Page 1 of 2

"Ultra hax0r guide" Questions From the Community

Posted: Wed Feb 06, 2019 4:57 am
by Billycar11
everyone's questions are welcome not just mine.

Questions
1. if there is no official image for a drive we are downgrading would it be better to use this method and change the one byte in a clean firmware or use the dos flash method?
2. what firmware images from https://forum.cdrinfo.pl/f29/crossflash ... s58-96313/ are official if any?
3. what are the disadvantages of using a clean firmware in selfupdate mode vs an official firmware in self update mode? i thought cal data was left alone in this mode
4. what problems can come from slightly corrupt cal data? i have only had one drive that worked fine on regular fw but didnt work right on edited ones and then worked fine again when put back to stock. the drive had all correct build dates to be compatible and was on 3.03.
5. would using the unlocked flasher repair any of the slightly corrupt cal data? my guess is no because
mike admin wrote:
Tue Feb 05, 2019 10:35 pm
The areas of flash memory containing configuration data are not touched during the update at all.
6. how can we best extract the firmware from the exe? the one Marty made i found it no problem with 7zip 109 was the name but in lg exes 103 has no 1ec056 or the other big file text none seem to be fw.

many more but i am bad at explaining things in text.

other notes:

i myself have used the unlocked flasher many times to go from asus 3.01 to 3.02 and then in between Asus 3.02 and WH16NS60 1.00 for testing with clean firmware's and didnt experience any problems what problems could this cause? the drive originally started on 3.03 and was downgraded using the dos flash method.

Re: "Ultra hax0r guide" Questions

Posted: Wed Feb 06, 2019 5:03 am
by SamuriHL
Question: The firmware that comes with the patched MTK firmware flashing tool that Mike linked to APPEARS to contain dosflash extracted and cleaned firmware images. Given that Mike was clear about needing bin files ripped from official LG firmware update tools, are these images that are shipped with the flashing tool correct or not? Thank you!

Re: "Ultra hax0r guide" Questions From the Community

Posted: Wed Feb 06, 2019 12:31 pm
by mike admin
It all comes down to how "clean" is the firmware. Dumped and properly "cleaned" firmware is byte-to-byte identical to official flash image. So, assuming your "clean" firmware is good...
Billycar11 wrote:
Wed Feb 06, 2019 4:57 am
1. if there is no official image for a drive we are downgrading would it be better to use this method and change the one byte in a clean firmware or use the dos flash method?
This one - much much safer and reliable.
Billycar11 wrote: 2. what firmware images from https://forum.cdrinfo.pl/f29/crossflash ... s58-96313/ are official if any?
I do not know, as I haven't checked them personally.
Billycar11 wrote: 3. what are the disadvantages of using a clean firmware in selfupdate mode vs an official firmware in self update mode? i thought cal data was left alone in this mode
See above. In theory you might get a not completely "clean" firmware with some configuration data let. I'm not sure, I haven't checked the images thoroughly.
Billycar11 wrote: 4. what problems can come from slightly corrupt cal data? i have only had one drive that worked fine on regular fw but didnt work right on edited ones and then worked fine again when put back to stock. the drive had all correct build dates to be compatible and was on 3.03.
cal data is outside of (signed) code section, so you can mix and match. I don't know what will happen, never done that :)
Billycar11 wrote: 5. would using the unlocked flasher repair any of the slightly corrupt cal data? my guess is no because
mike admin wrote:
Tue Feb 05, 2019 10:35 pm
The areas of flash memory containing configuration data are not touched during the update at all.
You are correct, no.
Billycar11 wrote: 6. how can we best extract the firmware from the exe? the one Marty made i found it no problem with 7zip 109 was the name but in lg exes 103 has no 1ec056 or the other big file text none seem to be fw.
ASUS - plain binary in resource data. Search for MT19** Boot and go back 0x3000 bytes.
LG - byte swap the file (dd conv=bs), then search for "PK" - this is the start of zip archive. Extract the zip archive, then unzip it.
Billycar11 wrote: i myself have used the unlocked flasher many times to go from asus 3.01 to 3.02 and then in between Asus 3.02 and WH16NS60 1.00 for testing with clean firmware's and didnt experience any problems what problems could this cause? the drive originally started on 3.03 and was downgraded using the dos flash method.
As said before, as long as image is "properly clean", it is 100% identical to an original official update image.

Re: "Ultra hax0r guide" Questions From the Community

Posted: Wed Feb 06, 2019 8:16 pm
by SamuriHL
mike admin wrote:
Wed Feb 06, 2019 12:31 pm
ASUS - plain binary in resource data. Search for MT19** Boot and go back 0x3000 bytes.
LG - byte swap the file (dd conv=bs), then search for "PK" - this is the start of zip archive. Extract the zip archive, then unzip it.
Awesome info! I extracted the LG NS60 1.01 firmware and compared it to my extracted version from dosflash. The ONLY differences are the personalized data (encryption key, calibration data) which I believe are outside the bounds of the official flash method. Obviously the 1.01 firmware doesn't do us any good but it means that the extracted/cleaned 1.00 firmware that's been posted works as expected and I've verified this by flashing a version I made with the data mover tool with the patched flasher and my drive is working perfectly. BOOYA! Thank you SO much for all the incredible info you've posted!!!

Re: "Ultra hax0r guide" Questions From the Community

Posted: Sun Feb 10, 2019 11:43 pm
by MartyMcNuts
Can someone please explain the following:
LG - byte swap the file (dd conv=bs), then search for "PK" - this is the start of zip archive. Extract the zip archive, then unzip it.
I have no idea what this means! What file are you byte swapping? (PS: I'm a windows user!!!)

Thanks

Re: "Ultra hax0r guide" Questions From the Community

Posted: Mon Feb 11, 2019 12:07 am
by SamuriHL
MartyMcNuts wrote:
Sun Feb 10, 2019 11:43 pm
Can someone please explain the following:
LG - byte swap the file (dd conv=bs), then search for "PK" - this is the start of zip archive. Extract the zip archive, then unzip it.
I have no idea what this means! What file are you byte swapping? (PS: I'm a windows user!!!)

Thanks
You'd need to use windows for linux subsystem then. You use the linux dd command to byteswap the entire file, then extract the zip file from the byteswapped file, and then extract the zip. That'll give you the bin. I did this for the NS60 1.01. It's a pain in the ass.

EDIT: Meant to copy the dd command I used from windows subsystem for linux bash shell:

dd if=./WH16NS60.exe of=./WH16NS60_swaped.exe conv=swab

Re: "Ultra hax0r guide" Questions From the Community

Posted: Mon Feb 11, 2019 1:30 am
by MartyMcNuts
Thanks @SamuriHL.

I'll have a look at that.

Re: "Ultra hax0r guide" Questions From the Community

Posted: Mon Feb 11, 2019 2:19 am
by SamuriHL
No problem. If you need a hand with any of them let me know. I can extract the bins for you if you need.

Re: "Ultra hax0r guide" Questions From the Community

Posted: Mon Feb 11, 2019 6:28 pm
by SamuriHL
Please see the new firmware extractor utility posted here:

viewtopic.php?p=70983#p70983

Re: "Ultra hax0r guide" Questions From the Community

Posted: Mon Feb 11, 2019 6:57 pm
by Billycar11
SamuriHL wrote:
Mon Feb 11, 2019 6:28 pm
I wrote you a little utility that should help. I have only tested this on ONE LG firmware exe so I make no promises. LOL. It's a command line util so extract it and run it from the command line:

E.G.:

FirmwareExtractor WH16NS60.exe

It'll output a zip file with the same base name as the exe you pass in and put it in the same directory. The zip file contains the bin file for the firmware. Enjoy and let me know if you have any issues.
Nice! Thanks

Re: "Ultra hax0r guide" Questions From the Community

Posted: Mon Feb 11, 2019 7:12 pm
by SamuriHL
No problem. Hope it helps. If you do run into any issues, let me know and I'll fix it. It's pretty simple logic. Read in the file, byte swap it in memory, find the start of the zip, and write it out to a new file.

Re: "Ultra hax0r guide" Questions From the Community

Posted: Mon Feb 11, 2019 9:27 pm
by SamuriHL
I just updated the attachment with a new version. It will now also extract bin files from ASUS executable flashers. Just for fun. Enjoy!

Re: "Ultra hax0r guide" Questions From the Community

Posted: Tue Feb 12, 2019 1:41 am
by MartyMcNuts
SamuriHL wrote:
Mon Feb 11, 2019 6:28 pm
I wrote you a little utility that should help. I have only tested this on ONE LG firmware exe so I make no promises. LOL. It's a command line util so extract it and run it from the command line:

E.G.:

FirmwareExtractor WH16NS60.exe

It'll output a zip file with the same base name as the exe you pass in and put it in the same directory. The zip file contains the bin file for the firmware. Enjoy and let me know if you have any issues.
Thanks @SamuriHL! I'll give it a go.

Re: "Ultra hax0r guide" Questions From the Community

Posted: Tue Feb 12, 2019 1:48 am
by SamuriHL
If you find any firmware exes that break it, just send me a link and I'll take a look. There's not a whole lot of error handling in this thing right now but the few files I tested worked well.

Re: "Ultra hax0r guide" Questions From the Community

Posted: Tue Feb 12, 2019 1:53 am
by MartyMcNuts
@SamuriHL,

Can I run this from Windows or do I still need Linux? I ran it from windows cmd and it created a zip file but I can't open the zip file.