the password which are the vectors around FFF0-FFFF. If not entered correctly. It mass erased.
The MSP430FFXX series may use lock just as you described but I don't have any experience with them. So is the PIC18F132 like the newer MSP430FFXX where there is lock when accessing the pins via debugger? Or is the lock only if BSL is accessed? If you directly connect the 3 pins to the debugger at the PIC18F132. Would there be lock too? Or just in the BSL? In the older MSP430F217. The JTAG can't be locked. It's either the fuse was blown or you can read it if not blown.
-
MSP430 and PIC devices are very different. If you are interested in PIC, then MSP430 information does not apply.
No idea what BSL is. There is only one programming interface in PIC - MCLR/PGC/PGD. If firmware author implements some other way to access the device (bootloader or just a command), then it is up to them, there is nothing standard.
Programming interface is always accessible, but it will not return valid data for read commands if the security bit is set. You can still issue the erase command, which would also clear the lock bit and the device would be unlocked, but erased.
-
Okay that's a big difference. In MSP430, there is a bootloader program in the chip rom that you can always access using a standard BSL pc software via USB even if the chip contents are totally erased. So in PIC18F1320, there is absolutely no standard BSL (Boot Strap Loader) in the rom for the pc program to connect via USB even if chip memory all erased?
(https://imagizer.imageshack.com/v2/800x600q90/923/odrteQ.jpg)
I intercepted the following entries in Serial Port Monitor when the spectrometer was first booted up:
"ÿÿÿ.Ž.......¦ÿÿÿ............hL..........Ž.......¤ÿÿÿ........Ž.......¤ÿÿÿ........Ž.......¦ÿÿÿ‹.......ÿÿÿÿ€...................Ž.......¤ÿÿÿ.......ŸŽ.......¤ÿÿÿ‹.......ÿÿÿÿ€.......Ÿ.„.................‹.......ÿÿÿÿ.(.......,.....Ž.......†ÿÿÿŽ.......¦ÿÿÿ.,.....Ž.......†ÿÿÿŽ.......¦ÿÿÿ‹.......ÿÿÿÿ€............4..l(ßÑ.8......
.......Ž.......¦ÿÿÿ.$..@
........ÿÿ‹.......ÿÿÿÿ.(.......,......Ž.......†ÿÿÿŽ.......¦ÿÿÿ‹.......ÿÿÿÿ.(..|....,......Ž.......†ÿÿÿŽ.......¦ÿÿÿ............hL.......à..Ž.......¬ÿÿÿŽ.......¤ÿÿÿ................‹.......ÿÿÿÿ€.@.....................•...¶....@..............................................................¶...ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ............hL.......ÿ..Ž.......¬ÿÿÿŽ.......¤ÿÿÿ................‹.......ÿÿÿÿ€.@.....%¸±.y´.DÒm"(±.¨$]4.7«8BOn˜×/E
.Ç$HÒþ/W&X‚5-:ú.dŒ5Íâ.}Ò‹UˈÇ붥AÄI.5›P7Jy„Iƒ.NRt³'_ˆ.ëXc¹ÙÿPÆ-¬.éé.êLP—´d‹jõ(Eº.°< ó&'©–.h@‘.S²K.Ò!NâUB¶–Í<÷}.’Ã..uB.*ØÉø¨—.HQÄÍ°{ug:üO×”—½ìÞ*¾&.Ì5..cƒÿ.³."Ífå.ú0.w÷…ºtÙO™|$nãê¥/æ*.9‡’IY!®É—TÞì!.Nù&2æmý¸ý..NN} .ž.ª³»+
....@..Ž.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿ.,...€..Ž.......†ÿÿÿŽ.......¦ÿÿÿ‹.......ÿÿÿÿ€.......ÿ...Ž........ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿ.,...€..Ž.......†ÿÿÿŽ.......¦ÿÿÿ‹.......ÿÿÿÿ€.......ÿ...Ž........ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿ.,...€..Ž.......†ÿÿÿŽ.......¦ÿÿÿ‹.......ÿÿÿÿ€.......ÿ...Ž........ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿŽ.......¦ÿÿÿ"
What are the ÿÿÿŽ? Recognize any of the format or sequence?
Usually are USB outputs from the PIC18F1320 read only? Or if you can access the serial/USB via Tera Term and type all kinds of commands, can it somehow affect the PIC chip memory inside and ruin or brick the firmware?? Can it be programmed to accept inputs from the Terminal and change the memory inside? Just want to know so in case it's possible. I'd not use Tera Term to mess with it.
-
There is no standard bootloader in PIC18F1320. There is not USB either. Programmers are stupid cheap nowadays. Bootloaders make no sense and add to the cost of the device.
This is just random garbage. Are you even sure you have correct baudrate setting?
PIC18F1320 supports self programming, so it is possible to make the firmware that would self destroy.
-
How do you know it's random garbage? When the pc app was run, and the unit boots up, it can run spectra sample of say alcohol. How do non random data look like?
When I went to device manager. I saw the following. It has 921,600 baud. And uses FTDI driver (and chip?)
(https://imagizer.imageshack.com/v2/640x480q90/924/ygg0T3.jpg)
(https://imagizer.imageshack.com/v2/640x480q90/922/p2XuVi.jpg)
(https://imagizer.imageshack.com/v2/640x480q90/922/JUXPeT.jpg)
Besides FTDI. What other brands of USB chips for example do other MCUs use?
When I went to Ebay and enter "Pickit". I saw this:
https://www.ebay.com/itm/382100189837?hash=item58f6f2328d:g:8LgAAOSws5pZJoox&amdata=enc%3AAQAHAAAAoDOiH%2Bsd1BqU5tSenfVkvqQlAmQ2OCcqBHgdT%2FMdnZXucgjxoR0Kug2NZ7qEUaXmxAYCBQjMw4UsneX9Q%2BoLS1Ztg1Pv1QYiQtDJkWp7%2BwiH35Nvj4xHU%2BtSXiKv9%2BNqvTeubBvnqgx2AchHgSp5nDrSh%2FrZ%2Fpulslr%2BLuAdXfWIfOmFsKWc1Cw0%2BUkZqLKhqnDuJ%2ByE%2FuwoAjUFI%2FrPyWk%3D%7Ctkp%3ABk9SR5DJ4ru_YQ (https://www.ebay.com/itm/382100189837?hash=item58f6f2328d:g:8LgAAOSws5pZJoox&amdata=enc%3AAQAHAAAAoDOiH%2Bsd1BqU5tSenfVkvqQlAmQ2OCcqBHgdT%2FMdnZXucgjxoR0Kug2NZ7qEUaXmxAYCBQjMw4UsneX9Q%2BoLS1Ztg1Pv1QYiQtDJkWp7%2BwiH35Nvj4xHU%2BtSXiKv9%2BNqvTeubBvnqgx2AchHgSp5nDrSh%2FrZ%2Fpulslr%2BLuAdXfWIfOmFsKWc1Cw0%2BUkZqLKhqnDuJ%2ByE%2FuwoAjUFI%2FrPyWk%3D%7Ctkp%3ABk9SR5DJ4ru_YQ)
It's made in china. Are the debugger unit really open source now and can be built by any company? Should I get PICkit2 or PICkit3?
Also since you work at Microchip (right?)? Why didn't you erase the entire chip if wrong configuration bits or passwords used? Why do you guys allow the users to try accessing the firmware hundreds or thousands of times (of all password combinations) without erasing it on wrong passwords?
You are encouraging me to buy the PICkit and attempt firmware reading without risk or fear of it being erased.
-
Because this is clearly binary data, even if it was something, forum software would not preserve it.
921600 BPS is highly non-standard, so I doubt device actually sends at that rate. You need to use a terminal emulator and try different baudrates and see if any makes sense (produces ASCII text, for exampe).
MCUs don't use any chips. Devices may use whatever, it does not matter. They all are interchangeable to an extent. .
PICs were invented before I was even born. What passwords you are talking about? There are no passwords if device is locked, it is locked. You can try however many times you like, it will stll remain locked. All you can do is erase.
I don't encourage you to do anything. I don't work with PICs, I never held PICKit in my hands. You do your own research on what you need. But based on the questions so far - it will be a waste of time. You clearly don't want to read documentation.
-
I read and got idea now the configuration bits in PIC are just like the interrupt vectors in MSP430 which are the "password" used to access it via USB. The only difference is that you need to enter the configuration bits in the PIC software to even attempt the 3 pin hardware read (just like the newer MSP430FXX families).
Its stretch to think the manufacturer won't even enable code protection by just clicking the mouse. I read in the manual:
"Code protection is constantly evolving. We at Microchip are committed to continuously improving the code protection features of our
products. Attempts to break Microchip’s code protection feature may be a violation of the Digital Millennium Copyright Act. If such acts
allow unauthorized access to your software or other copyrighted work, you may have a right to sue for relief under that Act".
If the PIC has code protection disabled and you download the firmware, can the company sue you?
And also if you have the firmware at your pc but you are not distributing it or duplicating the hardware and selling. Can they sue you? Is there a law that says that mere possession of downloaded firmware (even just for backup) is a crime?
The following is the dump view when the unit is booted up and stay in idle mode for 10 secs then existing the pc app). There is a "SPEC" ascii code at beginning. Which of them is garbage? Do serial data have some pattern that is same for all MCUs or are they random? If random, how do you tell garbage from legitimate serial data?
(I deleted the program file name to avoid revealing what company it is. Last question. What particular MCU do you work with? Since you don't work with the HC11, MSP430 and even PIC. What do MCU wizards like you usually work with?)
"
[29/01/2023 09:31:52] - Open port COM3 (C:\Program Files (x86)\XXXXX\Professional\bin\XXXXX.exe)
[29/01/2023 09:31:53] Written data (COM3)
80 10 01 00 00 00 00 00 €.......
[29/01/2023 09:31:53] Read data (COM3)
53 50 45 43 SPEC
[29/01/2023 09:31:53] Written data (COM3)
8d 01 01 00 00 00 00 00 .......
[29/01/2023 09:31:53] Read data (COM3)
ff 13 ff ff ÿ.ÿÿ
[29/01/2023 09:31:53] Written data (COM3)
87 03 01 00 00 00 00 00 ‡.......
[29/01/2023 09:31:53] Read data (COM3)
ff ff ff 02 ÿÿÿ.
[29/01/2023 09:31:53] Written data (COM3)
8e 00 01 00 00 00 00 00 Ž.......
[29/01/2023 09:31:53] Read data (COM3)
a6 ff ff ff ¦ÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
0e 04 01 00 06 00 00 00 0c 08 01 00 68 4c 00 00 ............hL..
00 10 01 00 00 00 00 06 8e 00 01 00 00 00 00 00 ........Ž.......
[29/01/2023 09:31:53] Read data (COM3)
a4 ff ff ff ¤ÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
00 10 01 00 00 00 00 01 8e 00 01 00 00 00 00 00 ........Ž.......
[29/01/2023 09:31:53] Read data (COM3)
a4 ff ff ff ¤ÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
00 10 01 00 00 00 00 05 8e 00 01 00 00 00 00 00 ........Ž.......
[29/01/2023 09:31:53] Read data (COM3)
a6 ff ff ff ¦ÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
8b 02 01 00 00 00 00 00 ‹.......
[29/01/2023 09:31:53] Read data (COM3)
ff ff ff ff ÿÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
80 08 01 00 00 00 00 00 €.......
[29/01/2023 09:31:53] Read data (COM3)
00 00 05 00 ....
[29/01/2023 09:31:53] Written data (COM3)
00 10 01 00 00 00 00 06 8e 00 01 00 00 00 00 00 ........Ž.......
[29/01/2023 09:31:53] Read data (COM3)
a4 ff ff ff ¤ÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
00 10 01 00 00 00 00 9f 8e 00 01 00 00 00 00 00 .......ŸŽ.......
[29/01/2023 09:31:53] Read data (COM3)
a4 ff ff ff ¤ÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
8b 02 01 00 00 00 00 00 ‹.......
[29/01/2023 09:31:53] Read data (COM3)
ff ff ff ff ÿÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
80 08 01 00 00 00 00 00 €.......
[29/01/2023 09:31:53] Read data (COM3)
9f 1f 84 01 Ÿ.„.
[29/01/2023 09:31:53] Written data (COM3)
0c 08 01 00 00 00 00 00 0e 04 01 00 00 00 00 00 ................
8b 02 01 00 00 00 00 00 ‹.......
[29/01/2023 09:31:53] Read data (COM3)
ff ff ff ff ÿÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
00 28 01 00 00 00 00 00 00 2c 01 00 00 7f 04 00 .(.......,.....
8e 00 01 00 00 00 00 00 Ž.......
[29/01/2023 09:31:53] Read data (COM3)
86 ff ff ff †ÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
8e 00 01 00 00 00 00 00 Ž.......
[29/01/2023 09:31:53] Read data (COM3)
a6 ff ff ff ¦ÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
00 2c 01 00 00 81 01 00 8e 00 01 00 00 00 00 00 .,.....Ž.......
[29/01/2023 09:31:53] Read data (COM3)
86 ff ff ff †ÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
8e 00 01 00 00 00 00 00 Ž.......
[29/01/2023 09:31:53] Read data (COM3)
a6 ff ff ff ¦ÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
8b 02 01 00 00 00 00 00 ‹.......
[29/01/2023 09:31:53] Read data (COM3)
ff ff ff ff ÿÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
80 14 01 00 00 00 00 00 €.......
[29/01/2023 09:31:53] Read data (COM3)
03 00 00 00 ....
[29/01/2023 09:31:53] Written data (COM3)
00 34 01 00 6c 28 df d1 0e 38 01 00 01 00 00 00 .4..l(ßÑ.8......
0d 05 01 00 00 00 00 00 8e 00 01 00 00 00 00 00 ........Ž.......
[29/01/2023 09:31:53] Read data (COM3)
a6 ff ff ff ¦ÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
00 24 01 00 40 0d 03 00 03 06 01 00 00 00 ff ff .$..@.........ÿÿ
8b 02 01 00 00 00 00 00 ‹.......
[29/01/2023 09:31:53] Read data (COM3)
ff ff ff ff ÿÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
00 28 01 00 00 00 00 00 00 2c 01 00 00 02 02 00 .(.......,......
8e 00 01 00 00 00 00 00 Ž.......
[29/01/2023 09:31:53] Read data (COM3)
86 ff ff ff †ÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
8e 00 01 00 00 00 00 00 Ž.......
[29/01/2023 09:31:53] Read data (COM3)
a6 ff ff ff ¦ÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
8b 02 01 00 00 00 00 00 ‹.......
[29/01/2023 09:31:53] Read data (COM3)
ff ff ff ff ÿÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
00 28 01 00 7c 00 00 00 00 2c 01 00 00 00 04 00 .(..|....,......
8e 00 01 00 00 00 00 00 Ž.......
[29/01/2023 09:31:53] Read data (COM3)
86 ff ff ff †ÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
8e 00 01 00 00 00 00 00 Ž.......
[29/01/2023 09:31:53] Read data (COM3)
a6 ff ff ff ¦ÿÿÿ
[29/01/2023 09:31:53] Written data (COM3)
0e 04 01 00 06 00 00 00 0c 08 01 00 68 4c 00 00 ............hL..
00 10 01 00 00 e0 07 0b 8e 00 01 00 00 00 00 00 .....à..Ž.......
[29/01/2023 09:31:53] Read data (COM3)
ac ff ff ff ¬ÿÿÿ
[29/01/2023 09:31:54] Written data (COM3)
8e 00 01 00 00 00 00 00 Ž.......
[29/01/2023 09:31:54] Read data (COM3)
a4 ff ff ff ¤ÿÿÿ
[29/01/2023 09:31:54] Written data (COM3)
0c 08 01 00 00 00 00 00 0e 04 01 00 00 00 00 00 ................
8b 02 01 00 00 00 00 00 ‹.......
[29/01/2023 09:31:54] Read data (COM3)
ff ff ff ff ÿÿÿÿ
[29/01/2023 09:31:54] Written data (COM3)
80 08 40 00 00 00 00 00 €.@.....
[29/01/2023 09:31:54] Read data (COM3)
01 00 00 00 00 00 00 00 09 00 00 00 00 00 00 00 ................
95 0e 03 01 00 02 00 00 00 00 00 00 00 00 00 00 •...............
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
b6 0c 00 00 00 40 00 00 00 00 00 00 00 00 00 00 ¶....@..........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 b6 0c 00 00 ff ff ff ff ff ff ff ff ....¶...ÿÿÿÿÿÿÿÿ
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
[29/01/2023 09:31:54] Written data (COM3)
0e 04 01 00 06 00 00 00 0c 08 01 00 68 4c 00 00 ............hL..
00 10 01 00 00 ff 07 0b 8e 00 01 00 00 00 00 00 .....ÿ..Ž.......
[29/01/2023 09:31:54] Read data (COM3)
ac ff ff ff ¬ÿÿÿ
[29/01/2023 09:31:54] Written data (COM3)
8e 00 01 00 00 00 00 00 Ž.......
[29/01/2023 09:31:54] Read data (COM3)
a4 ff ff ff ¤ÿÿÿ
[29/01/2023 09:31:54] Written data (COM3)
0c 08 01 00 00 00 00 00 0e 04 01 00 00 00 00 00 ................
8b 02 01 00 00 00 00 00 ‹.......
[29/01/2023 09:31:54] Read data (COM3)
ff ff ff ff ÿÿÿÿ
[29/01/2023 09:31:54] Written data (COM3)
80 08 40 00 00 00 00 00 €.@.....
[29/01/2023 09:31:54] Read data (COM3)
25 b8 b1 1d 79 b4 0b 44 d2 6d 8f 22 28 b1 08 a8 %¸±.y´.DÒm"(±.¨
24 5d ad 34 17 37 ab 38 42 4f 6e 98 d7 2f 45 90 $]4.7«8BOn˜×/E
0a 1c c7 24 48 d2 fe 2f 57 26 58 82 35 2d 3a fa ..Ç$HÒþ/W&X‚5-:ú
02 64 7f 8c 35 cd e2 03 7d d2 8b 55 cb 88 c7 eb .dŒ5Íâ.}Ò‹UˈÇë
b6 a5 41 c4 49 0e 35 9b 50 37 4a 79 84 49 83 0c ¶¥AÄI.5›P7Jy„Iƒ.
4e 52 74 b3 27 5f 88 0e eb 58 63 b9 d9 ff 50 c6 NRt³'_ˆ.ëXc¹ÙÿPÆ
2d ac 0e e9 e9 0c ea 4c 50 97 b4 64 8b 6a f5 28 -¬.éé.êLP—´d‹jõ(
45 ba 1f b0 3c 20 f3 26 27 a9 96 08 68 40 91 09 Eº.°< ó&'©–.h@‘.
53 b2 4b 8f 11 d2 21 4e e2 55 42 b6 96 cd 3c f7 S²K.Ò!NâUB¶–Í<÷
7d 0c 92 c3 19 17 75 42 0b 2a 8f d8 c9 f8 a8 97 }.’Ã..uB.*ØÉø¨—
05 48 51 c4 cd b0 7b 75 67 3a fc 4f d7 94 81 97 .HQÄÍ°{ug:üO×”—
bd ec de 2a be 26 0b cc 35 0f 12 63 83 ff 0c b3 ½ìÞ*¾&.Ì5..cƒÿ.³
0b 22 cd 66 e5 1a fa 30 07 77 f7 85 ba 74 d9 4f ."Ífå.ú0.w÷…ºtÙO
99 7f 7c 24 6e e3 ea a5 2f e6 2a 1d 39 87 92 49 ™|$nãê¥/æ*.9‡’I
59 21 ae c9 97 54 de ec 21 00 4e f9 26 32 e6 6d Y!®É—TÞì!.Nù&2æm
fd b8 fd 1f 11 4e 4e 7d 20 06 9e 11 aa b3 bb 2b ý¸ý..NN} .ž.ª³»+
[29/01/2023 09:31:54] Written data (COM3)
0d 05 01 00 00 40 00 00 8e 00 01 00 00 00 00 00 .....@..Ž.......
[29/01/2023 09:31:54] Read data (COM3)
a6 ff ff ff ¦ÿÿÿ
[29/01/2023 09:31:54] Written data (COM3)
8e 00 01 00 00 00 00 00 Ž.......
[29/01/2023 09:31:54] Read data (COM3)
a6 ff ff ff ¦ÿÿÿ
[29/01/2023 09:31:54] Written data (COM3)
8e 00 01 00 00 00 00 00 Ž.......
[29/01/2023 09:31:54] Read data (COM3)
a6 ff ff ff ¦ÿÿÿ
[29/01/2023 09:31:54] Written data (COM3)
8e 00 01 00 00 00 00 00 Ž.......
[29/01/2023 09:31:54] Read data (COM3)
a6 ff ff ff ¦ÿÿÿ
[29/01/2023 09:31:54] Written data (COM3)
8e 00 01 00 00 00 00 00 Ž.......
[29/01/2023 09:31:54] Read data (COM3)
a6 ff ff ff ¦ÿÿÿ
[29/01/2023 09:31:54] Written data (COM3)
8e 00 01 00 00 00 00 00 Ž.......
-
I read and got idea now the configuration bits in PIC are just like the interrupt vectors in MSP430
You read wrong. Configuration bits are just persistent bits you can set and clear. Nothing more.
The only difference is that you need to enter the configuration bits in the PIC software
You don't "enter" the bits. Bits are set at the time of programming. If you set the lock bit at that time, you have to erase the device to clear it back.
Its stretch to think the manufacturer won't even enable code protection by just clicking the mouse. I read in the manual:
You can enable code protection from the programmer by clicking a mouse.
If the PIC has code protection disabled and you download the firmware, can the company sue you?
Yes. The firmare is intelectual property, it is protected just like any other intellectual property.
And also if you have the firmware at your pc but you are not distributing it or duplicating the hardware and selling. Can they sue you? Is there a law that says that mere possession of downloaded firmware (even just for backup) is a crime?
Consult a lawyer.
Do serial data have some pattern that is same for all MCUs or are they random? If random, how do you tell garbage from legitimate serial data?
There is no common pattern, MCUs are programmable to do whatever you need them to do. You tell by guessing. If there is clear understandable text, then it is guaranteed to be not garbage. If there is just some binary data, it can be real binary data or incorrect port settings. The only way to know is to reverse engineer the protocol.
What baudrate this was received at?
What do MCU wizards like you usually work with?)
ARM-based ones mostly.
-
This is how the CCD looks like inside the Raman spectrometer. I think Raman parts are just easy to make. Are you free launch programmer/designer? Can you design and create a Raman for me for $1000 so I can return back to my niece school before I break it?
(https://imagizer.imageshack.com/v2/1024x768q90/924/b13QKO.jpg)
(https://imagizer.imageshack.com/v2/640x480q90/922/gU0wd2.jpg)
The above photo shows the entrace slit, spectrograph grating and CCD and partial of the light paths.
The following is the result from the software Serial Port Monitor showing the datastream in 4 kinds of parameter. How can a terminal shows up ascii or garbage depending on the baud rate? Can you just show in simple example how garbage can show up depending on baud rate? Many thanks.
(https://imagizer.imageshack.com/img922/934/VC9qp2.jpg)
-
I want to copy it and sell stuff like that. Are there laws that says reverse engineering is a crime? or reading firmware is a crime?
That is not 'reverse engineering', that is outright theft.
-
Can you design and create a Raman for me for $1000 so I can return back to my niece school before I break it?
I don't know anything about optics or mechanics designs. I doubt one person can realistically build anything like this. I would 200x the budget if you want to find anyone even willing to talk.
How can a terminal shows up ascii or garbage depending on the baud rate? Can you just show in simple example how garbage can show up depending on baud rate?
You have 256000 BPS selected, which is again highly non-standard. Change that number and see how the output varies. This is the garbage I'm talking about. You need to try more standard baudrates. Which ones are standard - google.
-
I want to copy it and sell stuff like that. Are there laws that says reverse engineering is a crime? or reading firmware is a crime?
That is not 'reverse engineering', that is outright theft.
And seeing the "discution tone" you want to clone this equipement ?
This thread should stop here
-
Can you design and create a Raman for me for $1000 so I can return back to my niece school before I break it?
I don't know anything about optics or mechanics designs. I doubt one person can realistically build anything like this. I would 200x the budget if you want to find anyone even willing to talk.
How can a terminal shows up ascii or garbage depending on the baud rate? Can you just show in simple example how garbage can show up depending on baud rate?
You have 256000 BPS selected, which is again highly non-standard. Change that number and see how the output varies. This is the garbage I'm talking about. You need to try more standard baudrates. Which ones are standard - google.
Can you design and create a Raman for me for $1000 so I can return back to my niece school before I break it?
I don't know anything about optics or mechanics designs. I doubt one person can realistically build anything like this. I would 200x the budget if you want to find anyone even willing to talk.
How can a terminal shows up ascii or garbage depending on the baud rate? Can you just show in simple example how garbage can show up depending on baud rate?
You have 256000 BPS selected, which is again highly non-standard. Change that number and see how the output varies. This is the garbage I'm talking about. You need to try more standard baudrates. Which ones are standard - google.
Before we end this thread (yes I'll self moderate and stop. I thought reverse engineering is allowable, how does it differ to theft anyway I sometimes wondered in the past). I want to know the following.
I tried all kinds of baud rates in Device Manager and settled with 9600. And the outputs are the same. The Raman app won't let you change any baud rate, and note the application Serial Port Monitor is NOT a terminal. It just shows what goes on in the Raman app as it receives data. It can't adjust baud rate. Without any app that uses the serial. The Serial Port Monitor won't have any output. What do you call this serial sniffing software?
Note the 256000 BPS you saw in Serial Port Monitor is the Send Dialog box, which doesn't function because you are receiving data and not sending, one can adjust it down to 110 baud when sending dialog (and it is not relevant to the receiving application. .
For my last question (I know now I shouldn't announce whenever I got new firmware) I just want to know if you have any ideas how to convert the following data to the raman plot (of H20 water) ni the graph. Any pattern you are familiar with (there is 00 every 4th, 8th, 12th, 16th? Is it Unsigned 8 bit raw for example or Signed when converting in Audacity which I learnt from Ozcar? And Signed means someone signed them? Many thanks.
(https://imagizer.imageshack.com/v2/800x600q90/923/zKMt7H.jpg)
76 35 00 00 b6 34 00 00 17 36 00 00 98 36 00 00 v5..¶4...6..˜6..
3c 34 00 00 69 35 00 00 4c 36 00 00 dd 34 00 00 <4..i5..L6..Ý4..
ad 34 00 00 dc 35 00 00 2a 35 00 00 c6 35 00 00 4..Ü5..*5..Æ5..
bf 33 00 00 1f 35 00 00 9c 33 00 00 b5 35 00 00 ¿3...5..œ3..µ5..
ff 4a 01 00 1e 44 01 00 a1 5e 01 00 b6 55 01 00 ÿJ...D..¡^..¶U..
ba 4c 01 00 0d 4f 01 00 64 63 01 00 27 49 01 00 ºL...O..dc..'I..
db a6 01 00 25 44 01 00 81 4f 01 00 ae 42 01 00 Û¦..%D..O..®B..
ea 27 01 00 bc 5f 01 00 ee 81 01 00 93 8f 01 00 ê'..¼_..î..“..
54 6f 01 00 32 6f 01 00 cc 85 01 00 3c 91 01 00 To..2o..Ì…..<‘..
6f 86 01 00 fe 88 01 00 5b 68 01 00 69 89 01 00 o†..þˆ..[h..i‰..
6a 7b 01 00 cb a7 01 00 e9 ac 01 00 9d d0 01 00 j{..˧..é¬..Ð..
5f 02 02 00 39 72 02 00 c1 fa 02 00 bc 78 05 00 _...9r..Áú..¼x..
03 1c 0f 00 e7 ff 18 80 e7 ff 18 80 e7 ff 18 80 ....çÿ.€çÿ.€çÿ.€
e7 ff 18 80 e7 ff 18 80 e7 ff 18 80 e7 ff 18 80 çÿ.€çÿ.€çÿ.€çÿ.€
e7 ff 18 80 54 d1 18 80 a1 fd 17 80 4c 97 02 00 çÿ.€TÑ.€¡ý.€L—..
4f 8c 02 00 6d 25 02 00 1a 22 02 00 8f 37 02 00 OŒ..m%..."..7..
8b 42 02 00 ff f5 01 00 3a f1 01 00 8d b5 01 00 ‹B..ÿõ..:ñ..µ..
da 93 01 00 22 89 01 00 d3 82 01 00 1f 96 01 00 Ú“.."‰..Ó‚...–..
d1 cc 01 00 6f a4 01 00 1b a6 01 00 11 91 01 00 ÑÌ..o¤...¦...‘..
e9 82 01 00 1c 5a 01 00 07 71 01 00 94 6a 01 00 é‚...Z...q..”j..
b2 90 01 00 32 44 01 00 5b 77 01 00 46 77 01 00 ²..2D..[w..Fw..
38 a3 01 00 64 63 01 00 81 5c 01 00 2e 42 01 00 8£..dc..\...B..
24 47 01 00 a4 70 01 00 fc 71 01 00 a3 70 01 00 $G..¤p..üq..£p..
dc 39 01 00 bb 79 01 00 8c 8f 01 00 ce 6c 01 00 Ü9..»y..Œ..Îl..
57 4e 01 00 9c 7c 01 00 d8 55 01 00 3d 81 01 00 WN..œ|..ØU..=..
de 6b 01 00 6d e8 01 00 46 9d 01 00 0b 77 01 00 Þk..mè..F...w..
ca 7a 01 00 c7 80 01 00 d6 72 01 00 e9 ee 01 00 Êz..Ç€..Ör..éî..
6e a8 01 00 68 e1 01 00 0c 41 02 00 54 71 02 00 n¨..há...A..Tq..
1e 03 03 00 a6 86 03 00 2f 1a 04 00 51 d7 04 00 ....¦†../...Q×..
70 a7 05 00 e3 cc 05 00 f9 3c 06 00 67 66 06 00 p§..ãÌ..ù<..gf..
b1 b2 06 00 ad 9c 06 00 63 b5 06 00 1d d0 06 00 ±²..œ..cµ...Ð..
dc ea 06 00 a8 b1 06 00 9b eb 06 00 15 ee 06 00 Üê..¨±..›ë...î..
90 a1 06 00 34 95 06 00 1a ab 06 00 dd 8a 06 00 ¡..4•...«..ÝŠ..
6a 77 06 00 41 99 06 00 6b 96 06 00 26 af 06 00 jw..A™..k–..&¯..
fc 82 06 00 35 82 06 00 e9 82 06 00 cb 8e 06 00 ü‚..5‚..é‚..ËŽ..
9d 69 06 00 9c 5d 06 00 64 84 06 00 60 58 06 00 i..œ]..d„..`X..
51 35 06 00 1c 7c 06 00 ab 4e 06 00 37 1f 06 00 Q5...|..«N..7...
01 4f 06 00 a5 f7 05 00 9b 37 06 00 12 08 06 00 .O..¥÷..›7......
4d 22 06 00 b5 f2 05 00 0b fb 05 00 77 e1 05 00 M"..µò...û..wá..
f1 ee 05 00 77 d3 05 00 1d f0 05 00 1e e6 05 00 ñî..wÓ...ð...æ..
32 e5 05 00 37 a2 05 00 5f b3 05 00 24 a2 05 00 2å..7¢.._³..$¢..
6c b7 05 00 be b5 05 00 ca b8 05 00 55 73 05 00 l·..¾µ..ʸ..Us..
ae 7d 05 00 5b 71 05 00 30 99 05 00 8e 6e 05 00 ®}..[q..0™..Žn..
d5 36 05 00 a7 75 05 00 7a 2c 05 00 ec 34 05 00 Õ6..§u..z,..ì4..
6d 22 05 00 a2 15 05 00 52 16 05 00 66 f4 04 00 m"..¢...R...fô..
86 fc 04 00 2e f2 04 00 8c be 04 00 72 cd 04 00 †ü...ò..Œ¾..rÍ..
b1 f8 04 00 65 a1 04 00 ed cf 04 00 a4 b5 04 00 ±ø..e¡..íÏ..¤µ..
74 a5 04 00 d7 98 04 00 09 8b 04 00 75 93 04 00 t¥..ט...‹..u“..
b7 9a 04 00 51 75 04 00 17 63 04 00 a7 87 04 00 ·š..Qu...c..§‡..
02 77 04 00 38 2e 04 00 c8 99 04 00 c2 5f 04 00 .w..8...È™..Â_..
e6 5d 04 00 ae 61 04 00 96 4e 04 00 12 2a 04 00 æ]..®a..–N...*..
a3 34 04 00 ed 47 04 00 ec 47 04 00 ef 3f 04 00 £4..íG..ìG..ï?..
72 1c 04 00 65 24 04 00 4e 37 04 00 5d 00 04 00 r...e$..N7..]...
23 1d 04 00 67 2e 04 00 bd ff 03 00 60 f4 03 00 #...g...½ÿ..`ô..
b0 0e 04 00 52 56 04 00 04 4f 04 00 71 f1 03 00 °...RV...O..qñ..
6d 03 04 00 4c f2 03 00 c7 0b 04 00 dd 1e 04 00 m...Lò..Ç...Ý...
e8 f1 03 00 31 d8 03 00 65 c6 03 00 89 d9 03 00 èñ..1Ø..eÆ..‰Ù..
24 f9 03 00 01 25 04 00 2a cc 03 00 e4 dc 03 00 $ù...%..*Ì..äÜ..
fd e6 03 00 cc ee 03 00 b6 e5 03 00 79 d8 03 00 ýæ..Ìî..¶å..yØ..
06 e9 03 00 93 fb 03 00 76 e0 03 00 5d e0 03 00 .é..“û..và..]à..
62 0f 04 00 e6 c3 03 00 92 c3 03 00 47 d6 03 00 b...æÃ..’Ã..GÖ..
a2 ed 03 00 da 3e 04 00 29 b7 03 00 1f c8 03 00 ¢í..Ú>..)·...È..
e1 fb 03 00 d3 c5 03 00 ed d2 03 00 d7 c4 03 00 áû..ÓÅ..íÒ..×Ä..
e2 f1 03 00 3a d6 03 00 c3 e3 03 00 17 e5 03 00 âñ..:Ö..Ãã...å..
c6 d1 03 00 2b 30 04 00 ee 21 04 00 51 22 04 00 ÆÑ..+0..î!..Q"..
e0 09 04 00 90 fd 03 00 78 e1 03 00 63 fe 03 00 à...ý..xá..cþ..
6e 33 04 00 6c f8 03 00 98 01 04 00 97 e2 03 00 n3..lø..˜...—â..
be f5 03 00 78 e5 03 00 20 e5 03 00 1b 15 04 00 ¾õ..xå.. å......
da ff 03 00 c8 d3 03 00 bc 0f 04 00 da fb 03 00 Úÿ..ÈÓ..¼...Úû..
d3 d7 03 00 88 04 04 00 2d 10 04 00 aa 1d 04 00 Ó×..ˆ...-...ª...
ef 02 04 00 66 e4 03 00 88 f8 03 00 5e e0 03 00 ï...fä..ˆø..^à..
73 08 04 00 93 f0 03 00 3d 0b 04 00 7b f5 03 00 s...“ð..=...{õ..
3f 0d 04 00 fa 1d 04 00 cf f7 03 00 63 e7 03 00 ?...ú...Ï÷..cç..
f4 31 04 00 29 e6 03 00 b7 f0 03 00 32 2a 04 00 ô1..)æ..·ð..2*..
16 1d 04 00 b4 0a 04 00 10 0b 04 00 0b f3 03 00 ....´........ó..
18 1d 04 00 f6 05 04 00 ee 34 04 00 d5 fa 03 00 ....ö...î4..Õú..
4f ee 03 00 98 12 04 00 dd 54 04 00 04 00 04 00 Oî..˜...ÝT......
65 0f 04 00 96 26 04 00 6a 2e 04 00 f7 26 04 00 e...–&..j...÷&..
c8 33 04 00 4c 57 04 00 6c 4f 04 00 85 35 04 00 È3..LW..lO..…5..
6a 4c 04 00 44 26 04 00 2c 30 04 00 ea 72 04 00 jL..D&..,0..êr..
27 48 04 00 cf 3e 04 00 9c 74 04 00 a1 15 04 00 'H..Ï>..œt..¡...
b6 64 04 00 b8 2d 04 00 55 3c 04 00 b1 36 04 00 ¶d..¸-..U<..±6..
cf 27 04 00 fd 7c 04 00 f1 4b 04 00 52 1e 04 00 Ï'..ý|..ñK..R...
bb 30 04 00 cb 3d 04 00 e1 61 04 00 66 32 04 00 »0..Ë=..áa..f2..
c0 4f 04 00 4e 22 04 00 f1 83 04 00 2b 3c 04 00 ÀO..N"..ñƒ..+<..
7e 1c 04 00 e9 0f 04 00 01 3c 04 00 8f 1d 04 00 ~...é....<.....
9f 3a 04 00 b1 05 04 00 85 25 04 00 1e 25 04 00 Ÿ:..±...…%...%..
0a 19 04 00 0b 36 04 00 fb 23 04 00 26 58 04 00 .....6..û#..&X..
b6 29 04 00 78 19 04 00 4c 25 04 00 2e e2 03 00 ¶)..x...L%...â..
62 28 04 00 1c 02 04 00 fa 02 04 00 cb da 03 00 b(......ú...ËÚ..
59 c9 03 00 36 d6 03 00 01 df 03 00 eb ad 03 00 YÉ..6Ö...ß..ë..
e3 b1 03 00 08 80 03 00 15 96 03 00 7f 87 03 00 ã±...€...–..‡..
bd 64 03 00 86 64 03 00 11 89 03 00 16 53 03 00 ½d..†d...‰...S..
a4 53 03 00 d6 47 03 00 69 35 03 00 52 3a 03 00 ¤S..ÖG..i5..R:..
56 51 03 00 0d 23 03 00 e3 4d 03 00 35 26 03 00 VQ...#..ãM..5&..
0a 3b 03 00 0e 0c 03 00 83 23 03 00 7b 1f 03 00 .;......ƒ#..{...
b5 0e 03 00 a8 04 03 00 43 11 03 00 d1 10 03 00 µ...¨...C...Ñ...
4a 0f 03 00 e9 12 03 00 32 27 03 00 74 13 03 00 J...é...2'..t...
5f e1 02 00 24 0f 03 00 33 e2 02 00 71 17 03 00 _á..$...3â..q...
06 fa 02 00 5c da 02 00 f2 f0 02 00 da cd 02 00 .ú..\Ú..òð..ÚÍ..
0d d4 02 00 20 f9 02 00 2c cc 02 00 dd cd 02 00 .Ô.. ù..,Ì..ÝÍ..
b4 d5 02 00 64 c6 02 00 f6 00 03 00 dc da 02 00 ´Õ..dÆ..ö...ÜÚ..
70 c4 02 00 3e c2 02 00 26 ac 02 00 15 a7 02 00 pÄ..>Â..&¬...§..
24 e8 02 00 a2 b4 02 00 01 d3 02 00 a6 cf 02 00 $è..¢´...Ó..¦Ï..
b8 b6 02 00 80 9a 02 00 ac c3 02 00 04 d8 02 00 ¸¶..€š..¬Ã...Ø..
2d cd 02 00 3b 95 02 00 2f ac 02 00 72 a4 02 00 -Í..;•../¬..r¤..
f9 b2 02 00 ce aa 02 00 f5 a1 02 00 3e 9f 02 00 ù²..Ϊ..õ¡..>Ÿ..
61 9c 02 00 9d 8d 02 00 1c b3 02 00 d8 aa 02 00 aœ.....³..ت..
2a 98 02 00 14 a4 02 00 39 7e 02 00 e4 c3 02 00 *˜...¤..9~..äÃ..
c9 9e 02 00 6d 73 02 00 8a cc 02 00 10 91 02 00 Éž..ms..ŠÌ...‘..
42 83 02 00 cd 97 02 00 92 c5 02 00 42 a3 02 00 Bƒ..Í—..’Å..B£..
51 8f 02 00 b0 c4 02 00 38 93 02 00 eb 82 02 00 Q..°Ä..8“..ë‚..
c8 7e 02 00 26 8c 02 00 2b 9b 02 00 0b 98 02 00 È~..&Œ..+›...˜..
3d 78 02 00 0c 7a 02 00 15 8c 02 00 6d 87 02 00 =x...z...Œ..m‡..
bf 5d 02 00 67 9a 02 00 f3 a7 02 00 c6 66 02 00 ¿]..gš..ó§..Æf..
db 6d 02 00 6b 5c 02 00 a3 73 02 00 7c 96 02 00 Ûm..k\..£s..|–..
ef 75 02 00 b0 4e 02 00 48 89 02 00 4c 60 02 00 ïu..°N..H‰..L`..
09 75 02 00 96 64 02 00 74 7e 02 00 b2 62 02 00 .u..–d..t~..²b..
e9 6c 02 00 85 4b 02 00 77 6f 02 00 95 9b 02 00 él..…K..wo..•›..
35 56 02 00 d1 79 02 00 c9 72 02 00 89 8c 02 00 5V..Ñy..Ér..‰Œ..
55 5d 02 00 82 5f 02 00 89 6f 02 00 10 32 02 00 U]..‚_..‰o...2..
3e 34 02 00 cd 4b 02 00 ac 78 02 00 0d 77 02 00 >4..ÍK..¬x...w..
50 85 02 00 cc 6a 02 00 a2 71 02 00 48 7c 02 00 P…..Ìj..¢q..H|..
96 4b 02 00 14 6e 02 00 bf 66 02 00 60 8d 02 00 –K...n..¿f..`..
21 4b 02 00 1c 5d 02 00 a2 67 02 00 a6 3c 02 00 !K...]..¢g..¦<..
d9 71 02 00 7e 4a 02 00 13 57 02 00 04 88 02 00 Ùq..~J...W...ˆ..
89 2f 02 00 39 75 02 00 60 2b 02 00 cf 8a 02 00 ‰/..9u..`+..ÏŠ..
21 5c 02 00 ee 42 02 00 8c 62 02 00 9c 52 02 00 !\..îB..Œb..œR..
99 4d 02 00 ff 92 02 00 fb 5c 02 00 b5 61 02 00 ™M..ÿ’..û\..µa..
fa 89 02 00 68 34 02 00 f3 52 02 00 76 44 02 00 ú‰..h4..óR..vD..
6d 8e 02 00 38 56 02 00 df 4b 02 00 8d 77 02 00 mŽ..8V..ßK..w..
ea 4d 02 00 d9 41 02 00 af 7b 02 00 b4 4f 02 00 êM..ÙA..¯{..´O..
09 4c 02 00 4e 48 02 00 b6 82 02 00 1d 50 02 00 .L..NH..¶‚...P..
41 4c 02 00 33 55 02 00 32 43 02 00 5d 72 02 00 AL..3U..2C..]r..
93 78 02 00 d9 75 02 00 b5 3d 02 00 dd 5b 02 00 “x..Ùu..µ=..Ý[..
09 43 02 00 3f 2d 02 00 d4 43 02 00 b4 43 02 00 .C..?-..ÔC..´C..
8b 74 02 00 bd 3d 02 00 06 53 02 00 b4 43 02 00 ‹t..½=...S..´C..
45 67 02 00 ff 50 02 00 a6 84 02 00 f4 50 02 00 Eg..ÿP..¦„..ôP..
82 6c 02 00 4f 6e 02 00 4e 53 02 00 de 2d 02 00 ‚l..On..NS..Þ-..
d5 54 02 00 37 3b 02 00 f2 34 02 00 20 6a 02 00 ÕT..7;..ò4.. j..
45 4d 02 00 ab 57 02 00 3e 57 02 00 57 43 02 00 EM..«W..>W..WC..
9a 4d 02 00 ac 3f 02 00 97 71 02 00 9f 2c 02 00 šM..¬?..—q..Ÿ,..
d4 27 02 00 86 41 02 00 39 46 02 00 19 34 02 00 Ô'..†A..9F...4..
d9 4f 02 00 47 2b 02 00 e5 81 02 00 fe 4e 02 00 ÙO..G+..å..þN..
02 4e 02 00 46 1a 02 00 83 2e 02 00 b2 63 02 00 .N..F...ƒ...²c..
08 49 02 00 72 22 02 00 24 32 02 00 e2 2f 02 00 .I..r"..$2..â/..
cc 61 02 00 00 2c 02 00 97 43 02 00 07 1f 02 00 Ìa...,..—C......
71 1f 02 00 00 1a 02 00 cf 1e 02 00 fc 0e 02 00 q.......Ï...ü...
fd 1f 02 00 9f 04 02 00 e6 26 02 00 bd 21 02 00 ý...Ÿ...æ&..½!..
b1 10 02 00 cf 0c 02 00 60 42 02 00 88 20 02 00 ±...Ï...`B..ˆ ..
f6 13 02 00 d5 2a 02 00 23 20 02 00 69 08 02 00 ö...Õ*..# ..i...
e0 2c 02 00 84 44 02 00 60 3d 02 00 e9 0b 02 00 à,..„D..`=..é...
ac fd 01 00 72 0f 02 00 10 0b 02 00 44 06 02 00 ¬ý..r.......D...
47 1c 02 00 aa 1a 02 00 70 50 02 00 4e f8 01 00 G...ª...pP..Nø..
bd 02 02 00 f5 01 02 00 28 21 02 00 61 40 02 00 ½...õ...(!..a@..
4b 53 02 00 84 21 02 00 28 ff 01 00 bb 21 02 00 KS..„!..(ÿ..»!..
61 ea 01 00 41 f3 01 00 40 33 02 00 93 42 02 00 aê..Aó..@3..“B..
fc 14 02 00 a0 1f 02 00 a6 39 02 00 97 42 02 00 ü... ...¦9..—B..
30 31 02 00 c0 02 02 00 bd 18 02 00 27 2b 02 00 01..À...½...'+..
91 2c 02 00 ec e8 01 00 f7 63 02 00 56 ff 01 00 ‘,..ìè..÷c..Vÿ..
f7 2a 02 00 11 4f 02 00 ae 1e 02 00 32 26 02 00 ÷*...O..®...2&..
b6 de 01 00 e9 e6 01 00 a7 04 02 00 da 24 02 00 ¶Þ..éæ..§...Ú$..
8d 1f 02 00 04 19 02 00 3f 1a 02 00 2e d8 01 00 .......?....Ø..
30 17 02 00 82 1d 02 00 50 2f 02 00 ac 02 02 00 0...‚...P/..¬...
32 0f 02 00 9a 05 02 00 4d 0b 02 00 a6 03 02 00 2...š...M...¦...
ed 0b 02 00 3a 0c 02 00 0e 01 02 00 a4 3d 02 00 í...:.......¤=..
f9 08 02 00 11 01 02 00 a4 42 02 00 92 fe 01 00 ù.......¤B..’þ..
a7 f6 01 00 2a e5 01 00 f2 17 02 00 ba 06 02 00 §ö..*å..ò...º...
da 08 02 00 77 12 02 00 bd 2c 02 00 5b f8 01 00 Ú...w...½,..[ø..
e1 12 02 00 67 fc 01 00 f8 ff 01 00 f0 15 02 00 á...gü..øÿ..ð...
14 04 02 00 2a f9 01 00 57 05 02 00 30 1a 02 00 ....*ù..W...0...
ef 2b 02 00 fa ed 01 00 cb 20 02 00 b3 1c 02 00 ï+..úí..Ë ..³...
e9 26 02 00 59 29 02 00 0b 23 02 00 26 34 02 00 é&..Y)...#..&4..
72 2d 02 00 1a 09 02 00 92 16 02 00 9f 05 02 00 r-......’...Ÿ...
92 f3 01 00 7b 09 02 00 0b 1b 02 00 74 1e 02 00 ’ó..{.......t...
51 2b 02 00 95 0c 02 00 55 00 02 00 39 0b 02 00 Q+..•...U...9...
60 26 02 00 ef 0e 02 00 71 2c 02 00 40 03 02 00 `&..ï...q,..@...
de fe 01 00 41 29 02 00 81 16 02 00 43 ec 01 00 Þþ..A).....Cì..
74 29 02 00 65 0c 02 00 59 48 02 00 bb 13 02 00 t)..e...YH..»...
48 1a 02 00 ae 06 02 00 cc 48 02 00 8c 3b 02 00 H...®...ÌH..Œ;..
ac 2d 02 00 e7 41 02 00 99 28 02 00 d5 08 02 00 ¬-..çA..™(..Õ...
81 0f 02 00 d7 0b 02 00 6f 1d 02 00 08 11 02 00 ...×...o.......
7f 00 02 00 15 ec 01 00 7f 32 02 00 f6 0f 02 00 ....ì..2..ö...
a9 1b 02 00 95 17 02 00 77 16 02 00 96 07 02 00 ©...•...w...–...
51 fa 01 00 8d f2 01 00 85 33 02 00 75 34 02 00 Qú..ò..…3..u4..
86 ee 01 00 30 03 02 00 18 27 02 00 73 fb 01 00 †î..0....'..sû..
c2 09 02 00 98 e1 01 00 e0 30 02 00 f7 02 02 00 Â...˜á..à0..÷...
a8 11 02 00 a1 29 02 00 a0 f9 01 00 39 37 02 00 ¨...¡).. ù..97..
01 00 02 00 13 09 02 00 0f 2b 02 00 d8 78 02 00 .........+..Øx..
2f 12 02 00 f3 ff 01 00 6d 1e 02 00 69 2c 02 00 /...óÿ..m...i,..
7a 2c 02 00 16 05 02 00 92 21 02 00 66 32 02 00 z,......’!..f2..
73 ff 01 00 a1 23 02 00 e4 14 02 00 88 1b 02 00 sÿ..¡#..ä...ˆ...
12 0e 02 00 44 fd 01 00 61 32 02 00 b4 24 02 00 ....Dý..a2..´$..
01 2f 02 00 d0 fe 01 00 db 0f 02 00 09 0d 02 00 ./..Ðþ..Û.......
bc fa 01 00 ed 12 02 00 51 35 02 00 28 02 02 00 ¼ú..í...Q5..(...
a6 0a 02 00 34 06 02 00 36 1c 02 00 82 32 02 00 ¦...4...6...‚2..
99 13 02 00 6b 17 02 00 19 31 02 00 b1 1b 02 00 ™...k....1..±...
99 04 02 00 36 07 02 00 17 08 02 00 55 20 02 00 ™...6.......U ..
1c 05 02 00 7a 1b 02 00 26 07 02 00 f4 08 02 00 ....z...&...ô...
11 33 02 00 c0 14 02 00 c4 09 02 00 59 05 02 00 .3..À...Ä...Y...
6e 1e 02 00 2d fa 01 00 0e 1a 02 00 20 25 02 00 n...-ú...... %..
fd 54 02 00 8a 22 02 00 03 09 02 00 1d 3a 02 00 ýT..Š".......:..
e5 f7 01 00 9c f7 01 00 82 14 02 00 4c 09 02 00 å÷..œ÷..‚...L...
24 0e 02 00 85 ed 01 00 cf 03 02 00 69 f6 01 00 $...…í..Ï...iö..
6f 0b 02 00 60 04 02 00 e9 2c 02 00 f0 01 02 00 o...`...é,..ð...
10 23 02 00 cd 0e 02 00 e7 0b 02 00 87 ee 01 00 .#..Í...ç...‡î..
2d 04 02 00 40 04 02 00 b7 1c 02 00 10 08 02 00 -...@...·.......
06 25 02 00 0b fa 01 00 cb f5 01 00 32 3d 02 00 .%...ú..Ëõ..2=..
90 28 02 00 2e ec 01 00 9e e4 01 00 3e f7 01 00 (...ì..žä..>÷..
21 e7 01 00 2f de 01 00 d2 fe 01 00 7c fc 01 00 !ç../Þ..Òþ..|ü..
23 d6 01 00 d7 1b 02 00 e5 1f 02 00 a3 0c 02 00 #Ö..×...å...£...
37 ec 01 00 8d f3 01 00 21 1a 02 00 6a 22 02 00 7ì..ó..!...j"..
ab ce 01 00 40 e0 01 00 c3 f6 01 00 28 f1 01 00 «Î..@à..Ãö..(ñ..
20 f9 01 00 46 cf 01 00 d1 0b 02 00 10 f7 01 00 ù..FÏ..Ñ....÷..
d4 14 02 00 ac f3 01 00 92 3a 02 00 76 ec 01 00 Ô...¬ó..’:..vì..
35 ed 01 00 9e f7 01 00 72 10 02 00 05 11 02 00 5í..ž÷..r.......
16 dd 01 00 63 02 02 00 73 fd 01 00 bd d9 01 00 .Ý..c...sý..½Ù..
75 d3 01 00 37 c7 01 00 27 04 02 00 c5 f2 01 00 uÓ..7Ç..'...Åò..
c5 fb 01 00 2e ed 01 00 d0 f2 01 00 22 ee 01 00 Åû...í..Ðò.."î..
42 d9 01 00 ab f3 01 00 90 13 02 00 ef fe 01 00 BÙ..«ó.....ïþ..
ca 02 02 00 6d d6 01 00 51 f8 01 00 e3 da 01 00 Ê...mÖ..Qø..ãÚ..
b1 f3 01 00 2f ea 01 00 20 fe 01 00 35 44 02 00 ±ó../ê.. þ..5D..
cb ce 01 00 9d ea 01 00 51 d4 01 00 cf ec 01 00 ËÎ..ê..QÔ..Ïì..
7e fb 01 00 df 05 02 00 c8 26 02 00 7c f0 01 00 ~û..ß...È&..|ð..
ab d4 01 00 18 bb 01 00 fe 27 02 00 41 05 02 00 «Ô...»..þ'..A...
09 22 02 00 dd cb 01 00 66 39 02 00 93 03 02 00 ."..ÝË..f9..“...
4f dd 01 00 99 ea 01 00 f4 e4 01 00 56 f4 01 00 OÝ..™ê..ôä..Vô..
59 07 02 00 54 f2 01 00 35 2d 02 00 28 1e 02 00 Y...Tò..5-..(...
5e e8 01 00 b7 fd 01 00 dd f4 01 00 63 2d 02 00 ^è..·ý..Ýô..c-..
1e e1 01 00 84 dc 01 00 af f2 01 00 00 ef 01 00 .á..„Ü..¯ò...ï..
6e 01 02 00 73 df 01 00 f9 e4 01 00 84 0f 02 00 n...sß..ùä..„...
8b db 01 00 45 df 01 00 c1 23 02 00 4b f5 01 00 ‹Û..Eß..Á#..Kõ..
a1 d6 01 00 14 e8 01 00 dd ee 01 00 c8 e7 01 00 ¡Ö...è..Ýî..Èç..
5d dc 01 00 2e ef 01 00 10 f0 01 00 e5 f3 01 00 ]Ü...ï...ð..åó..
38 05 02 00 7c fb 01 00 40 1c 02 00 64 08 02 00 8...|û..@...d...
e1 e8 01 00 61 1a 02 00 bf d9 01 00 72 e9 01 00 áè..a...¿Ù..ré..
6c d2 01 00 5a eb 01 00 aa 10 02 00 85 f5 01 00 lÒ..Zë..ª...…õ..
e0 cc 01 00 4b f6 01 00 69 e5 01 00 f0 e5 01 00 àÌ..Kö..iå..ðå..
27 e0 01 00 a5 cf 01 00 cc 08 02 00 94 f4 01 00 'à..¥Ï..Ì...”ô..
7f d7 01 00 0b dc 01 00 41 f2 01 00 10 de 01 00 ×...Ü..Aò...Þ..
04 02 02 00 42 df 01 00 81 e6 01 00 e4 df 01 00 ....Bß..æ..äß..
02 15 02 00 41 fc 01 00 c9 ea 01 00 56 e0 01 00 ....Aü..Éê..Và..
8f e5 01 00 dd c7 01 00 32 f8 01 00 3d 1b 02 00 å..ÝÇ..2ø..=...
98 ed 01 00 af ca 01 00 df fc 01 00 1c cd 01 00 ˜í..¯Ê..ßü...Í..
06 c4 01 00 f4 fa 01 00 cc fc 01 00 67 1b 02 00 .Ä..ôú..Ìü..g...
cb cc 01 00 eb e2 01 00 65 f3 01 00 d3 ea 01 00 ËÌ..ëâ..eó..Óê..
20 e3 01 00 f6 d1 01 00 95 0d 02 00 61 eb 01 00 ã..öÑ..•...aë..
57 ce 01 00 a1 a9 01 00 e7 fc 01 00 79 b5 01 00 WÎ..¡©..çü..yµ..
17 da 01 00 81 dc 01 00 ca 05 02 00 57 e8 01 00 .Ú..Ü..Ê...Wè..
ee d1 01 00 d9 d3 01 00 7e 09 02 00 cb f4 01 00 îÑ..ÙÓ..~...Ëô..
ee d9 01 00 aa e3 01 00 be 14 02 00 96 f3 01 00 îÙ..ªã..¾...–ó..
54 d8 01 00 b0 db 01 00 95 18 02 00 27 d4 01 00 TØ..°Û..•...'Ô..
68 d8 01 00 8c f7 01 00 5d fb 01 00 58 c9 01 00 hØ..Œ÷..]û..XÉ..
22 37 02 00 a0 db 01 00 0e e8 01 00 64 e9 01 00 "7.. Û...è..dé..
6b f1 01 00 0e ff 01 00 ef d0 01 00 16 c7 01 00 kñ...ÿ..ïÐ...Ç..
dd c9 01 00 3a d3 01 00 8b ea 01 00 85 cd 01 00 ÝÉ..:Ó..‹ê..…Í..
98 f1 01 00 a6 d3 01 00 42 d8 01 00 8e f0 01 00 ˜ñ..¦Ó..BØ..Žð..
4a be 01 00 50 da 01 00 4c f5 01 00 b6 ef 01 00 J¾..PÚ..Lõ..¶ï..
2e 11 02 00 08 e8 01 00 ef f4 01 00 fb 04 02 00 .....è..ïô..û...
20 e0 01 00 5a c0 01 00 56 f6 01 00 61 e7 01 00 à..ZÀ..Vö..aç..
9d ec 01 00 2b b7 01 00 62 0d 02 00 95 e8 01 00 ì..+·..b...•è..
52 d9 01 00 99 ec 01 00 a6 1a 02 00 0e cc 01 00 RÙ..™ì..¦....Ì..
29 e2 01 00 4a e7 01 00 be f6 01 00 fe dc 01 00 )â..Jç..¾ö..þÜ..
99 d7 01 00 90 ed 01 00 3d fd 01 00 1a d2 01 00 ™×..í..=ý...Ò..
c5 e5 01 00 25 ba 01 00 85 e0 01 00 d4 d2 01 00 Åå..%º..…à..ÔÒ..
8d e2 01 00 c4 0b 02 00 93 e3 01 00 75 cf 01 00 â..Ä...“ã..uÏ..
b8 e3 01 00 07 d2 01 00 a4 db 01 00 7d 40 02 00 ¸ã...Ò..¤Û..}@..
dc 09 02 00 93 e5 01 00 b1 d3 01 00 bc ed 01 00 Ü...“å..±Ó..¼í..
76 03 02 00 85 1f 02 00 53 f1 01 00 1a dc 01 00 v...…...Sñ...Ü..
9e d2 01 00 14 cc 01 00 91 e6 01 00 7f 03 02 00 žÒ...Ì..‘æ.....
b2 d7 01 00 bb f9 01 00 61 01 02 00 83 da 01 00 ²×..»ù..a...ƒÚ..
10 d7 01 00 d6 2f 02 00 69 cf 01 00 ac e6 01 00 .×..Ö/..iÏ..¬æ..
f6 05 02 00 92 c0 01 00 eb 23 02 00 65 cb 01 00 ö...’À..ë#..eË..
27 00 02 00 44 e9 01 00 f0 ea 01 00 f0 c4 01 00 '...Dé..ðê..ðÄ..
30 c7 01 00 45 f7 01 00 58 f1 01 00 5e 11 02 00 0Ç..E÷..Xñ..^...
2a d3 01 00 f2 ca 01 00 7b e9 01 00 1b 14 02 00 *Ó..òÊ..{é......
ab f2 01 00 b9 e4 01 00 4f f4 01 00 47 dc 01 00 «ò..¹ä..Oô..GÜ..
af ee 01 00 8d ec 01 00 04 f7 01 00 38 2f 02 00 ¯î..ì...÷..8/..
31 2b 02 00 0d c9 01 00 d6 10 02 00 ff e9 01 00 1+...É..Ö...ÿé..
f1 03 02 00 30 19 02 00 59 e4 01 00 b5 06 02 00 ñ...0...Yä..µ...
8a f0 01 00 30 f0 01 00 e3 fc 01 00 b1 e2 01 00 Šð..0ð..ãü..±â..
4e e4 01 00 02 e7 01 00 78 0f 02 00 c5 02 02 00 Nä...ç..x...Å...
5c fb 01 00 28 e3 01 00 ef 20 02 00 9c 04 02 00 \û..(ã..ï ..œ...
7a 28 02 00 fd 1b 02 00 1e 00 02 00 5d 04 02 00 z(..ý.......]...
34 0f 02 00 b6 f3 01 00 6c 11 02 00 3e 13 02 00 4...¶ó..l...>...
17 e9 01 00 40 00 02 00 f6 27 02 00 c3 30 02 00 .é..@...ö'..Ã0..
72 44 02 00 f3 e7 01 00 1a fe 01 00 05 f7 01 00 rD..óç...þ...÷..
25 05 02 00 48 09 02 00 b6 1f 02 00 77 f6 01 00 %...H...¶...wö..
35 38 02 00 66 e7 01 00 37 22 02 00 3f f7 01 00 58..fç..7"..?÷..
8c ff 01 00 5a 09 02 00 d1 04 02 00 0c 42 02 00 Œÿ..Z...Ñ....B..
d5 fa 01 00 08 3e 02 00 0e 2b 02 00 e2 1b 02 00 Õú...>...+..â...
b8 f0 01 00 eb 18 02 00 c0 00 02 00 ed 1f 02 00 ¸ð..ë...À...í...
b0 16 02 00 40 0f 02 00 d7 1c 02 00 a3 fd 01 00 °...@...×...£ý..
0f 3d 02 00 51 08 02 00 3a 32 02 00 aa 2f 02 00 .=..Q...:2..ª/..
86 eb 01 00 bd 1b 02 00 9c 00 02 00 35 ff 01 00 †ë..½...œ...5ÿ..
78 fd 01 00 e2 0b 02 00 dc 12 02 00 5a f9 01 00 xý..â...Ü...Zù..
0d e6 01 00 83 dc 01 00 0e 10 02 00 8b f6 01 00 .æ..ƒÜ......‹ö..
16 0a 02 00 07 3a 02 00 8d f0 01 00 92 29 02 00 .....:..ð..’)..
dc f2 01 00 8d 06 02 00 ff dc 01 00 2c e4 01 00 Üò.....ÿÜ..,ä..
6d 30 02 00 c0 e5 01 00 d8 07 02 00 6e d8 01 00 m0..Àå..Ø...nØ..
ed ef 01 00 77 dc 01 00 54 00 02 00 58 d8 01 00 íï..wÜ..T...XØ..
87 f7 01 00 22 f1 01 00 bb dc 01 00 b7 e9 01 00 ‡÷.."ñ..»Ü..·é..
3a 3f 02 00 ab 04 02 00 85 de 01 00 7f fc 01 00 :?..«...…Þ..ü..
03 bb 01 00 e5 e8 01 00 55 e7 01 00 f2 e7 01 00 .»..åè..Uç..òç..
fd e8 01 00 97 e4 01 00 07 cd 01 00 31 e6 01 00 ýè..—ä...Í..1æ..
73 f7 01 00 b1 a5 01 00 3e db 01 00 8f d0 01 00 s÷..±¥..>Û..Ð..
00 d3 01 00 fd d2 01 00 3e e9 01 00 16 cd 01 00 .Ó..ýÒ..>é...Í..
20 d1 01 00 54 bb 01 00 6f eb 01 00 9a ba 01 00 Ñ..T»..oë..šº..
f3 ed 01 00 c6 f4 01 00 db 11 02 00 10 d5 01 00 óí..Æô..Û....Õ..
3f bb 01 00 90 be 01 00 cb d0 01 00 05 bf 01 00 ?»..¾..ËÐ...¿..
80 c7 01 00 37 ed 01 00 cf d1 01 00 2f da 01 00 €Ç..7í..ÏÑ../Ú..
f0 b2 01 00 62 ce 01 00 97 d9 01 00 9d dc 01 00 ð²..bÎ..—Ù..Ü..
1f e2 01 00 34 bb 01 00 bb cf 01 00 1a 08 02 00 .â..4»..»Ï......
25 b3 01 00 da e4 01 00 0e c1 01 00 61 d4 01 00 %³..Úä...Á..aÔ..
5c c4 01 00 59 c8 01 00 f2 e2 01 00 b5 e4 01 00 \Ä..YÈ..òâ..µä..
0d c0 01 00 7f e9 01 00 88 b9 01 00 b7 af 01 00 .À..é..ˆ¹..·¯..
f5 ea 01 00 f4 ce 01 00 ae d2 01 00 2a e9 01 00 õê..ôÎ..®Ò..*é..
77 cb 01 00 ef 94 01 00 18 b2 01 00 81 c0 01 00 wË..ï”...²..À..
89 9f 01 00 6c c3 01 00 e3 a2 01 00 3f dd 01 00 ‰Ÿ..lÃ..ã¢..?Ý..
bc cd 01 00 b7 b8 01 00 17 de 01 00 81 da 01 00 ¼Í..·¸...Þ..Ú..
c1 b1 01 00 8e c5 01 00 3c a0 01 00 5c df 01 00 Á±..ŽÅ..< ..\ß..
c7 c1 01 00 de b8 01 00 a4 d3 01 00 50 de 01 00 ÇÁ..Þ¸..¤Ó..PÞ..
f8 d7 01 00 0b a9 01 00 7f e1 01 00 12 d2 01 00 ø×...©..á...Ò..
98 ab 01 00 dc b3 01 00 18 d2 01 00 78 b9 01 00 ˜«..ܳ...Ò..x¹..
b9 cb 01 00 97 c0 01 00 e8 e3 01 00 76 cd 01 00 ¹Ë..—À..èã..vÍ..
85 f9 01 00 9e b0 01 00 d3 b6 01 00 a1 cc 01 00 …ù..ž°..Ó¶..¡Ì..
58 01 02 00 fd c2 01 00 2c d8 01 00 d0 db 01 00 X...ýÂ..,Ø..ÐÛ..
48 ad 01 00 04 ca 01 00 11 b9 01 00 e4 d5 01 00 H...Ê...¹..äÕ..
e2 be 01 00 fb b8 01 00 65 db 01 00 a1 bc 01 00 â¾..û¸..eÛ..¡¼..
bb bb 01 00 6e c8 01 00 45 0c 02 00 be c1 01 00 »»..nÈ..E...¾Á..
76 be 01 00 51 d3 01 00 40 cb 01 00 88 ce 01 00 v¾..QÓ..@Ë..ˆÎ..
82 c0 01 00 e4 8b 01 00 a3 a2 01 00 c7 b0 01 00 ‚À..ä‹..£¢..Ç°..
db c6 01 00 32 b8 01 00 ff 8b 01 00 ee b6 01 00 ÛÆ..2¸..ÿ‹..î¶..
1a c3 01 00 39 b8 01 00 3b b9 01 00 1c bc 01 00 .Ã..9¸..;¹...¼..
d4 cb 01 00 72 ad 01 00 67 e0 01 00 a7 ab 01 00 ÔË..r..gà..§«..
75 a6 01 00 26 d1 01 00 46 c3 01 00 1c a2 01 00 u¦..&Ñ..FÃ...¢..
1b d2 01 00 a7 b9 01 00 0c bd 01 00 0a be 01 00 .Ò..§¹...½...¾..
7b db 01 00 8c d7 01 00 3a d4 01 00 cd e2 01 00 {Û..Œ×..:Ô..Íâ..
af ea 01 00 55 d6 01 00 a1 d5 01 00 09 b4 01 00 ¯ê..UÖ..¡Õ...´..
bb 9c 01 00 be e2 01 00 58 d6 01 00 0e db 01 00 »œ..¾â..XÖ...Û..
94 ce 01 00 24 94 01 00 51 af 01 00 0d cd 01 00 ”Î..$”..Q¯...Í..
de e5 01 00 b1 b5 01 00 36 a7 01 00 f5 c7 01 00 Þå..±µ..6§..õÇ..
73 af 01 00 98 01 02 00 27 b4 01 00 8a d2 01 00 s¯..˜...'´..ŠÒ..
4e a3 01 00 6f ab 01 00 17 c1 01 00 14 f2 01 00 N£..o«...Á...ò..
72 04 02 00 4f a9 01 00 72 b7 01 00 73 b5 01 00 r...O©..r·..sµ..
6f b3 01 00 71 b4 01 00 8e b4 01 00 97 be 01 00 o³..q´..Ž´..—¾..
c6 c4 01 00 7f c0 01 00 b1 d1 01 00 d0 a3 01 00 ÆÄ..À..±Ñ..У..
3d b9 01 00 b4 90 01 00 39 b7 01 00 a7 b6 01 00 =¹..´..9·..§¶..
ad b6 01 00 be a6 01 00 4d b3 01 00 4f bd 01 00 ¶..¾¦..M³..O½..
82 9d 01 00 8d cb 01 00 84 b1 01 00 cd c3 01 00 ‚..Ë..„±..ÍÃ..
dc cd 01 00 b5 ad 01 00 80 a2 01 00 4e cf 01 00 ÜÍ..µ..€¢..NÏ..
c2 bf 01 00 55 b1 01 00 34 ba 01 00 8f b2 01 00 ¿..U±..4º..²..
14 db 01 00 ef cd 01 00 f9 da 01 00 84 c0 01 00 .Û..ïÍ..ùÚ..„À..
50 ba 01 00 14 cb 01 00 aa c6 01 00 f9 bd 01 00 Pº...Ë..ªÆ..ù½..
ae d6 01 00 b6 b4 01 00 e9 b3 01 00 29 cf 01 00 ®Ö..¶´..é³..)Ï..
01 a5 01 00 31 d7 01 00 c6 c5 01 00 ec bb 01 00 .¥..1×..ÆÅ..ì»..
73 09 02 00 0d d6 01 00 8e cf 01 00 7c db 01 00 s....Ö..ŽÏ..|Û..
6a bb 01 00 af f4 01 00 ac ca 01 00 6a ae 01 00 j»..¯ô..¬Ê..j®..
f9 b4 01 00 d5 9b 01 00 02 e8 01 00 81 b1 01 00 ù´..Õ›...è..±..
bd ac 01 00 9a d0 01 00 c7 d0 01 00 2d e7 01 00 ½¬..šÐ..ÇÐ..-ç..
d9 de 01 00 10 ad 01 00 0c bd 01 00 5a be 01 00 ÙÞ......½..Z¾..
74 e7 01 00 ab bf 01 00 25 cd 01 00 dc ac 01 00 tç..«¿..%Í..ܬ..
9d b4 01 00 c3 ad 01 00 e0 c4 01 00 ee bd 01 00 ´..Ã..àÄ..î½..
c0 c4 01 00 cc a7 01 00 7c c6 01 00 54 be 01 00 ÀÄ..̧..|Æ..T¾..
ab 1d 02 00 e2 fd 01 00 7e a0 01 00 02 13 02 00 «...âý..~ ......
80 a4 01 00 71 b0 01 00 83 c3 01 00 4b d6 01 00 €¤..q°..ƒÃ..KÖ..
7e ce 01 00 45 b4 01 00 e1 d9 01 00 59 b4 01 00 ~Î..E´..áÙ..Y´..
7e bc 01 00 83 c8 01 00 6a 9d 01 00 ef eb 01 00 ~¼..ƒÈ..j..ïë..
b8 f4 01 00 ab 1f 02 00 dc e9 01 00 5a cb 01 00 ¸ô..«...Üé..ZË..
9f c7 01 00 3a e2 01 00 e0 cb 01 00 6f a5 01 00 ŸÇ..:â..àË..o¥..
2d be 01 00 15 a9 01 00 87 c3 01 00 2d a8 01 00 -¾...©..‡Ã..-¨..
72 ca 01 00 ec cd 01 00 59 e7 01 00 5d bb 01 00 rÊ..ìÍ..Yç..]»..
b6 e1 01 00 23 b1 01 00 76 f3 01 00 79 c6 01 00 ¶á..#±..vó..yÆ..
db f6 01 00 b0 d8 01 00 25 dc 01 00 65 c2 01 00 Ûö..°Ø..%Ü..eÂ..
67 e3 01 00 7d b5 01 00 41 e6 01 00 2b c3 01 00 gã..}µ..Aæ..+Ã..
87 c4 01 00 1d 9f 01 00 2a a7 01 00 51 b7 01 00 ‡Ä...Ÿ..*§..Q·..
5b b1 01 00 3f ce 01 00 e6 c3 01 00 d5 e0 01 00 [±..?Î..æÃ..Õà..
b4 cd 01 00 80 dc 01 00 36 cd 01 00 be dd 01 00 ´Í..€Ü..6Í..¾Ý..
85 c8 01 00 76 dc 01 00 4c cd 01 00 63 d2 01 00 …È..vÜ..LÍ..cÒ..
f9 9f 01 00 5e 89 01 00 09 e7 01 00 cd ea 01 00 ùŸ..^‰...ç..Íê..
a1 9f 01 00 26 bb 01 00 97 c8 01 00 e9 bf 01 00 ¡Ÿ..&»..—È..é¿..
eb de 01 00 6e b4 01 00 d4 06 02 00 43 e2 01 00 ëÞ..n´..Ô...Câ..
99 cb 01 00 83 e2 01 00 d1 d8 01 00 f4 b2 01 00 ™Ë..ƒâ..ÑØ..ô²..
33 d6 01 00 fc b1 01 00 41 ce 01 00 1e b2 01 00 3Ö..ü±..AÎ...²..
ff db 01 00 cc d4 01 00 4a b4 01 00 89 9d 01 00 ÿÛ..ÌÔ..J´..‰..
c4 ee 01 00 d0 c6 01 00 75 d3 01 00 cb cf 01 00 Äî..ÐÆ..uÓ..ËÏ..
b9 ef 01 00 06 b6 01 00 86 d5 01 00 c3 ac 01 00 ¹ï...¶..†Õ..ì..
e1 f7 01 00 cb af 01 00 a0 d5 01 00 ad d7 01 00 á÷..˯.. Õ..×..
22 c7 01 00 e3 ae 01 00 7b 89 01 00 c6 c1 01 00 "Ç..ã®..{‰..ÆÁ..
75 e5 01 00 cc b6 01 00 77 e4 01 00 20 b1 01 00 uå..̶..wä.. ±..
bb c4 01 00 8f bf 01 00 e4 ce 01 00 d4 b2 01 00 »Ä..¿..äÎ..Ô²..
6a b6 01 00 5e bc 01 00 b8 cb 01 00 75 c5 01 00 j¶..^¼..¸Ë..uÅ..
57 a0 01 00 19 aa 01 00 93 e8 01 00 30 a4 01 00 W ...ª..“è..0¤..
e9 c2 01 00 8a d4 01 00 4a b4 01 00 03 b9 01 00 éÂ..ŠÔ..J´...¹..
20 ae 01 00 6f c7 01 00 49 b8 01 00 30 b9 01 00 ®..oÇ..I¸..0¹..
7b c1 01 00 1b c2 01 00 6f c6 01 00 b8 9e 01 00 {Á...Â..oÆ..¸ž..
0c af 01 00 94 a0 01 00 cf d5 01 00 9a dd 01 00 .¯..” ..ÏÕ..šÝ..
6f 9a 01 00 bc cf 01 00 30 ab 01 00 03 d7 01 00 oš..¼Ï..0«...×..
56 db 01 00 e8 b9 01 00 03 b3 01 00 58 ec 01 00 VÛ..è¹...³..Xì..
98 f7 01 00 95 ca 01 00 e2 f1 01 00 6e d4 01 00 ˜÷..•Ê..âñ..nÔ..
0f b7 01 00 b5 c9 01 00 bd d2 01 00 1e e0 01 00 .·..µÉ..½Ò...à..
ee da 01 00 4c 97 01 00 7a a7 01 00 01 be 01 00 îÚ..L—..z§...¾..
55 c4 01 00 ac 86 01 00 25 ab 01 00 4a a3 01 00 UÄ..¬†..%«..J£..
8c c2 01 00 92 c6 01 00 33 af 01 00 64 f7 01 00 ŒÂ..’Æ..3¯..d÷..
cf b9 01 00 c7 bc 01 00 62 c7 01 00 a5 d3 01 00 Ϲ..Ǽ..bÇ..¥Ó..
cd b9 01 00 48 a4 01 00 0f c6 01 00 6a b2 01 00 ͹..H¤...Æ..j²..
74 9e 01 00 f4 c2 01 00 5d fe 01 00 92 ce 01 00 tž..ôÂ..]þ..’Î..
4c dc 01 00 6b de 01 00 0c cb 01 00 9a d9 01 00 LÜ..kÞ...Ë..šÙ..
4f e7 01 00 9d ae 01 00 89 c5 01 00 80 a6 01 00 Oç..®..‰Å..€¦..
61 bb 01 00 02 d0 01 00 a8 ad 01 00 a6 ba 01 00 a»...Ð..¨..¦º..
0a a2 01 00 b0 88 01 00 e2 b2 01 00 45 cc 01 00 .¢..°ˆ..â²..EÌ..
06 d6 01 00 ed bd 01 00 1c c8 01 00 8a b8 01 00 .Ö..í½...È..Š¸..
e6 c7 01 00 67 cc 01 00 d0 ed 01 00 92 d1 01 00 æÇ..gÌ..Ðí..’Ñ..
53 d5 01 00 fd b2 01 00 3a b1 01 00 3e a1 01 00 SÕ..ý²..:±..>¡..
3f ba 01 00 3a b1 01 00 fe cc 01 00 a9 9e 01 00 ?º..:±..þÌ..©ž..
54 e2 01 00 54 96 01 00 11 bc 01 00 5a ba 01 00 Tâ..T–...¼..Zº..
1b f5 01 00 d8 d5 01 00 32 96 01 00 1a 94 01 00 .õ..ØÕ..2–...”..
d1 c6 01 00 c4 b9 01 00 0a a5 01 00 30 c8 01 00 ÑÆ..Ĺ...¥..0È..
9f bc 01 00 0b d5 01 00 be b9 01 00 e3 90 01 00 Ÿ¼...Õ..¾¹..ã..
4a b6 01 00 9f 9e 01 00 89 e5 01 00 23 a2 01 00 J¶..Ÿž..‰å..#¢..
cf 9d 01 00 bc 9f 01 00 da 9a 01 00 79 9d 01 00 Ï..¼Ÿ..Úš..y..
16 dd 01 00 ff a0 01 00 1a af 01 00 7a c3 01 00 .Ý..ÿ ...¯..zÃ..
d6 98 01 00 1f c7 01 00 6e b7 01 00 9c 96 01 00 Ö˜...Ç..n·..œ–..
cf c4 01 00 f7 fa 01 00 23 a5 01 00 1b b9 01 00 ÏÄ..÷ú..#¥...¹..
4b b3 01 00 75 af 01 00 d0 79 01 00 fb c9 01 00 K³..u¯..Ðy..ûÉ..
89 cc 01 00 e5 a0 01 00 80 c1 01 00 26 a7 01 00 ‰Ì..å ..€Á..&§..
eb bb 01 00 71 b4 01 00 d2 96 01 00 39 ca 01 00 ë»..q´..Ò–..9Ê..
01 b4 01 00 88 ba 01 00 68 8b 01 00 d5 ab 01 00 .´..ˆº..h‹..Õ«..
36 ae 01 00 46 a0 01 00 4b 9d 01 00 3f a4 01 00 6®..F ..K..?¤..
79 cf 01 00 a0 ce 01 00 0f ac 01 00 3c b2 01 00 yÏ.. Î...¬..<²..
35 af 01 00 8a 97 01 00 18 8d 01 00 d7 b5 01 00 5¯..Š—.....×µ..
5a ab 01 00 84 b7 01 00 51 ee 01 00 ee 95 01 00 Z«..„·..Qî..î•..
1f bd 01 00 da c3 01 00 dd b9 01 00 a4 c1 01 00 .½..ÚÃ..ݹ..¤Á..
8b cd 01 00 48 c0 01 00 18 b6 01 00 af a6 01 00 ‹Í..HÀ...¶..¯¦..
ed a0 01 00 cf 98 01 00 a9 d0 01 00 e0 92 01 00 í ..Ϙ..©Ð..à’..
5a 0f 02 00 e5 8f 01 00 6d 9a 01 00 bf cf 01 00 Z...å..mš..¿Ï..
73 b2 01 00 3f 7e 01 00 47 99 01 00 43 97 01 00 s²..?~..G™..C—..
11 c8 01 00 f6 8f 01 00 7d a7 01 00 db ad 01 00 .È..ö..}§..Û..
ee 99 01 00 0b a7 01 00 02 a1 01 00 7e 9d 01 00 î™...§...¡..~..
91 a9 01 00 db cd 01 00 d2 9d 01 00 23 b7 01 00 ‘©..ÛÍ..Ò..#·..
20 af 01 00 a6 b6 01 00 b4 d3 01 00 75 b5 01 00 ¯..¦¶..´Ó..uµ..
a2 8a 01 00 cd f6 01 00 e2 c8 01 00 25 a0 01 00 ¢Š..Íö..âÈ..% ..
9d c1 01 00 0d cb 01 00 e4 86 01 00 d6 9a 01 00 Á...Ë..ä†..Öš..
72 cf 01 00 ea c5 01 00 1c b1 01 00 b3 f3 01 00 rÏ..êÅ...±..³ó..
a6 c4 01 00 22 b4 01 00 89 b2 01 00 f3 c4 01 00 ¦Ä.."´..‰²..óÄ..
cd b4 01 00 ad bc 01 00 b6 a2 01 00 07 a3 01 00 Í´..¼..¶¢...£..
02 c8 01 00 c3 a9 01 00 eb a2 01 00 e5 bc 01 00 .È..é..ë¢..å¼..
9c dc 01 00 0b 94 01 00 97 a5 01 00 1f 8f 01 00 œÜ...”..—¥.....
7c a5 01 00 11 a2 01 00 0c b3 01 00 7c b2 01 00 |¥...¢...³..|²..
73 9a 01 00 5e 98 01 00 ec 97 01 00 9c ea 01 00 sš..^˜..ì—..œê..
7c ef 01 00 90 89 01 00 9c c7 01 00 ca 28 03 00 |ï..‰..œÇ..Ê(..
33 db 01 00 1b bb 01 00 86 df 01 00 8d b3 01 00 3Û...»..†ß..³..
53 9f 01 00 d6 ca 01 00 65 a9 01 00 d0 89 01 00 SŸ..ÖÊ..e©..Љ..
0d cf 01 00 90 a7 01 00 0d dc 01 00 c2 cb 01 00 .Ï..§...Ü..ÂË..
41 ae 01 00 9e a8 01 00 a0 96 01 00 17 91 01 00 A®..ž¨.. –...‘..
b2 22 02 00 87 a5 01 00 29 a2 01 00 1d af 01 00 ²"..‡¥..)¢...¯..
80 c5 01 00 26 9f 01 00 02 b3 01 00 0a d4 01 00 €Å..&Ÿ...³...Ô..
(cut because the message reaches beyond allowable length and won't send if I didn't cut)
-
I thought reverse engineering is allowable, how does it differ to theft anyway
Reverse engineering and dumping the firmware and using it in your product are two very different things. There are a lot of region-specific issues here, but generally you are allowed to poke at the protocol and implement your own version of the firmware, for example. But you can't take the whole binary as is ans release it as your own.
I tried all kinds of baud rates in Device Manager and settled with 9600.
Why 9600 and why in Device Manager? For get about Device Manager, it just sets the default. Any terminal program would override it anyway.
Serial Port Monitor is NOT a terminal.
It is for the purpose of this duscussion.
It can't adjust baud rate.
Why?
What do you call this serial sniffing software?
A terminal.
because you are receiving data and not sending
This is a serial port setting, it affects both directions.
I just want to know if you have any ideas how to convert the following data to the raman plot (of H20 water) ni the graph.
I won't look at the unreliable data. And if you don't know what baudrate to use, it is unrelibale.
Also, please don't post huge chunks of noise. Nobody here will be looking at that.
-
if you have any ideas how to convert the following data to the raman plot
Treat it as 4-byte little-endian stream, for example.
-
I thought reverse engineering is allowable, how does it differ to theft anyway
Reverse engineering and dumping the firmware and using it in your product are two very different things. There are a lot of region-specific issues here, but generally you are allowed to poke at the protocol and implement your own version of the firmware, for example. But you can't take the whole binary as is ans release it as your own.
I tried all kinds of baud rates in Device Manager and settled with 9600.
Why 9600 and why in Device Manager? For get about Device Manager, it just sets the default. Any terminal program would override it anyway.
Serial Port Monitor is NOT a terminal.
It is for the purpose of this duscussion.
It can't adjust baud rate.
Why?
What do you call this serial sniffing software?
A terminal.
because you are receiving data and not sending
This is a serial port setting, it affects both directions.
I just want to know if you have any ideas how to convert the following data to the raman plot (of H20 water) ni the graph.
I won't look at the unreliable data. And if you don't know what baudrate to use, it is unrelibale.
Also, please don't post huge chunks of noise. Nobody here will be looking at that.
One can't be considered a hacker or reverse engineer or even pirate without knowing anything about serial port. I used to own an IBM XT after an Apple II and I still don't know any serial port rule so how can I be a pirate. Contrast me to one of the originator of the internet who is also interested in the phenomenon. He wrote in Trinity:
"A physicist friend of mine, now employed on projects involving national security, tells me he’s confirmed that statement by Wilbur Smith, asserting that the UFO matter was classified very high, so high that there is no way Paola and I could be briefed by the right specialists on the true nature of the phenomenon."
Just like nuclear weapons constructions. It's above top secret so we the public I agree with you mustn't concern with them, and let's just focus our lives on our jobs and favorite sports.
(https://imagizer.imageshack.com/v2/1024x768q90/924/fztGB6.jpg)
There is something that puzzled me about the serial tips you gave I'm testing the past 2 days. You were right that changing baud rates can create garbages in the output characters. But in the above I ran the Hello progam in the HC11 (the only MCU I'll ever use because I don't have any application now) using AxIDE, then ran the g 0100 command inside Teraterm at 9600. Initially the screen outputs Hello at 9600 baud. But when I closed Tera Term and NOT changing any baud rate and remaining at identical 9600 Baud (and other settings). The output characters changes! (see below) Why? I used different terminals, same results, the output character changes after the terminal is closed and open again (withouttout changing any Baud). I even changed the flow control to none, hardware, Xon/Off/ RTS/CTS, DSR/DTR. And same effect. What must I do so the output character will be constant Hello even after closing and opening the terminal program many times? I need to know just for basic knowledge about serial outputs and changing chacracters I didn't know even after using IBM XT and dozens of upgrades after it. Also just ignore the program Serial Port Monitor because it just displays what you had in your main terminal. So since the Raman App was run right because it shows the wavenumbers right, then Serial Port Monitor was displaying the data right at least in the Raman App, but let's ignore it for now, because even without the Serial Port Monitor app. Different terminals I tried showed different characters after closing and opening the terminal window (with same running MCU ouputting Hello the whole time). Thanks.
(https://imagizer.imageshack.com/v2/1024x768q90/924/MzrpxU.jpg)
-
One can't be considered a hacker or reverse engineer or even pirate without knowing anything about serial port.
This logic makes zero sense. But if you are willing this to be your legal defense - go ahead, invite me to the trial, I want a good laugh.
The output characters changes! (see below) Why?
Because in a solid stream of bytes it is impossible to tell where the beginning of a byte is. If you open the port in the middle of the byte, some random bit inside would be treated as a start bit.
Add some delay between sending "Hello" strings so you get a better chance to open the port while line is idle.
-
if you have any ideas how to convert the following data to the raman plot
Treat it as 4-byte little-endian stream, for example.
And what software are you supposed to plot the 4-byte little endian stream? It's not Audacity because of the large x and y plot.
(ataradov, your delay between Hello ideas worked)
https://skyandtelescope.org/astronomy-news/observing-news/green-lasers-a-hidden-danger/
To the Raman manufacturer. Don't worry. I'd no longer try to read the firmware. Because Raman lasers are very dangerous. When you see green, there may be invisible IR waves being emitted. This is because green lasers are actually red lasers just pumped to look like green outside as described in the article above. So it's very dangerous item and I'll return it to the labs and only borrow it when I want to identify unknown plastic for my food containers. I have the following laser goggles when it's turned on. Btw can the following even filter infrared?
(https://imagizer.imageshack.com/v2/1024x768q90/923/6hAnKx.jpg)
Instead of the Raman, I may try to tackle a pocket size Scio Molecular Scanner (if I can buy it used). It emits no harmful laser and can allegedly read the makeup of your food at the restaurant.
https://learn.sparkfun.com/tutorials/scio-pocket-molecular-scanner-teardown-/all
(https://imagizer.imageshack.com/img924/7841/9T1SDx.jpg)
If the MSP430 uses Interrupt vectors as password and the PIC uses configuration bits? How is the MCU in the above use code protection? (is it protected at all?) Anyone has encountered the above item?
-
And what software are you supposed to plot the 4-byte little endian stream? It's not Audacity because of the large x and y plot.
A python script and matplotlib, for example. But first interpret it by eyes and make sure it makes sense. I'm not sure you are actually receiving valid data. It won't be just a stream of words anyway, it would have some headers and checksums.
How is the MCU in the above use code protection? (is it protected at all?)
Why not download the datasheet and look at it? That Blackfin boots from the internal to the package (but a separate die) SPI flash. The contents of the flash are encrypted.
But this is not a simple MCU, there is zero chance of you doing anything with it if you could not figure out a trvial PIC.
The store here is that everything is protected. And if you can't even figure out if something is protected, then you won't be able to read it even if it is not protected.
-
One can't be considered a hacker or reverse engineer or even pirate without knowing anything about serial port.
This logic makes zero sense. But if you are willing this to be your legal defense - go ahead, invite me to the trial, I want a good laugh.
The output characters changes! (see below) Why?
Because in a solid stream of bytes it is impossible to tell where the beginning of a byte is. If you open the port in the middle of the byte, some random bit inside would be treated as a start bit.
Add some delay between sending "Hello" strings so you get a better chance to open the port while line is idle.
I was able to tuck the HC11 in the attic after it no longer had uses. I ran the program "Hello world". Lo and behold, the serial output doesn't produce any garbage even how many times I close the serial program and open it. I found out a "space" can somehow resync the stop and start bits (?)? I tried "!" too. It works too but not other characters. The synchronization always starts with the character like the following where "space" after garbage resyncs everything. I used the character "Hell " in addition to "Hello World" (this is all without using any delays).
(https://imagizer.imageshack.com/v2/1024x768q90/924/Q06Zzc.jpg)
I'm familiar with stop and bits and purpose of it like telling how streams of output can be distiguished (imagine all 1 or 0 without the stop/start bits). But I can't figure out how the stop and start bits can somehow resync it when "space" or "!" characters are used in the output, where without them the output can become garbage after closing and opening the serial program (at same fixed baud)? What other sync characters can be used? This concept must have been documented already, what's it called?
(https://imagizer.imageshack.com/v2/800x600q90/922/i2pEv4.png)
(https://imagizer.imageshack.com/v2/1024x768q90/924/Fv1Csy.jpg)
Figuring out MCU is the most time consuming of all things to do. At least if you earn money from it, no problem. It will take all day just to figure out something simple. It messed up my mind since October last year. That's why I'll put it in the attic and never think about MCUs again. Thanks.
-
But I can't figure out how the stop and start bits can somehow resync it when "space" or "!"
They can't in theory. Something else must be going on. It is impossible to say without have a logic analyzer or scope captures of the line.
Figuring out MCU is the most time consuming of all things to do.
Then you can forget about reverse engineering anything. It is way more effort in addition to needing a really good understanding of the hardware.
At least if you earn money from it
You wanted to sell pirated stuff. How is that not earning moeny?
-
But I can't figure out how the stop and start bits can somehow resync it when "space" or "!"
They can't in theory. Something else must be going on. It is impossible to say without have a logic analyzer or scope captures of the line.
Figuring out MCU is the most time consuming of all things to do.
Then you can forget about reverse engineering anything. It is way more effort in addition to needing a really good understanding of the hardware.
At least if you earn money from it
You wanted to sell pirated stuff. How is that not earning moeny?
This is the program I used in the HC11:
(https://imagizer.imageshack.com/v2/640x480q90/923/ZesjqN.jpg)
FFB8 is Buffalo entry point where it outputs the characters:
(https://imagizer.imageshack.com/v2/640x480q90/922/JeJBvQ.jpg)
I tried the different characters in "Hello" replacing the alphabet o. Only the first ASCII with binary that begins with 0010 (the characters space, !, ", #, $ of the table can make it not able to output any garbages no matter how many times I closed and open the program (without any delays in it). In the following. I used the character A and it outputs garbage after next run.
(https://imagizer.imageshack.com/img924/3289/ajx84l.jpg)
(https://imagizer.imageshack.com/img922/3652/ICUoAH.jpg)
If one day you figure out why. Let me know. Others who still use the legendary HC11 can maybe look at it. I only know the HC11 language and can't figure out the 27k MSP430 firmware I got in the JTAG. You need to know C language to even use reverse engineering software like Ghidra. I don't intend to learn C and won't reverse engineer any product at all. I will find other hobbies as I realize MCUs are just so taxing. The above is example. I edited the program, compiled the assembly at DOS using Oracle Virtualbox via Serial to USB converter (the HC11 can only run 32 bit serial port), run it at AxIDE many times for a dozen symbols and it waste one hour of my time and still don't know the answer.
-
To settle it. I won't use the Buffalo entry point as it may be doing some binary shifting that can produce different delays, Instead. I'm looking for the program that can directly send the "Hello world" characters to the serial. I read there used to be the hello.asm written in HC11 assembly but couldn't find the file anymore. I only know how to write serial output using the ADC data as I learnt when trying to fix the bricked EEG.
Why is it much more difficult to display ascii characters in serial terminal as compared to just hex or binary? For example. When you send the hex 41 to the serial. It would just display it in binary in the screen. What would it take to display it in ascii?
Before I tuck the HC11 to the attic. I'd like to see how the text "Hello world" sent to serial is implemented in the following MCUs
1. 68HC11
2. MSP430
3. PIC18F132
4. ARM (very intimidating name, isn't it? ARMing what? Hellfire?
Isn't there a website that shows how the different MCUs display the character "Hello World" in assembly language? So I could also see how assembly language and commands vary in each and the implementations. Don't give any C language website as I don't have any intention to learn C. Thanks.
-
But I can't figure out how the stop and start bits can somehow resync it when "space" or "!"
They can't in theory. Something else must be going on. It is impossible to say without have a logic analyzer or scope captures of the line.
Figuring out MCU is the most time consuming of all things to do.
Then you can forget about reverse engineering anything. It is way more effort in addition to needing a really good understanding of the hardware.
At least if you earn money from it
You wanted to sell pirated stuff. How is that not earning moeny?
I realized the characters being shown in serial numbers are just ascii and non-ascii characters from 0 to 255 or 00 to FF. I thought before they were just noises but after figuring out how to write HELLO. Found there they were ASCII. So I modified for the program to write serial data from ADC and instead use the characters from Hello.
REGBASE EQU $1000
ADCTL2 EQU $30
ADR1 EQU $1031
OPTION EQU $1039
SPCR EQU $1028
BAUD EQU $102B
SCCR1 EQU $102C
SCCR2 EQU $102D
SCSR EQU $102E
SCDR EQU $102F
ORG $0110
START LDAA #%10011000 ;enable ADC
STAA OPTION
LDAA #%00110000 ; 00110000 = 9600 BAUD
STAA BAUD ; 00110011 = 1200 BAUD
CLR SCCR1
LDAA #$0C
STAA SCCR2 ;RECEIVER & TRANS. ENABLED
clr SPCR
LOOP
LDX #REGBASE ; enable ADC
LDAA #%00000010
STAA ADCTL2,X
LOOP2 BRCLR ADCTL2,X #$80 LOOP2
ldaa #32 ; read ADC value and send to serial port
read_again ldab $102e ; read first Status
bitb #$80
beq read_again
staa SCDR ; save in TX Register
ldaa #72 ; read ADC value and send to serial port
read_again ldab $102e ; read first Status
bitb #$80
beq read_again
staa SCDR ; save in TX Register
ldaa #101 ; read ADC value and send to serial port
read_again ldab $102e ; read first Status
bitb #$80
beq read_again
staa SCDR ; save in TX Register
ldaa #108 ; read ADC value and send to serial port
read_again ldab $102e ; read first Status
bitb #$80
beq read_again
staa SCDR ; save in TX Register
ldaa #108 ; read ADC value and send to serial port
read_again ldab $102e ; read first Status
bitb #$80
beq read_again
staa SCDR ; save in TX Register
ldaa #111 ; read ADC value and send to serial port
read_again ldab $102e ; read first Status
bitb #$80
beq read_again
staa SCDR ; save in TX Register
BRA LOOP
This means I didn't use the Buffalo subroutines to display ASCII characters but direct to the serial port but the results are the same (all using using any delays loop)!!
When the characters space, !, ", #, $, they can always resync them somehow. In the following, the "space" is used before Hello so it displays it right after closing and opening the serial softwares. The image follows it is the binary:
(https://imagizer.imageshack.com/v2/800x600q90/922/DKNoAN.jpg)
(https://imagizer.imageshack.com/v2/800x600q90/923/ESxazM.jpg)
The following is when none of the seemingly synching characters were used:
(https://imagizer.imageshack.com/v2/800x600q90/924/JphFrQ.jpg)
(https://imagizer.imageshack.com/v2/800x600q90/924/X3wC3Q.jpg)
Notice the garbages binary start with 1 when none of the ascii and non ascii from 1 to 255 start with 1.
Can that give you a clue what is going on?
Also let's take the case of "space" with binary of 00100000, and letter "H" with binary of 01001000.
If you combine them, they become 0010000001001000
if it encounters the stop bit 1, it becomes 1000000100
If "space" is not used but other character like "|" (besides or !, ", #, $) , with binary 01111100, they becomes 0111110001001000
if it encounters the stop bit 1, it becomes 1111100010
both ends with the start bit 0 so it shouldn't sync it by theory as you said. Maybe the binary that starts with 1 in the last image above can give you a clue?
(I wonder if all memorize the binary bits for the ascii, here it is to faciliate better vizualization)
(https://imagizer.imageshack.com/v2/800x600q90/924/Fv1Csy.jpg)
I need to know it before tacking the HC11 for good. Thanks.
-
Btw.. since Buffalo entry points were not the culprit (as proven above), it could be Buffalo itself. But In my particular HC11. The Reset Vector FFFE is in rom, and it has address E000 in it which is the Buffalo program itself. So I can't boot the HC11 using just the microprocessor without Buffalo. I always thought Buffalo is like JARVIS, a residential monitoring AI firmware, but now I can't get rid of it.
And so as not to be off-topic. I can't use the PIC18F1320 to run the Hello World software because I don't want to brick the Raman unit and pay the school $15,000. Although I can try with my MSP430 device but I don't want to brick it either (and don't know how to run Hello World in it). So that leaves me to buy a new MCU just to try running Hello and see how it behaves with closing and opening the serial program continuously and see if they would all show up garbages without using the characters space, !, ", #, $ that can somehow resync them . If someone even knows how to display Hello World in pure assembly language (without any Cs, just share them in MSP430, PIC and other MCUs format) and see this message someday. Just share the program. Thanks.
(https://imagizer.imageshack.com/img924/2561/2ty8oz.jpg)
-
(https://imagizer.imageshack.com/v2/640x480q90/924/t4ZMob.jpg)
I was able to bypass JARVIS (I mean BUFFALO) but yet the pattern still holds, the characters space, !, ", #, $ can still act like synchronization characters. It means the 68HC11 is directly running the program without the resident firmware BUFFALO anymore. What the hell?
This is the problem with MCU, one small problems lead to others and so on and on without end.
-
Get the logic analyzer and look at what is actually sent. There is no point in guessing. Or just forget about it, since none of this is going anywhere.
-
Get the logic analyzer and look at what is actually sent. There is no point in guessing. Or just forget about it, since none of this is going anywhere.
Yes I need to get a logic analyzer as it's driving me nuts. And also to check out the output of the PIC18F1320 to know why there were no headers and checksums and possibly in correct serial stream (if it could do that too).
There were so many models of Logic Analyzer I saw. Are you supposed to tap it to the PCB itself or can you just put it in the serial interface? But I prefer USB since the PIC only has USB and no RS232 cable like the HC11. Hope you can recommend a model that will surely work as I need to order it halfway across the world and delivered weeks from now (so don't want to order the wrong model).
(https://imagizer.imageshack.com/v2/800x600q90/923/T3hoj5.jpg)
-
And also to check out the output of the PIC18F1320 to know why there were no headers and checksums and possibly in correct serial stream (if it could do that too).
It would not help you with that. Most of what you can do with a logic analyzer you can already do with the terminal.
There were so many models of Logic Analyzer I saw.
The one shown on the picture will be fine.
Are you supposed to tap it to the PCB itself or can you just put it in the serial interface?
What do you mean? You need to probe the part where serial data is sent.
-
And also to check out the output of the PIC18F1320 to know why there were no headers and checksums and possibly in correct serial stream (if it could do that too).
It would not help you with that. Most of what you can do with a logic analyzer you can already do with the terminal.
There were so many models of Logic Analyzer I saw.
The one shown on the picture will be fine.
Are you supposed to tap it to the PCB itself or can you just put it in the serial interface?
What do you mean? You need to probe the part where serial data is sent.
I already ordered it.
I have been looking at example of UART header and checksum hex dump in the internet. I saw the following for example.
(https://imagizer.imageshack.com/v2/800x600q90/924/gwYryn.jpg)
When I displayed Hello World using the Hc11 via serial. And looked at it using the software Serial Port Monitor. Why couldn't I see the header and checksums? (see below) What software are you supposed to see the header and checksums? In the PIC18F1320, it buffers them for some seconds during scans then transfer them to the serial. I want to see its headers checksums using other software. What software can see them? Is it possible for UART sender to disable the headers and checksums that's why they didn't appear in the hex dump below?
(https://imagizer.imageshack.com/v2/800x600q90/923/j0npn7.jpg)
-
There is no standard header and checksum. UART is just bytes. Everything else is application specific. This is exactly why reverse-engineering of protocols is hard sometimes.
You need to do what that person did, but for your device. First of all, the thing that normally happens in the first 5 minutes of investigation is to determine the baudrate. Then receive a lot of data, look at it and see if you can observe any patterns. Then try to figure out if there is some structure. A lot of guessing and theories involved here.
-
I will no longer do any reverse engineering. It is not easy.
The following is program I personally made for the HC11. Note how simple it is. Just enable the serial port and send Hello, Why is there no headers and checksum in the serial output? Does it mean the source has headers and checksum disabled? You can tell from the few lines what is the case (it's just generic serial subroutine I saw). Can you do that in the ARM too? disabling them?
Also to write Hello output, would it require many times more machine language lines using the ARM? Note it has "space" added to Hello such that no matter how many times you close and open the serial program, it can resync. Without it. It turns to garbage. If it is easy to write this in the ARM. I may get same model as yours and run it. What particular ARM do you own?
REGBASE EQU $1000
SPCR EQU $1028
BAUD EQU $102B
SCCR1 EQU $102C
SCCR2 EQU $102D
SCSR EQU $102E
SCDR EQU $102F
ORG $0100
START LDAA #%00110000 ; 00110000 = 9600 BAUD
STAA BAUD ; 00110011 = 1200 BAUD
CLR SCCR1
LDAA #$0C
STAA SCCR2 ;RECEIVER & TRANS. ENABLED
clr SPCR
LOOP
ldaa #72 ; send "H" to serial
read_again ldab $102e ;
bitb #$80
beq read_again
staa SCDR ;
ldaa #101 ; send "e" to serial
read_again ldab $102e ;
bitb #$80
beq read_again
staa SCDR ;
ldaa #108 ; send "l" to serial
read_again ldab $102e ;
bitb #$80
beq read_again
staa SCDR ;
ldaa #108 ; send "l" to serial
read_again ldab $102e ;
bitb #$80
beq read_again
staa SCDR ;
ldaa #111 ; send "o" to serial
read_again ldab $102e ;
bitb #$80
beq read_again
staa SCDR ;
ldaa #32 ; send "space" to serial
read_again ldab $102e ;
bitb #$80
beq read_again
staa SCDR ;
BRA LOOP
(https://imagizer.imageshack.com/v2/800x600q90/922/ucjzkX.jpg)
-
Why is there no headers and checksum in the serial output?
Because you did not program them.
Does it mean the source has headers and checksum disabled?
There is nothing to disable. You are really misunderstanding how UART works. There is no inherent structure. UART just sends individual bytes. You as a programmer decide what they mean. You may decide that a first byte of all your messages would be '#' and this would be your "header". This is not something you absolutely have to do. You may just dump plain text and then you won't need any headers.
the ARM?
ARM is just a core architecture, specific peripheral details depends on a device based on that architecture. Generally, ARM is more complicated, since it is way more capable. And nobody programs in ASM anyway.
What particular ARM do you own?
I "own" dozens of devices. It is not something I idly play with, I use whatever is best suited for a particular project.
With your current level of understanding there is no chance you will be able to use ARM-based devices. It requires reading of documentation and you refuse to do that.
-
Why is there no headers and checksum in the serial output?
Because you did not program them.
Does it mean the source has headers and checksum disabled?
There is nothing to disable. You are really misunderstanding how UART works. There is no inherent structure. UART just sends individual bytes. You as a programmer decide what they mean. You may decide that a first byte of all your messages would be '#' and this would be your "header". This is not something you absolutely have to do. You may just dump plain text and then you won't need any headers.
the ARM?
ARM is just a core architecture, specific peripheral details depends on a device based on that architecture. Generally, ARM is more complicated, since it is way more capable. And nobody programs in ASM anyway.
What particular ARM do you own?
I "own" dozens of devices. It is not something I idly play with, I use whatever is best suited for a particular project.
With your current level of understanding there is no chance you will be able to use ARM-based devices. It requires reading of documentation and you refuse to do that.
Thanks for all the information.
Last question. I will avoid any ARM-based devices and any that requires C language.
What is the fastest most advanced 32 bit microcontroller you know that has assembly very similar to the 68HC11 Assembly Language? I don't want to learn C. I'm not earning anything out of this so I don't want to waste time and learn C. I only want modern MCU with Assembly Language similar to the HC11 I'm already familiar with so I can quickly send the Hello program and see the output.
I also want to explore IR spectroscopy. I'm very tired with Raman. I can't borrow any IR spectrometer so want to build a simple one and needs the most modern microcontroller as this would be the one and final MCU I'd ever own. I don't want the Arduino or Raspberry PI because they are not 32 bit and you need to know C. Many thanks.
-
What is the fastest most advanced 32 bit microcontroller you know that has assembly very similar to the 68HC11 Assembly Language?
I have no idea how HC11 assembly looks like. You can program any modern MCU in assembly, includeing all ARM-based MCUs, it is just incredibly inconvenient and slow. But if all you are going to be doing are those 20-line tiny programs, then any would work. And you would have hard time finding example code, since nobody does that.
You would still need to read MCU documentation. And it is generally pretty long for modern devices.
And the amount of C you need to learn is minimal. And you are still going to have to learn a different variety of assembly, I can guarantee that nothing would be exactly like HC11.
The argument "it does not make me money" is also strange. Nothing would make you money until you learn it enough to start extracting that money.
-
REGBASE EQU $1000
SPCR EQU $1028
BAUD EQU $102B
SCCR1 EQU $102C
SCCR2 EQU $102D
SCSR EQU $102E
SCDR EQU $102F
ORG $0100
START LDAA #%00110000 ; 00110000 = 9600 BAUD
STAA BAUD ; 00110011 = 1200 BAUD
CLR SCCR1
LDAA #$0C
STAA SCCR2 ;RECEIVER & TRANS. ENABLED
clr SPCR
LOOP
ldaa #72 ; send "H" to serial
read_again ldab $102e ;
bitb #$80
beq read_again
staa SCDR ;
ldaa #101 ; send "e" to serial
read_again ldab $102e ;
bitb #$80
beq read_again
staa SCDR ;
ldaa #108 ; send "l" to serial
read_again ldab $102e ;
bitb #$80
beq read_again
staa SCDR ;
ldaa #108 ; send "l" to serial
read_again ldab $102e ;
bitb #$80
beq read_again
staa SCDR ;
ldaa #111 ; send "o" to serial
read_again ldab $102e ;
bitb #$80
beq read_again
staa SCDR ;
ldaa #32 ; send "space" to serial
read_again ldab $102e ;
bitb #$80
beq read_again
staa SCDR ;
BRA LOOP
Do you really have an assembler that does not complain about duplicate symbol "read_again" for the code as shown?
-
What is the fastest most advanced 32 bit microcontroller you know that has assembly very similar to the 68HC11 Assembly Language?
I have no idea how HC11 assembly looks like. You can program any modern MCU in assembly, includeing all ARM-based MCUs, it is just incredibly inconvenient and slow. But if all you are going to be doing are those 20-line tiny programs, then any would work. And you would have hard time finding example code, since nobody does that.
You would still need to read MCU documentation. And it is generally pretty long for modern devices.
And the amount of C you need to learn is minimal. And you are still going to have to learn a different variety of assembly, I can guarantee that nothing would be exactly like HC11.
The argument "it does not make me money" is also strange. Nothing would make you money until you learn it enough to start extracting that money.
I read there is C and C++ created in the early 1970s.
Do all MCUs use the same C language? So if I can figure out how to say "Hello world" in the 68HC11 (which has C to .s19 converter), the same C program can run in all of your MCUs??
Even though I was able to download the EEG MSP430 firmware (so surprised they didn't even JTAG blow the fuse with just one click). I couldn't understand its machine language after reading them using CCS and IRQ (because as you said, there are also many kinds of Assembly languages). However, the Ghidra Reverse Engineering software can turn the MSP430 to machine code and then to C++.
That means what appear to be very complicated machine code in the MSP430 can be easily converted to C++ and understood more easily? But most MCUs use C only, and not C++.
Also if someone say in China stole your firmware and you live in the US, how are you gonna sue him in China?
(oscar, I ran it using AS11.EXE. THRSIM11 simulator can't run them if the labels have duplicates. I'll try using different labels and and ran them again in AS11.EXE)
-
(oscar, I ran it using AS11.EXE. THRSIM11 simulator can't run them if the labels have duplicates. I'll try using different labels and and ran them again in AS11.EXE)
The ancient version of AS11 I have here from the days I used to tinker with HC11 does complain. If something does not complain, then I can only guess that maybe later use of the same symbol replaces the earlier one from that point onward (and you would have to be very careful not to get yourself into trouble with that).
Really that code should be in a subroutine, rather than repeating it every time.
-
the same C program can run in all of your MCUs??
No. You really need to let go of HC11. There is literally nothing like it anymore. None. If you are going to measure everything by how much it looks like HC11, then you can't use anything.
That means what appear to be very complicated machine code in the MSP430 can be easily converted to C++ and understood more easily? But most MCUs use C only, and not C++.
Ghidra output is not useful directly. It is just a rough sketch of what the program might look like, it never actually compiles back to the useful code.
C is just a generic language. The difference between MCUs is in the peripherals. And again, this is a concept you need to understand well before programming anything. you won't be able yo do anything until you do.
Also if someone say in China stole your firmware and you live in the US, how are you gonna sue him in China?
You don't. But you can prevent import of that product to the US. It would require a lot of effort, but it is possible.
-
the same C program can run in all of your MCUs??
No. You really need to let go of HC11. There is literally nothing like it anymore. None. If you are going to measure everything by how much it looks like HC11, then you can't use anything.
That means what appear to be very complicated machine code in the MSP430 can be easily converted to C++ and understood more easily? But most MCUs use C only, and not C++.
Ghidra output is not useful directly. It is just a rough sketch of what the program might look like, it never actually compiles back to the useful code.
C is just a generic language. The difference between MCUs is in the peripherals. And again, this is a concept you need to understand well before programming anything. you won't be able yo do anything until you do.
Also if someone say in China stole your firmware and you live in the US, how are you gonna sue him in China?
You don't. But you can prevent import of that product to the US. It would require a lot of effort, but it is possible.
I know the difference between MCUs is in the peripherals and different registers to enable ADC for example. So different MCUs have different programs to enable them. I know because I spent 2 months late last year trying to run different registers in the ADC and other peripherals of the HC11 to figure out how the app can distinguish between 2 channels. I tried all sorts of combinations. After fixing the firmware missing codes (when I became familiar with assembly language enough to figure out the firmware lines that got deleted by their own pc app). I finally understood it used synchronization characters for 2 channels.
And the whole reason I tried to download the firmware of the latest EEG model using MSP430 was to figure out how they could read from the 24 bit external ADC with very clean signal. Now since I found out I couldn't analyze the 27k firmware and how they did it. I just want to know now what MCUs have 24 bit external ADC with existing circuit diagram and library (open source for example)?? So I could just use it, and just ran the library. You know most MCUs have lousy 12 bit ADC with noises. That's why they use 24 bit external ADC for cleaner signal.
Btw.. for the lousy 12 bit ADCs in the best MCU you have encountered, what are the exact noises present that could make 24 bit external ADC so important ?
-
Well, UART is a peripheral, so it would be different between different MCUs. So, you can't take C code for one MCU and compile it for another MCU without changing device-specific parts.
You've already been pointed at a few MCUs that have higher resolution SDADC. Those may or may not be good enough for your application.
Even if you fond some readily available eval board with 24-bit ADC and a MCU (there are not too many of those, I imagine), all the example code would be in C. And it is not likely that example code would do precisely what you want, so you would have to modify it anyway.
Internal ADCs in the MCUs are not meant for metrological applications.
But also, 24-bits is not about accuracy or resolution, but about dynamic range. If you don't need wide dynamic range, you can use low noise amplifier and use internal ADC just as well.
-
(oscar, I ran it using AS11.EXE. THRSIM11 simulator can't run them if the labels have duplicates. I'll try using different labels and and ran them again in AS11.EXE)
The ancient version of AS11 I have here from the days I used to tinker with HC11 does complain. If something does not complain, then I can only guess that maybe later use of the same symbol replaces the earlier one from that point onward (and you would have to be very careful not to get yourself into trouble with that).
Really that code should be in a subroutine, rather than repeating it every time.
Oscar. You are few of the people I know who is familiar with the HC11. So please don't miss the reply to the above (I'll repost this here and delete the reply an hour ago)
I run As11.exe now. It doesn't complain and correctly jumps to the label just above it. That's why it could still output the txt "Hello". I also changed all labels to unique ones. And the same. I know unique labels are important because I was lost in the loop late last year until I discovered the duplicate labels can miss things up. As11.exe doesn't report any error.
Anyway. I think you missed the reply (dated January 28) to your query about Trace. After reading about your Trace thing. I connected jumper XIRQ and PA3, and saw Trace worked for the first time.
(http://imageshack.com/f/poUkvn5Lj)
Again. I wrote and asked in that January 28 message (pls answer it, thanks).
"A while ago. I used the trace function in Buffalo for the first time. It worked so nice. Didn't know the unit could really do that. But I noticed that whenever it passed through an interrupt enable (for example the CLI which enabled the Real Time Interrupt) . The trace got stuck on the next instruction"
1. Why did it get stuck after passing through instruction that enabled the interrupt? How do you proceed after it got stuck?
-
Oscar. You are few of the people I know who is familiar with the HC11. So please don't miss the reply to the above (I'll repost this here and delete the reply an hour ago)
I run As11.exe now. It doesn't complain and correctly jumps to the label just above it. That's why it could still output the txt "Hello". I also changed all labels to unique ones. And the same. I know unique labels are important because I was lost in the loop late last year until I discovered the duplicate labels can miss things up. As11.exe doesn't report any error.
Show us the listing for that assembly when you use the same name several times.
The AS11.EXE that I have throws out this (and refuses to give a normal listing):
27: Symbol Redefined
33: Symbol Redefined
39: Symbol Redefined
45: Symbol Redefined
51: Symbol Redefined
If I change the symbols to be unique, it produces this listing:
0001 1000 REGBASE EQU $1000
0002 1028 SPCR EQU $1028
0003 102b BAUD EQU $102B
0004 102c SCCR1 EQU $102C
0005 102d SCCR2 EQU $102D
0006 102e SCSR EQU $102E
0007 102f SCDR EQU $102F
0008
0009 0100 ORG $0100
0010
0011 0100 86 30 START LDAA #%00110000 ; 00110000 = 9600 BAUD
0012 0102 b7 10 2b STAA BAUD ; 00110011 = 1200 BAUD
0013 0105 7f 10 2c CLR SCCR1
0014 0108 86 0c LDAA #$0C
0015 010a b7 10 2d STAA SCCR2 ;RECEIVER & TRANS. ENABLED
0016 010d 7f 10 28 clr SPCR
0017
0018 LOOP
0019
0020 0110 86 48 ldaa #72 ; send "H" to serial
0021 0112 f6 10 2e read_again ldab $102e ;
0022 0115 c5 80 bitb #$80
0023 0117 27 f9 beq read_again
0024 0119 b7 10 2f staa SCDR ;
0025
0026 011c 86 65 ldaa #101 ; send "e" to serial
0027 011e f6 10 2e read_again1 ldab $102e ;
0028 0121 c5 80 bitb #$80
0029 0123 27 f9 beq read_again1
0030 0125 b7 10 2f staa SCDR ;
0031
0032 0128 86 6c ldaa #108 ; send "l" to serial
0033 012a f6 10 2e read_again2 ldab $102e ;
0034 012d c5 80 bitb #$80
0035 012f 27 f9 beq read_again2
0036 0131 b7 10 2f staa SCDR ;
0037
0038 0134 86 6c ldaa #108 ; send "l" to serial
0039 0136 f6 10 2e read_again3 ldab $102e ;
0040 0139 c5 80 bitb #$80
0041 013b 27 f9 beq read_again3
0042 013d b7 10 2f staa SCDR ;
0043
0044 0140 86 6f ldaa #111 ; send "o" to serial
0045 0142 f6 10 2e read_again4 ldab $102e ;
0046 0145 c5 80 bitb #$80
0047 0147 27 f9 beq read_again4
0048 0149 b7 10 2f staa SCDR ;
0049
0050 014c 86 20 ldaa #32 ; send "space" to serial
0051 014e f6 10 2e read_again5 ldab $102e ;
0052 0151 c5 80 bitb #$80
0053 0153 27 f9 beq read_again5
0054 0155 b7 10 2f staa SCDR ;
0055
0056 0158 20 b6 BRA LOOP
Anyway. I think you missed the reply (dated January 28) to your query about Trace. After reading about your Trace thing. I connected jumper XIRQ and PA3, and saw Trace worked for the first time.
...
Again. I wrote and asked in that January 28 message (pls answer it, thanks).
"A while ago. I used the trace function in Buffalo for the first time. It worked so nice. Didn't know the unit could really do that. But I noticed that whenever it passed through an interrupt enable (for example the CLI which enabled the Real Time Interrupt) . The trace got stuck on the next instruction"
1. Why did it get stuck after passing through instruction that enabled the interrupt? How do you proceed after it got stuck?
I used Buffalo to "debug" HC11 code, but I don't recall ever using the trace facility - I was used to other monitor programs for 6800 and 6809 that did not have anything like that. Looking now at how the trace works I'm pretty sure a badly behaved user program could cause trouble, as the ram locations used by Buffalo itself are not protected in any way. I'm not saying that is what happened, but it is a possibility.
If things went wrong when you enabled IRQ, are you sure the interrupt handling code was set up correctly? Show the listing of the code you were trying to trace. If you were trying to trace execution in Buffalo itself, well, I'm not sure that is supported - it makes my head hurt to think what might happen.
-
If the filename is hw.txt with the multiple identical read_again labels. I used the following commands to compile in ms dos
as11 hw.txt
or
as11 hw.txt -1 >hw.1st
The hw.1st is empty when there is no error, and it successfully compiled to hw.s19 which I can run in the HC11.
How do you show the listing with the address 0001 1000.. 0009 0100?? I'll try to reproduce that listing because I haven't seen it before (address listed).
About the interrupt and trace. It's the EEG firmware itself. I think when it encountered the real time interrupt enabled, it waits for the interrupt in the background and so the trace got stuck. It only happens whenever it passed by CLI. The firmware works perfectly because it can send the 2 channels into one serial stream and then separately splits or outputs them at the EEG pc software.
-
If the filename is hw.txt with the multiple identical read_again labels. I used the following commands to compile in ms dos
as11 hw.txt
or
as11 hw.txt -1 >hw.1st
The hw.1st is empty when there is no error, and it successfully compiled to hw.s19 which I can run in the HC11.
How do you show the listing with the address 0001 1000.. 0009 0100?? I'll try to reproduce that listing because I haven't seen it before (address listed).
I was using -L option on the command, so similar to your command, but in upper case. I just tried it now with -l instead, and that works too. If I don't use either, I just get an empty file. Maybe there is some way to set up defaults for the options, but it is so long since I was using this that I have forgotten.
But it seems the AS11 you have may be different.
-
If the filename is hw.txt with the multiple identical read_again labels. I used the following commands to compile in ms dos
as11 hw.txt
or
as11 hw.txt -1 >hw.1st
The hw.1st is empty when there is no error, and it successfully compiled to hw.s19 which I can run in the HC11.
How do you show the listing with the address 0001 1000.. 0009 0100?? I'll try to reproduce that listing because I haven't seen it before (address listed).
I was using -L option on the command, so similar to your command, but in upper case. I just tried it now with -l instead, and that works too. If I don't use either, I just get an empty file. Maybe there is some way to set up defaults for the options, but it is so long since I was using this that I have forgotten.
But it seems the AS11 you have may be different.
Oh my gosh. I just realized I had been using the wrong switch the whole 4 months I was using the HC11. I used number one 1 instead of L in the -L (I used -1). When I used the right -L now. It also listed it. But no error. I ran
As11 hw.txt -L >hw.1st
0001 1000 REGBASE EQU $1000
0002 1028 SPCR EQU $1028
0003 102b BAUD EQU $102B
0004 102c SCCR1 EQU $102C
0005 102d SCCR2 EQU $102D
0006 102e SCSR EQU $102E
0007 102f SCDR EQU $102F
0008
0009 0100 ORG $0100
0010
0011 0100 86 30 START LDAA #%00110000 ; 00110000 = 9600 BAUD
0012 0102 b7 10 2b STAA BAUD ; 00110011 = 1200 BAUD
0013 0105 7f 10 2c CLR SCCR1
0014 0108 86 0c LDAA #$0C
0015 010a b7 10 2d STAA SCCR2 ;RECEIVER & TRANS. ENABLED
0016 010d 7f 10 28 clr SPCR
0017
0018 LOOP
0019
0020 0110 86 48 ldaa #72 ; send "H" to serial
0021 0112 f6 10 2e read_again ldab $102e ;
0022 0115 c5 80 bitb #$80
0023 0117 27 f9 beq read_again
0024 0119 b7 10 2f staa SCDR ;
0025
0026 011c 86 65 ldaa #101 ; send "e" to serial
0027 011e f6 10 2e read_again ldab $102e ;
0028 0121 c5 80 bitb #$80
0029 0123 27 f9 beq read_again
0030 0125 b7 10 2f staa SCDR ;
0031
0032 0128 86 6c ldaa #108 ; send "l" to serial
0033 012a f6 10 2e read_again ldab $102e ;
0034 012d c5 80 bitb #$80
0035 012f 27 f9 beq read_again
0036 0131 b7 10 2f staa SCDR ;
0037
0038 0134 86 6c ldaa #108 ; send "l" to serial
0039 0136 f6 10 2e read_again ldab $102e ;
0040 0139 c5 80 bitb #$80
0041 013b 27 f9 beq read_again
0042 013d b7 10 2f staa SCDR ;
0043
0044 0140 86 6f ldaa #111 ; send "o" to serial
0045 0142 f6 10 2e read_again ldab $102e ;
0046 0145 c5 80 bitb #$80
0047 0147 27 f9 beq read_again
0048 0149 b7 10 2f staa SCDR ;
0049
0050 014c 86 20 ldaa #32 ; send "space" to serial
0051 014e f6 10 2e read_again ldab $102e ;
0052 0151 c5 80 bitb #$80
0053 0153 27 f9 beq read_again
0054 0155 b7 10 2f staa SCDR ;
0055
0056 0158 20 b6 BRA LOOP
It's that awful when you just learnt a new fact when you are about to leave something behind. It could have helped me all those months learning the HC11 and trying to recover and learn how the firmware worked.
If you know where you got your AS11 or can upload it to a file directory somewhere, please do because my As11.exe didn't show error when multilple identical labels were used. But if wrong instructions used, it can show error like yours.
-
From that assembly listing, you can see what it has done with the duplicate symbols. Look at the generated code for each instruction as shown on the left, you can see that all the "beq read_again" instructions assemble as "27 f9" (shown in hexadecimal, of course).The 27 is the opcode for beq, and the f9 (minus 7 in decimal) is the offset, relative to the next instruction, to branch to. So, it has created code that does what you want, but to me just doing that silently is a big trap for the unwary - think what could happen if you accidentally used the same symbol twice.
I don't remember where I got AS11 from. I have it in a directory together with the Axiom IDE (I had one of their boards), so perhaps it was bundled with that.
You could use asm11.exe from http://www.aspisys.com/asm11.htm (http://www.aspisys.com/asm11.htm) ("Click title for binaries" link) instead. That even runs natively on current Windows versions, something that AS11 (at least the one I have) does not. The listing produced by that gives some additional information too, like the cycle counts for each instruction.
For today's assembly language lesson, take a look at the generated code for these four instructions:
0020 0110 86 48 ldaa #72 ; send "H" to serial
0021 0112 86 48 ldaa #$48 ; send "H" to serial
0022 0114 86 48 ldaa #%01001000 ; send "H" to serial
0023 0116 86 48 ldaa #'H' ; send "H" to serial
For what you were doing, which of those do you think makes the most sense?
-
From that assembly listing, you can see what it has done with the duplicate symbols. Look at the generated code for each instruction as shown on the left, you can see that all the "beq read_again" instructions assemble as "27 f9" (shown in hexadecimal, of course).The 27 is the opcode for beq, and the f9 (minus 7 in decimal) is the offset, relative to the next instruction, to branch to. So, it has created code that does what you want, but to me just doing that silently is a big trap for the unwary - think what could happen if you accidentally used the same symbol twice.
I don't remember where I got AS11 from. I have it in a directory together with the Axiom IDE (I had one of their boards), so perhaps it was bundled with that.
You could use asm11.exe from http://www.aspisys.com/asm11.htm (http://www.aspisys.com/asm11.htm) ("Click title for binaries" link) instead. That even runs natively on current Windows versions, something that AS11 (at least the one I have) does not. The listing produced by that gives some additional information too, like the cycle counts for each instruction.
For today's assembly language lesson, take a look at the generated code for these four instructions:
0020 0110 86 48 ldaa #72 ; send "H" to serial
0021 0112 86 48 ldaa #$48 ; send "H" to serial
0022 0114 86 48 ldaa #%01001000 ; send "H" to serial
0023 0116 86 48 ldaa #'H' ; send "H" to serial
For what you were doing, which of those do you think makes the most sense?
I'm familiar with the first 3 lines, but I never tried "#'H'. The reason I was so familiar with the first 3 lines was because I had to learn to and distinguish them to even understand what the EEG firmware is doing, and after knowing them, figuring out the missing codes the manufacturer deleted on purpose.
They reason they bricked the old 1999 EEG unit was because it was once free to use. Now you must pay for limited time use and very expensive. When I bought it in 1999 I didn't even use it. I planned to explore it last year October and I ran the manufacturer latest software which bricked them. Fortunately. My old software in a 1.44M diskette still worked after 22 years. I How long is the 1.44M diskette you have tried to read and no bad sectors? Then I open the unit and found out it has an HC11 inside and I read everything about HC11 until I know how to write simple codes, and analyze loops. The THRsim11 has helped me a lot. Also in the 7 pages firmware. Only 3 are required, the rest creates many loops that are meant to confuse those who are seeing the firmware. It took me 2 weeks to analyze them after writing each register on paper and tracing the loop. And usng THRsim11 simulator. Had I know how to trace in Buffalo that time, It could have helped me a lot.
If you used identical label names inside loop. It can jump incorrectly, and it took 2 days to discover it last November. In the latest asm11 copy you shared above. The following is the error now. (the reason I still use multiple labels is just to quickly display Hello at serial, that's why I didn't use any subroutine for the serial which I know how to do. I don't use the Hc11 for other purposes except just exploring the EEG thing and I forgot about not using multiple labels because my AS11 copy not showing error.. Ataradov kept asking me why I still use the HC11. It's primarily to fix the bricked EEG which I did successfully):
C:\Users\AlbeP\Downloads\asmw32\hw.txt(27): Error: Possibly duplicate symbol "read_again"
C:\Users\AlbeP\Downloads\asmw32\hw.txt(33): Error: Possibly duplicate symbol "read_again"
C:\Users\AlbeP\Downloads\asmw32\hw.txt(39): Error: Possibly duplicate symbol "read_again"
C:\Users\AlbeP\Downloads\asmw32\hw.txt(45): Error: Possibly duplicate symbol "read_again"
C:\Users\AlbeP\Downloads\asmw32\hw.txt(51): Error: Possibly duplicate symbol "read_again"
Assembled hw.txt (56 lines) [Errs: 5]
1 file processed! (Elapsed time: 0:00:00)
The following is when the loop has unique names
Assembled hw.txt (56 lines) 90 bytes, RAM: 0, CRC: $EEF8
1 file processed! (Elapsed time: 0:00:00)
What web sites can one upload files that you can download? The as11 is open source. I want to upload you my as11 copy which doesn't show any error even if all identical labels used. It can run only in 32bit Windows DOS. Your as11 link is great because I can now run it in my 64 bit windows without having to use Oracle Virtual box just to run it in windows 32 bit and dos.
My Microsoft Surface Pro 7 can only run Windows 64 bit and not 32 bit. But with your programming skill guys, can you share how to run windows 32 bit in the Microsoft Surface notebooks?
-
Well, UART is a peripheral, so it would be different between different MCUs. So, you can't take C code for one MCU and compile it for another MCU without changing device-specific parts.
You've already been pointed at a few MCUs that have higher resolution SDADC. Those may or may not be good enough for your application.
Even if you fond some readily available eval board with 24-bit ADC and a MCU (there are not too many of those, I imagine), all the example code would be in C. And it is not likely that example code would do precisely what you want, so you would have to modify it anyway.
Internal ADCs in the MCUs are not meant for metrological applications.
But also, 24-bits is not about accuracy or resolution, but about dynamic range. If you don't need wide dynamic range, you can use low noise amplifier and use internal ADC just as well.
In your work, how often do you integrate pc software to the embedded MCU? If you can use password in the pc software that would be tied up with the serial number in your circuit or module. Then why be concerned the circuit and firmware are copied when they don't have your pc software source code? Is there a Ghidra reverse engineering that can hack all software too?
Btw..I will no longer reverse engineer the Raman spectrometer or EEG and will move from the 68HC11. I don't want to offend those manufacturers too. I heard they can get you if there is an extradition treaty between the United States and that country? And I will not hack any software too Don't worry. Instead I'll focus on my interests in the brain and physics. I have over 50 books of the brain, and nearly 300 on physics, and interested in biophysics as I've been trying to understand why emotions are contagious and how people can affect one another non-locally and something nonphysical is also feeding on the emotions and provoking violence (like when soldiers killed civilians en masse). The following headlines about quantum entanglement detected in the brain will let me review it all (I wonder what kind of MCU and ADC is inside MRI, any clue?0. By the way. what is your area of expertise along the line of programming embedded circuits and MCUs?
https://www.freethink.com/science/consciousness-quantum-entanglement?utm_source=facebook&utm_medium=social&utm_campaign=BigThinkdotcom&fbclid=IwAR1q_d5W7NbWiIh_a9QBwDgF6Kq3gahEwIHKPjViG59cn8YUwbbdJzQrKzs (https://www.freethink.com/science/consciousness-quantum-entanglement?utm_source=facebook&utm_medium=social&utm_campaign=BigThinkdotcom&fbclid=IwAR1q_d5W7NbWiIh_a9QBwDgF6Kq3gahEwIHKPjViG59cn8YUwbbdJzQrKzs)
"Seeing entanglement in the brain may show that the brain is not classical, as previously thought, but rather a powerful quantum system. If the results can be confirmed, they could provide some indication that the brain uses quantum processes. This could begin to shed light on how our brain performs the powerful computations it does, and how it manages consciousness."
https://iopscience.iop.org/article/10.1088/2399-6528/ac94be (https://iopscience.iop.org/article/10.1088/2399-6528/ac94be)
"Our findings suggest that we may have witnessed entanglement mediated by consciousness-related brain functions. Those brain functions must then operate non-classically, which would mean that consciousness is non-classical."
-
In your work, how often do you integrate pc software to the embedded MCU?
Never.
If you can use password in the pc software that would be tied up with the serial number in your circuit or module.
If I clone your hardware, I would just clone the same serial number and then distribute a single known password that works with that SN.
Is there a Ghidra reverse engineering that can hack all software too?
Ghidra works with PC software too. And there are a ton of other tools. You can forget about locking down the PC software. It is impossible to do.
Don't worry.
I'm not worried, based on this thread, there is no chance of you successfully reverse-engineering anything. You are pretty safe here.
By the way. what is your area of expertise along the line of programming embedded circuits and MCUs?
Why?
"Seeing entanglement in the brain
I'm done here. I don't do quack pseudo-science.