- Joined
- Dec 6, 2020
- Messages
- 51
Well, I took a little time off from the internet to practice my "don't be petty asshole" skills. Didn't get very far.
Anyway, picked up a couple broken DVTn's on ebay. Paid at / above going price for working kits but whatever, I like to gamble and I'm a sucker for boxed goods.
Of the two broken kits I picked up, I've decided to open one. It has no rubber footie pads. It has no stickers covering the other two screws. I can safely open this kit without being destructive. Upon opening this kit, I find that the disc drive has a green sticker on it labeled "bad". Cool. This can easily be fixed.
At this point, I want to image the hard drive. I have a beaglebone black which I rig up to dump the eeprom of a retail console. I use some test clips to connect directly to the eeprom - no soldering involved. After some trial and error, the dump goes off without a hitch. I do the same to the dev kit, only this time I make use of the LPC header. For this process, I only had to wire up
I had sniffed the i2c traffic with a Salae Logic device on my retail console and dumped that eeprom before, but the same did not work with the broken dev kit. It does not boot to the point where the eeprom is read. I 've begun to wonder if an eeprom could be the payload to some vuln / exploit. The serial number is a null terminated ascii string. I don't think there is a whole lot of room to work here as it is followed by a checksum of sorts. I need to dig deeper. If the stars align, the eeprom could be a vector leading to 1.6 (or really any version assuming some undiscovered bug hasn't changed) softmodding.
End rant.
This kit is super cool. "Bad" sticker on the disc drive. "Q7E1" sticker on the motherboard with a little arrow pointing to some SMD. I'm assuming this is pointing to component with a "Q7E1" silkscreen next to it. The controller ports weren't plugged in when I opened it... as you may know, the controller ports have a male connector. The motherboard on this kit also has a male connector. There's no way they can connect.
I plan on posting some pictures / videos soon. For now I have to image the hard drive. Testing with an old adapter I had on a retail console's hard drive did not go well... I let out the magic smoke (on the adapter maybe) . I have the key, but I'm waiting on some components for my computer. I guess they got rid of IDE haha. I'm big on preservation so I'll be making the contents public in whatever way I can.
Hoping to grab the bios out of high mem once I have this thing going. Might try to clip it if I get super schizo. Hope y'all can enjoy the journey and maybe give some tips.
Some vid
Other file is too large to upload but its in the vid.
Anyway, picked up a couple broken DVTn's on ebay. Paid at / above going price for working kits but whatever, I like to gamble and I'm a sucker for boxed goods.
Of the two broken kits I picked up, I've decided to open one. It has no rubber footie pads. It has no stickers covering the other two screws. I can safely open this kit without being destructive. Upon opening this kit, I find that the disc drive has a green sticker on it labeled "bad". Cool. This can easily be fixed.
At this point, I want to image the hard drive. I have a beaglebone black which I rig up to dump the eeprom of a retail console. I use some test clips to connect directly to the eeprom - no soldering involved. After some trial and error, the dump goes off without a hitch. I do the same to the dev kit, only this time I make use of the LPC header. For this process, I only had to wire up
SCL
, SDA
, and GND
. The old program eeprog
did a good job dumping and and I was able to xxd -r
the output of xxd
to get it back to my host machine.I had sniffed the i2c traffic with a Salae Logic device on my retail console and dumped that eeprom before, but the same did not work with the broken dev kit. It does not boot to the point where the eeprom is read. I 've begun to wonder if an eeprom could be the payload to some vuln / exploit. The serial number is a null terminated ascii string. I don't think there is a whole lot of room to work here as it is followed by a checksum of sorts. I need to dig deeper. If the stars align, the eeprom could be a vector leading to 1.6 (or really any version assuming some undiscovered bug hasn't changed) softmodding.
End rant.
This kit is super cool. "Bad" sticker on the disc drive. "Q7E1" sticker on the motherboard with a little arrow pointing to some SMD. I'm assuming this is pointing to component with a "Q7E1" silkscreen next to it. The controller ports weren't plugged in when I opened it... as you may know, the controller ports have a male connector. The motherboard on this kit also has a male connector. There's no way they can connect.
I plan on posting some pictures / videos soon. For now I have to image the hard drive. Testing with an old adapter I had on a retail console's hard drive did not go well... I let out the magic smoke (on the adapter maybe) . I have the key, but I'm waiting on some components for my computer. I guess they got rid of IDE haha. I'm big on preservation so I'll be making the contents public in whatever way I can.
Hoping to grab the bios out of high mem once I have this thing going. Might try to clip it if I get super schizo. Hope y'all can enjoy the journey and maybe give some tips.
Some vid
Other file is too large to upload but its in the vid.
Attachments
Last edited: