MCUmall EPROM BIOS Chip Burner Forum
MCUmall EPROM BIOS Chip Burner Forum
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 MCUmall Forums
 Novice Place
 connect router zyxel 660HW-D1 wich willem
 Forum Locked
 Printer Friendly
Author Previous Topic Topic Next Topic  

cyrax

Spain
43 Posts

Posted - 07/06/2016 :  05:31:53  Show Profile
Hello, i have a router zyxel 660HW-D1

I need to conect willem GQ-4X to serial pins in router.


The router have 4 pins in line, and another 3 pins in line, in a tutorial i have explain the pins required:(but is for a serial port no wich willem)

The pins in router are: GND , RX , TX, + 3,3v, in the line of 4 pins.

But,i need the position to connect this cables in willem programmer.

And, need, a tutorial for add new devices and chips to willem please.

thank you very much
Reply #1

anniel

2572 Posts

Posted - 07/06/2016 :  05:41:23  Show Profile
You need to connect the GQ-4X directly to the EEPROM.
Look in the devices.txt header.

Edited by - anniel on 07/06/2016 05:42:41
Go to Top of Page
Reply #2

cyrax

Spain
43 Posts

Posted - 07/06/2016 :  06:50:13  Show Profile
Thanks anniel.

This is a foto of router:



I novice total, the eeprom i supose is the chip of 8 sideburns, is a UTC WLC4 MC34063AL 01 or is another chip? I do not know.

There is another 2 chip more small wich 8 pins,but I guess that is the chip that I have appointed first bigger, similar to a BIOS chip.

Now , if I am not mistaken with the name of the chip, I would like to know add the chip in devices of Willem programmer.

This chip not is in devices of willem.

Many Thanks, sorry the inconvenience, I write with a translator.
Go to Top of Page
Reply #3

anniel

2572 Posts

Posted - 07/07/2016 :  05:14:14  Show Profile
MC34063AL is a DC-DC converter.
Go to Top of Page
Reply #4

cyrax

Spain
43 Posts

Posted - 07/07/2016 :  09:06:21  Show Profile
Thank you anniel.

Not be that chip is the eeprom to programming wich willem.

I see this chips:

WINBOND 9812G6JH-75, wich many pins , 56 aprox, can`t see good.

INFINEON ADM6996I wiich more many pins...

74lvcobad wich 14 pins

74lvc14ad wich 14 pins

MXT094745 wich 52 pins aprox.

AS393M wich 8 pins

4405 BV9U17 wich 8 pins

infineon PSBI350AZGU wich many pins tiny.

infineon PSB7200ZDW wich no pins visible.

EDB CE1369 LSE 0943 H is not a chip or i do not what is, and have 10 pins.

And have many chips tiny of 2,3 or 4 pins, i think none of them are not.

Pardon the inconvenience, not is that chip is the eeprom for programming, if it is one with many pins, can not do it. I think it is easier with the serial cable.


If you can tell me exactly which eeprom chip is the correct would be grateful.

Sorry but i novice total.

Or if there is another way to do it with willem more easy.

Thanks a lot.

Go to Top of Page
Reply #5

anniel

2572 Posts

Posted - 07/07/2016 :  17:50:04  Show Profile
What is your goal with the router?
Go to Top of Page
Reply #6

cyrax

Spain
43 Posts

Posted - 07/08/2016 :  07:13:26  Show Profile
Hello anniel.

I have a rootkit firmware...in all motherboards, routers....
My goal, is cleaning this rootkit of firmware, Of all the awkward equipments, and to install the version of the manufacturer.
Not if really I can do it, and I think that it is difficult.

On the other hand I think that I have the programmer willem usb affected as the rootkit.

I have opened willem programmer and see that there are three chips with the erased numeration.

I think that it is not normal, am going to put photos where they can turn the erased chips:I have more problems for post the info.

Some suggestion please?

Best regards, help please.






There is some way of verifying if willem programmer works correctly?






Go to Top of Page
Reply #7

anniel

2572 Posts

Posted - 07/08/2016 :  07:56:14  Show Profile
Grinded chips is probably to protect IP. If you want to check your GQ4X simply use the software in test mode.

Edited by - anniel on 07/08/2016 08:04:33
Go to Top of Page
Reply #8

cyrax

Spain
43 Posts

Posted - 07/08/2016 :  12:33:46  Show Profile
I very novice, and no have studies of this.

If you can say to me since connecting willem to the router to be able to clean the rootkit it would.

Perhaps had had that open a new post to know if willem works correctly, but already I've mixed the topic forgiveness.

If necessary, open a new post on the subject to know if willem works correctly, and continue with the question of willem connect to the router, not be chip or not is how to clean the rootkit's firmware.

Then is it normal that the chips are erased?
Please can someone put a photo of his willem or confirm it?

Do you want to say that it is a way of protecting the patent of willem?

I do not thing,forgive.

Trying to write a bios of motherboards , it had problems, not write totally the version of the manufacturer, because of it I doubt that it is affected, in another forum, they said to me that it is possible that on having connected willem to the awkward equipments, was contagious.

Sorry I have many doubts, I'll try not to ask much, but I have no other way of learning, forgive the inconvenience.

You can say to me since I put willem in test mode?

I need help with this, I have serious problems in real life because of this, anyone who can help me it will be very grateful.

If you were affected willem programmer, as you could return it to the factory State?

Well, thank you very much, I will be attentive to any clarification and help with this. I have to do it on many computers.

Best regards.

Go to Top of Page
Reply #9

anniel

2572 Posts

Posted - 07/09/2016 :  04:09:11  Show Profile
Yes, erased chips ID is probably a way to slow down the Chinese copies of the GQ-4X. It is a widely used technique.

I highly doubt that you can infect the GQ-4X with a motherboard. It would take very specific code targeted specifically to the GQ-4X and advanced knowledge of its inner working.

Start the software and click on menu Test H/W then Test H/W again.
Go to Top of Page
Reply #10

anniel

2572 Posts

Posted - 07/09/2016 :  04:29:16  Show Profile
Did you try ftp://ftp2.zyxel.com/P-660HW-D1/firmware/P-660HW-D1_340AGL10C0.zip ?
Go to Top of Page
Reply #11

cyrax

Spain
43 Posts

Posted - 07/09/2016 :  13:48:52  Show Profile
Hello anniel.

Good, supose is normal the erase of chips on willem,but i don't know.

I have a rootkit very advanced that is contagious for all the devices that have firmware, i doubt have willem contagious,but not it is.

I will try to do the tests that you mention in the next few days and will post.

It is not possible to update the firmware in the traditional way, by which the firmware rootkit prevents it, on all computers, routers, and others components that I have. is a low level firmware rookit or similar very contagious.


I can send tests and components if someone wants to see it more closely.

How willem could connect to the router? what chip is the eeprom for programing please, or only is for the port serial?

I have more routers, can post fotos or other routers for see is more easy conect willem.

Best regards



Go to Top of Page
Reply #12

anniel

2572 Posts

Posted - 07/09/2016 :  16:58:49  Show Profile
On first glance your Zyxel has no EEPROM. FLASH and/or processor with onboard memory seems to be on your router. For FLASH the GQ-5X is better. Did you try OpenWrt? Did you send your rootkit to competent authorities for analysis?
Go to Top of Page
Reply #13

cyrax

Spain
43 Posts

Posted - 07/10/2016 :  06:56:41  Show Profile


Ok, alone debit at the time to be able to get up-to-date for the serial port that the router incorporates. Maybe raise photos of other routers that I believe if they have eeprom.


I prove wich OpenWrt and others, but the low level rootkit firmware prevents the clean upgrade, in all computer systems hardware.



The test wich willem i prove:


Please remove any chip from the ZIF socket!

*****************************
* Testing VCC Without Load *
*****************************
VCC 3.6V test passed (code:0xb)+
VCC 5V test passed (code:0x0)-
VCC 5.5V test passed (code:0x4)+
VCC 6.2V test passed (code:0xd)-
VCC 6.5V test passed (code:0x16)-
*****************************
* Testing VPP Without Load *
*****************************
VPP 3.6V/5V test passed (code:0x6)-
VPP 12V test passed (code:0x8)+
VPP 12.7V test passed (code:0x7)+
VPP 15V test passed (code:0x5)+
VPP 21V test passed (code:0x9)-
VPP 25V test passed (code:0x3)-
*****************************
* Test Completed *
*****************************


Hardware detected!
Revision: GQ-4X Re-2.20
Serial #:A009292823


But the option of Test H/W is not possible, are disabled.... I think it is not normal, and there is a problem by not be able to test this option.Not is posible test H/W...


I go to autorities, but said me , i need a inform of a profesional informatics, and i no are informatic... I'm learning on my own.

I have more, more problems in real life, is a film of fear, realy, i need more help please.I have all comunications intercepted...i'm afraid for my life and that of my family, I will not go into details, but suffer things nasty.



I hired a few it professionals from the pc infected, and the identity of the company, they supplanted the company for false and invoice false without company stamp.


Currently am only with all the problem, not have work, or money, am to them last of health, need help with this, if someone professional could make me a report, could get to an agreement of money, could pay more afternoon.My family is out, are wich problems for this... no comment.

In short, I need a professional report to go to the police.

I have all detectec wich more programs:

Compare the firware i have wich the fabricant wich editor hexadecimal and change the version.

Analisis wich virus total in new option of analisis of firmware, and detect malware executables in firmware.

wich rootkit analitics.

Wich org/linux-uefi-validation tool

Wich program chipsec ( This program is included in org/linux-uefi-validation)

I have a log wich chipsec a hand,a user of a forum, selflessly has told me that it is wrong and has told me I have to see this log:

I can only pray and someone help me, please.

I even wrote letters to human rights organizations, but I do not answer...

The log of chipsec is this: Please someone help me or do something please implore.

[k@y:~/chipsec/source/tool$ sudo python chipsec_main.py

****** Chipsec Linux Kernel module is licensed under GPL 2.0

################################################################
## ##
## CHIPSEC: Platform Hardware Security Assessment Framework ##
## ##
################################################################
[CHIPSEC] Version 1.2.2
[CHIPSEC] Arguments:

****** Chipsec Linux Kernel module is licensed under GPL 2.0

ERROR: Unsupported Platform: VID = 0x1022, DID = 0x1566
ERROR: Platform is not supported (Unsupported Platform: VID = 0x1022, DID = 0x1566).
ERROR: To run anyways please use -i command-line option


k@y:~/chipsec/source/tool$ sudo python chipsec_main.py -i
[*] Ignoring unsupported platform warning and continue execution

****** Chipsec Linux Kernel module is licensed under GPL 2.0

################################################################
## ##
## CHIPSEC: Platform Hardware Security Assessment Framework ##
## ##
################################################################
[CHIPSEC] Version 1.2.2
[CHIPSEC] Arguments: -i

****** Chipsec Linux Kernel module is licensed under GPL 2.0

ERROR: Unsupported Platform: VID = 0x1022, DID = 0x1566
ERROR: Platform is not supported (Unsupported Platform: VID = 0x1022, DID = 0x1566).
WARNING: Platform dependent functionality is likely to be incorrect
[CHIPSEC] OS : Linux 3.13.0-36-generic #63-Ubuntu SMP Wed Sep 3 21:30:07 UTC 2014 x86_64
[CHIPSEC] Platform: UnknownPlatform
[CHIPSEC] VID: 1022
[CHIPSEC] DID: 1566

[*] loading common modules from "./chipsec/modules/common" ..
[+] loaded chipsec.modules.common.bios_wp
[+] loaded chipsec.modules.common.bios_kbrd_buffer
[+] loaded chipsec.modules.common.spi_lock
[+] loaded chipsec.modules.common.spi_desc
[+] loaded chipsec.modules.common.smm
[+] loaded chipsec.modules.common.bios_smi
[+] loaded chipsec.modules.common.smrr
[+] loaded chipsec.modules.common.bios_ts
[+] loaded chipsec.modules.common.secureboot.variables
[+] loaded chipsec.modules.common.uefi.access_uefispec
[+] loaded chipsec.modules.common.uefi.s3bootscript
[*] No platform specific modules to load
[*] loading modules from "./chipsec/modules" ..
[+] loaded chipsec.modules.module_template
[+] loaded chipsec.modules.remap
[+] loaded chipsec.modules.smm_dma
[*] running loaded modules ..

[*] running module: chipsec.modules.common.bios_wp
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/bios_wp.py
[x][ =======================================================================
[x][ Module: BIOS Region Write Protection
[x][ =======================================================================
[*] BC = 0xFF << BIOS Control (b:d.f 00:31.0 + 0xDC)
[00] BIOSWE = 1 << BIOS Write Enable
[01] BLE = 1 << BIOS Lock Enable
[02] SRC = 3 << SPI Read Configuration
[04] TSS = 1 << Top Swap Status
[05] SMM_BWP = 1 << SMM BIOS Write Protection
[-] BIOS region write protection is disabled!

[*] BIOS Region: Base = 0x00068000, Limit = 0x00300FFF
SPI Protected Ranges
------------------------------------------------------------
PRx (offset) | Value | Base | Limit | WP? | RP?
------------------------------------------------------------
PR0 (74) | 00FF8110 | 00110000 | 000FF000 | 0 | 1
PR1 (78) | 75FFF5FF | 075FF000 | 075FF000 | 0 | 1
PR2 (7C) | FFE0BFEA | 03FEA000 | 07FE0000 | 1 | 1
PR3 (80) | 03EBFFF5 | 07FF5000 | 003EB000 | 0 | 1
PR4 (84) | FF04C783 | 04783000 | 07F04000 | 1 | 1

[!] None of the SPI protected ranges write-protect BIOS region

[!] BIOS should enable all available SMM based write protection mechanisms or configure SPI protected ranges to protect the entire BIOS region
[-] FAILED: BIOS is NOT protected completely

[*] running module: chipsec.modules.common.bios_kbrd_buffer
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/bios_kbrd_buffer.py
[x][ =======================================================================
[x][ Module: Pre-boot Passwords in the BIOS Keyboard Buffer
[x][ =======================================================================
[*] Keyboard buffer head pointer = 0x20 (at 0x41A), tail pointer = 0x20 (at 0x41C)
[*] Keyboard buffer contents (at 0x41E):
0d 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
[-] Keyboard buffer tail points inside the buffer (= 0x20)
It may potentially expose lengths of pre-boot passwords. Was your password 2 characters long?
[*] Checking contents of the keyboard buffer..

[!] WARNING: Keyboard buffer is not empty. The test cannot determine conclusively if it contains pre-boot passwords.
The contents might have not been cleared by pre-boot firmware or overwritten with garbage.
Visually inspect the contents of keyboard buffer for pre-boot passwords (BIOS, HDD, full-disk encryption).

[*] running module: chipsec.modules.common.spi_lock
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/spi_lock.py
[x][ =======================================================================
[x][ Module: SPI Flash Controller Configuration Lock
[x][ =======================================================================
[*] HSFS = 0x0443 << Hardware Sequencing Flash Status Register (SPIBAR + 0x4)
[00] FDONE = 1 << Flash Cycle Done
[01] FCERR = 1 << Flash Cycle Error
[02] AEL = 0 << Access Error Log
[03] BERASE = 0 << Block/Sector Erase Size
[05] SCIP = 0 << SPI cycle in progress
[13] FDOPSS = 0 << Flash Descriptor Override Pin-Strap Status
[14] FDV = 0 << Flash Descriptor Valid
[15] FLOCKDN = 0 << Flash Configuration Lock-Down
[-] FAILED: SPI Flash Controller configuration is not locked

[*] running module: chipsec.modules.common.spi_desc
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/spi_desc.py
[x][ =======================================================================
[x][ Module: SPI Flash Region Access Control
[x][ =======================================================================
[*] FRAP = 0x83241C01 << SPI Flash Regions Access Permissions Register (SPIBAR + 0x50)
[00] BRRA = 1 << BIOS Region Read Access
[08] BRWA = 1C << BIOS Region Write Access
[16] BMRAG = 24 << BIOS Master Read Access Grant
[24] BMWAG = 83 << BIOS Master Write Access Grant
[*] Software access to SPI flash regions: read = 0x01, write = 0x1C

[+] PASSED: SPI flash permissions prevent SW from writing to flash descriptor

[*] running module: chipsec.modules.common.smm
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/smm.py
[x][ =======================================================================
[x][ Module: Compatible SMM memory (SMRAM) Protection
[x][ =======================================================================
[*] PCI0.0.0_SMRAMC = 0x00 << System Management RAM Control (b:d.f 00:00.0 + 0x88)
[00] C_BASE_SEG = 0 << SMRAM Base Segment = 010b
[03] G_SMRAME = 0 << SMRAM Enabled
[04] D_LCK = 0 << SMRAM Locked
[05] D_CLS = 0 << SMRAM Closed
[06] D_OPEN = 0 << SMRAM Open
[*] Compatible SMRAM is not enabled. Skipping..

[*] running module: chipsec.modules.common.bios_smi
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/bios_smi.py
[x][ =======================================================================
[x][ Module: SMI Events Configuration
[x][ =======================================================================
[+] SMM BIOS region write protection is enabled (SMM_BWP is used)

[*] Checking SMI enables..
Global SMI enable: 1
TCO SMI enable : 1
[+] All required SMI events are enabled

[*] Checking SMI configuration locks..
[+] TCO SMI configuration is locked (TCO SMI Lock)
[+] SMI events global configuration is locked (SMI Lock)

[+] PASSED: All required SMI sources seem to be enabled and locked

[*] running module: chipsec.modules.common.smrr
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/smrr.py
[x][ =======================================================================
[x][ Module: CPU SMM Cache Poisoning / System Management Range Registers
[x][ =======================================================================
[!] CPU does not support SMRR range protection of SMRAM
[*] SKIPPED: CPU does not support SMRR range protection of SMRAM

[*] running module: chipsec.modules.common.bios_ts
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/bios_ts.py
[x][ =======================================================================
[x][ Module: BIOS Interface Lock and Top Swap Mode
[x][ =======================================================================
[*] BC = 0xFF << BIOS Control (b:d.f 00:31.0 + 0xDC)
[00] BIOSWE = 1 << BIOS Write Enable
[01] BLE = 1 << BIOS Lock Enable
[02] SRC = 3 << SPI Read Configuration
[04] TSS = 1 << Top Swap Status
[05] SMM_BWP = 1 << SMM BIOS Write Protection
[*] BIOS Top Swap mode is enabled
[*] BUC = 0x200F0000 << Backed Up Control (RCBA + 0x3414)
[00] TS = 0 << Top Swap
[*] RTC version of TS = 0
[*] GCS = 0x0355E900 << General Control and Status (RCBA + 0x3410)
[00] BILD = 0 << BIOS Interface Lock Down
[10] BBS = 2 << Boot BIOS Straps

[-] FAILED: BIOS Interface is not locked (including Top Swap Mode)

[*] running module: chipsec.modules.common.secureboot.variables
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/secureboot/variables.py
[*] SKIPPED: OS does not support UEFI Runtime API
Skipping module chipsec.modules.common.secureboot.variables since it is not supported in this platform

[*] running module: chipsec.modules.common.uefi.access_uefispec
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/uefi/access_uefispec.py
[*] SKIPPED: OS does not support UEFI Runtime API
Skipping module chipsec.modules.common.uefi.access_uefispec since it is not supported in this platform

[*] running module: chipsec.modules.common.uefi.s3bootscript
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/common/uefi/s3bootscript.py
[*] SKIPPED: OS does not support UEFI Runtime API
Skipping module chipsec.modules.common.uefi.s3bootscript since it is not supported in this platform

[*] running module: chipsec.modules.module_template
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/module_template.py
Skipping module chipsec.modules.module_template since it is not supported in this platform

[*] running module: chipsec.modules.remap
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/remap.py
Skipping module chipsec.modules.remap since it is not supported in this platform

[*] running module: chipsec.modules.smm_dma
[*] Module path: /home/k/chipsec/source/tool/chipsec/modules/smm_dma.py
[x][ =======================================================================
[x][ Module: SMM TSEG Range Configuration Check
[x][ =======================================================================
/code]



I can put more information and response questions of any person interest in my problem, please help.

Greatings.






Go to Top of Page
Reply #14

anniel

2572 Posts

Posted - 07/10/2016 :  09:19:22  Show Profile
Here is the address of a few competent authorities for you to send your rootkit to for analysis but there is many others.

www.symantec.com/security_response/submitsamples.jsp#

www.mcafee.com/us/threat-center/resources/how-to-submit-sample.aspx

www.microsoft.com/en-us/security/portal/submission/submit.aspx

analysis.avira.com/en/submit

support.avg.com/SupportArticleView?l=en_US&urlName=What-to-do-when-I-suspect-an-undetected-file-is-infected
Go to Top of Page
Reply #15

cyrax

Spain
43 Posts

Posted - 07/10/2016 :  10:18:33  Show Profile
Thank you very much anniel.

But already I have neither forces nor health practically, am suffering poisonings in real life.

I am monitored constant, and do not believe that it could do anything from the awkward equipments, do not have possibility of moving nor to use telephones.

I will try to do something, but I am to the last ones, because of it he was asking for help in public forums in order that it is known.

If someone can do something for my, please do it.

Already I have prove of putting in touch with authorities for telephone and from the awkward equipments, but nothing works.

Thank you, I will try to do something, but I see it impossible.

Truth that willem is bad on not having been able to do the test H/W?

Thank you very much of all forms, I will try to do something if I can.

I think that it is a lost battle, and already it is too much late for my and my family.

Only I can make it public and pray that someone does something, which I think that nobody will do anything.

I will try to do what you have said to me, but I believe there will not work, If my health holds, maybe postee again any doubt relating to my great problem.

If someone wants to do something, I do not have any problem in putting my royal information in the network.

Best regards and thank you very much for listening to me.

Go to Top of Page
Reply #16

dashuaibiwang

Andorra
3 Posts

Posted - 10/03/2016 :  21:01:13  Show Profile
I recently bought something on a Web site, the service is also good.

I read what you published, I recently played a game and you want to share with you.


Our priority is fast and secure game service in the most famous games like: League of Legends, CsGo: Cs Go accounts and CsGo! We offer you elo boosting, rank boosting, leveling, coaching and skin shop, but we¡¯re able to provide you with almost any kind of service you wish us to do.It's a interesting game: www.csgo4skin.com
Go to Top of Page
Reply #17

anniel

2572 Posts

Posted - 07/15/2017 :  07:36:08  Show Profile
Andorra has nice tax free shops.
Go to Top of Page
Reply #18

supervizeur

462 Posts

Posted - 08/03/2017 :  05:46:49  Show Profile
quote:
Originally posted by anniel

Andorra has nice tax free shops.



True.
Go to Top of Page
  Previous Topic Topic Next Topic  
 Forum Locked
 Printer Friendly
Jump To:
MCUmall EPROM BIOS Chip Burner Forum © Copyright 2003 - 2009 Mcumall Electronics Inc. Go To Top Of Page
Generated in 0.14 sec. Snitz Forums 2000