shinyquagsire23 · October 9, 2017 21:31
diff --git a/ardsitest.cpp b/ardsitest.cpp
 // Compile with g++ -lusb-1.0 ardsitest.cpp

 #ifdef WIN32
 #include <windows.h>
 #endif
 #include <stdio.h>
 #include <stdlib.h>
 #include <cstring>
 #include <libusb-1.0/libusb.h>

 void hex_dump(unsigned char *buf, int len)
 {
   for (int i = 0; i < len; i++)
      printf("%02x ", buf[i]);
    printf("\n");
 }

 void flash_dump(libusb_device_handle *handle, char *out_path)
 {
   int res, bytes_transferred;
   unsigned char data_buf[0x1000];
   uint8_t spi_read[5] = {0x72, 0x0, 0x0, 0x0, 0x0};
    
 	FILE *dump = fopen(out_path, "wb");
 	printf("Dumping...\n");
 	for(*(uint32_t*)(&spi_read[0x1]) = 0; *(uint32_t*)(&spi_read[0x1]) < 0x200000; *(uint32_t*)(&spi_read[0x1]))
 	{
 	    memcpy(data_buf, spi_read, sizeof(spi_read));
       res = libusb_bulk_transfer(handle, (1 | LIBUSB_ENDPOINT_OUT), data_buf, sizeof(spi_read), &bytes_transferred, 0);
       //printf("Wrote %x bytes\n", bytes_transferred);
   
       res = libusb_bulk_transfer(handle, (1 | LIBUSB_ENDPOINT_IN), data_buf, 0x1000, &bytes_transferred, 0);
       //hex_dump(data_buf, bytes_transferred);
 	    fwrite(data_buf, bytes_transferred, 1, dump);
 	    
 	    *(uint32_t*)(&spi_read[0x1]) += bytes_transferred;
 	}
 	fclose(dump);
 }

 void flash_read(libusb_device_handle *handle, uint32_t address, uint8_t *out)
 {
   int res, bytes_transferred;
   unsigned char data_buf[0x1000] = {0};
   uint8_t spi_read[5] = {0x72, 0x0, 0x0, 0x0, 0x0};
   
   *(uint32_t*)(&spi_read[0x1]) = address;
   
   // Read the data
   memcpy(data_buf, spi_read, sizeof(spi_read));
   res = libusb_bulk_transfer(handle, (1 | LIBUSB_ENDPOINT_OUT), data_buf, sizeof(spi_read), &bytes_transferred, 0);
   
   // Get 0x1000 bytes
   res = libusb_bulk_transfer(handle, (1 | LIBUSB_ENDPOINT_IN), out, 0x1000, &bytes_transferred, 0);
 }


 void flash_write(libusb_device_handle *handle, uint32_t address, uint8_t *to_write)
 {
   int res, bytes_transferred;
   unsigned char data_buf[0x1000] = {0};
   uint8_t spi_clear[5] = {0x65, 0x0, 0x0, 0x0, 0x0};
   uint8_t spi_write[5] = {0x70, 0x0, 0x0, 0x0, 0x0};
   
   *(uint32_t*)(&spi_clear[0x1]) = address;
   *(uint32_t*)(&spi_write[0x1]) = address;
   
   // Clear the address
   memcpy(data_buf, spi_clear, sizeof(spi_clear));
   res = libusb_bulk_transfer(handle, (1 | LIBUSB_ENDPOINT_OUT), data_buf, sizeof(spi_clear), &bytes_transferred, 0);
   
   // Ask to write
   memcpy(data_buf, spi_write, sizeof(spi_write));
   res = libusb_bulk_transfer(handle, (1 | LIBUSB_ENDPOINT_OUT), data_buf, sizeof(spi_write), &bytes_transferred, 0);
   
   // Feed 0x1000 bytes of data to write
   res = libusb_bulk_transfer(handle, (1 | LIBUSB_ENDPOINT_OUT), to_write, 0x1000, &bytes_transferred, 0);
 }


 int main(int argc, char* argv[])
 {
   libusb_context *ctx = NULL;
   libusb_device_handle *handle;
   
   int res = libusb_init(&ctx);
   if (res < 0) 
   {
      printf("Unable to initialize libusb, %i\n", res);
      return -1;
   }
   
   libusb_set_debug(ctx, 3);
   handle = libusb_open_device_with_vid_pid(ctx, 0x1C1A, 0x0100);
   if (!handle)
   {
      printf("Unable to open device.\n");
      return -1;
   }
   printf("%x\n", handle);
   
   res = libusb_claim_interface(handle, 0);
   if (res < 0)
   {
      printf("Could not claim interface 0\n");
      return -1;
   }
   printf("%x\n", res);
   
   uint8_t data_buf[0x8000];
   uint8_t id_maybe[5] = {0x69, 0x0, 0x0, 0x0, 0x0};
   
   int bytes_transferred = 0;
   
   memcpy(data_buf, id_maybe, sizeof(id_maybe));
   res = libusb_bulk_transfer(handle, (1 | LIBUSB_ENDPOINT_OUT), data_buf, sizeof(id_maybe), &bytes_transferred, 0);
   printf("Wrote %x bytes\n", bytes_transferred);
   
   res = libusb_bulk_transfer(handle, (1 | LIBUSB_ENDPOINT_IN), data_buf, 3, &bytes_transferred, 0);
   hex_dump(data_buf, bytes_transferred);
   
   
   int addr = 0x0;
 #if 1
   for (addr = 0x0; addr < 0x200000; addr += 0x1000)
   {
      memset(data_buf, 0x0, 0x1000);
      
      FILE *test = fopen("ntrboot_ar_custom.bin", "rb");
      fseek(test, addr+8, SEEK_SET);
      fread(data_buf, sizeof(uint8_t), 0x1000, test);
      fclose(test);
      
      flash_write(handle, addr, data_buf);
   }
 #endif

 #if 0
   flash_dump(handle, "ardsi_spi_dump.bin");
 #endif
   
   libusb_release_interface(handle, 0);
   libusb_close(handle);
   libusb_exit(ctx);
   return 0;
 }
	// Compile with g++ -lusb-1.0 ardsitest.cpp

	#ifdef WIN32
	#include <windows.h>
	#endif
	#include <stdio.h>
	#include <stdlib.h>
	#include <cstring>
	#include <libusb-1.0/libusb.h>

	void hex_dump(unsigned char *buf, int len)
	{
	for (int i = 0; i < len; i++)
	printf("%02x ", buf[i]);
	printf("\n");
	}

	void flash_dump(libusb_device_handle handle, char out_path)
	{
	int res, bytes_transferred;
	unsigned char data_buf[0x1000];
	uint8_t spi_read[5] = {0x72, 0x0, 0x0, 0x0, 0x0};

	FILE *dump = fopen(out_path, "wb");
	printf("Dumping...\n");
	for((uint32_t)(&spi_read[0x1]) = 0; (uint32_t)(&spi_read[0x1]) < 0x200000; (uint32_t)(&spi_read[0x1]))
	{
	memcpy(data_buf, spi_read, sizeof(spi_read));
	res = libusb_bulk_transfer(handle, (1 \| LIBUSB_ENDPOINT_OUT), data_buf, sizeof(spi_read), &bytes_transferred, 0);
	//printf("Wrote %x bytes\n", bytes_transferred);

	res = libusb_bulk_transfer(handle, (1 \| LIBUSB_ENDPOINT_IN), data_buf, 0x1000, &bytes_transferred, 0);
	//hex_dump(data_buf, bytes_transferred);
	fwrite(data_buf, bytes_transferred, 1, dump);

	(uint32_t)(&spi_read[0x1]) += bytes_transferred;
	}
	fclose(dump);
	}

	void flash_read(libusb_device_handle handle, uint32_t address, uint8_t out)
	{
	int res, bytes_transferred;
	unsigned char data_buf[0x1000] = {0};
	uint8_t spi_read[5] = {0x72, 0x0, 0x0, 0x0, 0x0};

	(uint32_t)(&spi_read[0x1]) = address;

	// Read the data
	memcpy(data_buf, spi_read, sizeof(spi_read));
	res = libusb_bulk_transfer(handle, (1 \| LIBUSB_ENDPOINT_OUT), data_buf, sizeof(spi_read), &bytes_transferred, 0);

	// Get 0x1000 bytes
	res = libusb_bulk_transfer(handle, (1 \| LIBUSB_ENDPOINT_IN), out, 0x1000, &bytes_transferred, 0);
	}


	void flash_write(libusb_device_handle handle, uint32_t address, uint8_t to_write)
	{
	int res, bytes_transferred;
	unsigned char data_buf[0x1000] = {0};
	uint8_t spi_clear[5] = {0x65, 0x0, 0x0, 0x0, 0x0};
	uint8_t spi_write[5] = {0x70, 0x0, 0x0, 0x0, 0x0};

	(uint32_t)(&spi_clear[0x1]) = address;
	(uint32_t)(&spi_write[0x1]) = address;

	// Clear the address
	memcpy(data_buf, spi_clear, sizeof(spi_clear));
	res = libusb_bulk_transfer(handle, (1 \| LIBUSB_ENDPOINT_OUT), data_buf, sizeof(spi_clear), &bytes_transferred, 0);

	// Ask to write
	memcpy(data_buf, spi_write, sizeof(spi_write));
	res = libusb_bulk_transfer(handle, (1 \| LIBUSB_ENDPOINT_OUT), data_buf, sizeof(spi_write), &bytes_transferred, 0);

	// Feed 0x1000 bytes of data to write
	res = libusb_bulk_transfer(handle, (1 \| LIBUSB_ENDPOINT_OUT), to_write, 0x1000, &bytes_transferred, 0);
	}


	int main(int argc, char* argv[])
	{
	libusb_context *ctx = NULL;
	libusb_device_handle *handle;

	int res = libusb_init(&ctx);
	if (res < 0)
	{
	printf("Unable to initialize libusb, %i\n", res);
	return -1;
	}

	libusb_set_debug(ctx, 3);
	handle = libusb_open_device_with_vid_pid(ctx, 0x1C1A, 0x0100);
	if (!handle)
	{
	printf("Unable to open device.\n");
	return -1;
	}
	printf("%x\n", handle);

	res = libusb_claim_interface(handle, 0);
	if (res < 0)
	{
	printf("Could not claim interface 0\n");
	return -1;
	}
	printf("%x\n", res);

	uint8_t data_buf[0x8000];
	uint8_t id_maybe[5] = {0x69, 0x0, 0x0, 0x0, 0x0};

	int bytes_transferred = 0;

	memcpy(data_buf, id_maybe, sizeof(id_maybe));
	res = libusb_bulk_transfer(handle, (1 \| LIBUSB_ENDPOINT_OUT), data_buf, sizeof(id_maybe), &bytes_transferred, 0);
	printf("Wrote %x bytes\n", bytes_transferred);

	res = libusb_bulk_transfer(handle, (1 \| LIBUSB_ENDPOINT_IN), data_buf, 3, &bytes_transferred, 0);
	hex_dump(data_buf, bytes_transferred);


	int addr = 0x0;
	#if 1
	for (addr = 0x0; addr < 0x200000; addr += 0x1000)
	{
	memset(data_buf, 0x0, 0x1000);

	FILE *test = fopen("ntrboot_ar_custom.bin", "rb");
	fseek(test, addr+8, SEEK_SET);
	fread(data_buf, sizeof(uint8_t), 0x1000, test);
	fclose(test);

	flash_write(handle, addr, data_buf);
	}
	#endif

	#if 0
	flash_dump(handle, "ardsi_spi_dump.bin");
	#endif

	libusb_release_interface(handle, 0);
	libusb_close(handle);
	libusb_exit(ctx);
	return 0;
	}