You are not logged in. Please login or register.
SoliForum - 3D Printing Community → XYZ Printing Hacks & Mods → XYZ Printing Da Vinci Jr (w) / Da Vinci Mini (w) Hacking
It's weird - page 00h and 01h is read only, that's right. But I can't modify page 02 too. Any ideas, please?
You don't need to. Leave it
Ok, thank you...
jodynek wrote:It's weird - page 00h and 01h is read only, that's right. But I can't modify page 02 too. Any ideas, please?
You don't need to. Leave it
yizhou.he wrote:nilezon wrote:Yes. The eeprom dump reveals it could probably remember 108 UIDs.
My real question is what happens after it read 108 UIDs, it will stop recording or delete the first record or delete the last record, 108 paper sticker still quiet expensive, but how it handle the 109th UID may leave room for possible hack.
Nobody know yet. You can be the one to find out!
I would guess the index resets to 0, thus overwriting the oldest UIDs. Just speculation though, as I havent gone digging with IDA yet.
Finally, it is working! Thanks to all for help... 
Ok, thank you...
nilezon wrote:jodynek wrote:It's weird - page 00h and 01h is read only, that's right. But I can't modify page 02 too. Any ideas, please?
You don't need to. Leave it
Bozotclown1970 wrote:You must have some really good soldering equipment. My problem is I don;t want to tear my board up unsoldering the chip. Then I have to solder something back on so I can re-attach the chip. I can do it with a flame thower.
Buy a SOIC test clip and a BusPirate (or similar) and you can read/write/empty both the eeprom and the Atmel/NXP chips without any (advanced) soldering.
So I finally received my test clip today and it works great. I thought the firmware was sotred on th eeprom and loaded into the processor on startup. Do you have any idea where the formware is saved? What I am looking for is a way to downlgrade the firmware using these tools.
nilezon wrote:Bozotclown1970 wrote:You must have some really good soldering equipment. My problem is I don;t want to tear my board up unsoldering the chip. Then I have to solder something back on so I can re-attach the chip. I can do it with a flame thower.
Buy a SOIC test clip and a BusPirate (or similar) and you can read/write/empty both the eeprom and the Atmel/NXP chips without any (advanced) soldering.
So I finally received my test clip today and it works great. I thought the firmware was sotred on th eeprom and loaded into the processor on startup. Do you have any idea where the formware is saved? What I am looking for is a way to downlgrade the firmware using these tools.
The firmware is just temporarily stored on the eeprom during a firmware upgrade. The Atmel chip has it's own flash memory where the current firmware code is stored and run from.
With a test clip and SPI reader/writer you can reset the UIDs in the eeprom and the re-use tags.
To downgrade firmware you need to solder a few cables and then use an SWD debug probe (J-Link EDU Mini is cheap and will probably work). I have not tried downgrading (yet), so I cannot give you step-by-step instructions.
Can I upgrade firmware of the da Vinci Mini W printer to the latest version when I'm using NTAG stickers? Will be stickers working normally after update? Thanks for response.
Can I upgrade firmware of the da Vinci Mini W printer to the latest version when I'm using NTAG stickers? Will be stickers working normally after update? Thanks for response.
There is no reason why the password/pack acceptance will be affected by upgrading the printer firmware.
Nilezon's solution should work for ALL XYZ printers that use the NFC cards whatever the firmware.
Strange behaviour. On my Mini, I removed the EEPROM and I'm using Rhys emulator. But I still can't refill tag: the only data accepted are original one. Each time I try to use generated data, or even new remaining length on original data, it fails.
So, is there a tool that can check the integrity, the coherence of the generated data please ?
Is there a tag database in XYZWare as it seems it can't be anymore in the printer without the EEPROM ?
Thanks
Strange behaviour. On my Mini, I removed the EEPROM and I'm using Rhys emulator. But I still can't refill tag: the only data accepted are original one. Each time I try to use generated data, or even new remaining length on original data, it fails.
So, is there a tool that can check the integrity, the coherence of the generated data please ?
Is there a tag database in XYZWare as it seems it can't be anymore in the printer without the EEPROM ?Thanks
There's a online check in the Windows application.
jodynek wrote:Can I upgrade firmware of the da Vinci Mini W printer to the latest version when I'm using NTAG stickers? Will be stickers working normally after update? Thanks for response.
There is no reason why the password/pack acceptance will be affected by upgrading the printer firmware.
Nilezon's solution should work for ALL XYZ printers that use the NFC cards whatever the firmware.
True.
Actually, I'm quite sure the firmware you are upgrading (the one in the Atmel chip) has no knowledge what so ever of the key/pack. The NXP chip controlling the NFC reader does all the kay/pack calculations and validations, and the Atmel chip is only getting the NFC tag contents.
tpe wrote:Strange behaviour. On my Mini, I removed the EEPROM and I'm using Rhys emulator. But I still can't refill tag: the only data accepted are original one. Each time I try to use generated data, or even new remaining length on original data, it fails.
So, is there a tool that can check the integrity, the coherence of the generated data please ?
Is there a tag database in XYZWare as it seems it can't be anymore in the printer without the EEPROM ?Thanks
There's a online check in the Windows application.
Thanks for your reply. What Windows application is it ? XYZWare ? So far, I only use command line for tag information based on python scripts. I also cut all online communication (using host file method).
Ok, so I don't have to block access to the following addresses:
127.0.0.1 xyz.com
127.0.0.1 xyzprinting.com
127.0.0.1 us.xyzprinting.com
127.0.0.1 support.xyzprinting.com
127.0.0.1 xyzportal.cloudapp.net
127.0.0.1 www.xyzprinting.com
Is it right?
cgrillo wrote:jodynek wrote:Can I upgrade firmware of the da Vinci Mini W printer to the latest version when I'm using NTAG stickers? Will be stickers working normally after update? Thanks for response.
There is no reason why the password/pack acceptance will be affected by upgrading the printer firmware.
Nilezon's solution should work for ALL XYZ printers that use the NFC cards whatever the firmware.True.
Actually, I'm quite sure the firmware you are upgrading (the one in the Atmel chip) has no knowledge what so ever of the key/pack. The NXP chip controlling the NFC reader does all the kay/pack calculations and validations, and the Atmel chip is only getting the NFC tag contents.
Strange behaviour. On my Mini, I removed the EEPROM and I'm using Rhys emulator. But I still can't refill tag: the only data accepted are original one. Each time I try to use generated data, or even new remaining length on original data, it fails.
So, is there a tool that can check the integrity, the coherence of the generated data please ?
Is there a tag database in XYZWare as it seems it can't be anymore in the printer without the EEPROM ?Thanks
did you try with tag data that had a length of 200m? from what I've read the Mini's don't work with a tag that has a length greater then 200m
Mini works with 300m filament.
tpe wrote:Strange behaviour. On my Mini, I removed the EEPROM and I'm using Rhys emulator. But I still can't refill tag: the only data accepted are original one. Each time I try to use generated data, or even new remaining length on original data, it fails.
So, is there a tool that can check the integrity, the coherence of the generated data please ?
Is there a tag database in XYZWare as it seems it can't be anymore in the printer without the EEPROM ?Thanks
did you try with tag data that had a length of 200m? from what I've read the Mini's don't work with a tag that has a length greater then 200m
Mini works with 300m filament.
rhys wrote:tpe wrote:Strange behaviour. On my Mini, I removed the EEPROM and I'm using Rhys emulator. But I still can't refill tag: the only data accepted are original one. Each time I try to use generated data, or even new remaining length on original data, it fails.
So, is there a tool that can check the integrity, the coherence of the generated data please ?
Is there a tag database in XYZWare as it seems it can't be anymore in the printer without the EEPROM ?Thanks
did you try with tag data that had a length of 200m? from what I've read the Mini's don't work with a tag that has a length greater then 200m
I had trouble printing with a 300m tag on my MiniMaker. I will investigate it further when I get some time.
jodynek wrote:Mini works with 300m filament.
rhys wrote:did you try with tag data that had a length of 200m? from what I've read the Mini's don't work with a tag that has a length greater then 200m
I had trouble printing with a 300m tag on my MiniMaker. I will investigate it further when I get some time.
nilezon wrote:jodynek wrote:Mini works with 300m filament.
I had trouble printing with a 300m tag on my MiniMaker. I will investigate it further when I get some time.
Maybe page 9 must be 0x00353637 when you use 300m? I tried with a random number.
Random in page 9 works fine for 200m.
I've pages:
09 0035344A
10 E0930400
11 E0930400
And it works...
jodynek wrote:
nilezon wrote:I had trouble printing with a 300m tag on my MiniMaker. I will investigate it further when I get some time.
Maybe page 9 must be 0x00353637 when you use 300m? I tried with a random number.
Random in page 9 works fine for 200m.
I've pages:
09 0035344A
10 E0930400
11 E0930400And it works...
nilezon wrote:jodynek wrote:
Maybe page 9 must be 0x00353637 when you use 300m? I tried with a random number.
Random in page 9 works fine for 200m.
Could you send me the file that is working for you please ?
Here is the file not working, if you want to test it.
0435BDAA
32B44280
79480000
E1101200
0103A00C
340300FE
00000000
00000000
5A504F00
0035344A
E0930400
E0930400
D2002D00
54484742
E09304FF
00000000
00000000
34000000
00000000
00000000
400D0300
081F3154
50B1E0CE
52E74F76
00000000
00000000
00000000
00000000
00000000
000000FF
00000000
00000000
00000000
00000000
00000000
00000000
00000000
00000000
00000000
00000000
000000BD
070000FF
80050000
3D34CDF7
E3140000
The problem is:
- remaining length is OK (200m).
- all other info are empty
I can't try it right now - I don't have NFC phone on one's person.
There should be working file:
04A5321B
0ADE4980
79480000
E1101200
0103A00C
340300FE
00000000
00000000
5A504F00
0035344A
E0930400
E0930400
D2002D00
54484742
E09304FF
00000000
00000000
34000000
00000000
00000000
E0930400
A8813654
F03FEECE
F26E4D76
00000000
00000000
00000000
00000000
00000000
000000FF
00000000
00000000
00000000
00000000
00000000
00000000
00000000
00000000
00000000
00000000
000000BD
070000FF
80050000
07BF0B70
4E640000
jodynek wrote:I've pages:
09 0035344A
10 E0930400
11 E0930400And it works...
nilezon wrote:Maybe page 9 must be 0x00353637 when you use 300m? I tried with a random number.
Random in page 9 works fine for 200m.Could you send me the file that is working for you please ?
Here is the file not working, if you want to test it.
0435BDAA
32B44280
79480000
E1101200
0103A00C
340300FE
00000000
00000000
5A504F00
0035344A
E0930400
E0930400
D2002D00
54484742
E09304FF
00000000
00000000
34000000
00000000
00000000
400D0300
081F3154
50B1E0CE
52E74F76
00000000
00000000
00000000
00000000
00000000
000000FF
00000000
00000000
00000000
00000000
00000000
00000000
00000000
00000000
00000000
00000000
000000BD
070000FF
80050000
3D34CDF7
E3140000The problem is:
- remaining length is OK (200m).
- all other info are empty
I can't try it right now - I don't have NFC phone on one's person.
There should be working file:04A5321B
0ADE4980
79480000
E1101200
0103A00C
340300FE
00000000
00000000
5A504F00
0035344A
E0930400
E0930400
D2002D00
54484742
E09304FF
00000000
00000000
34000000
00000000
00000000
E0930400
A8813654
F03FEECE
F26E4D76
00000000
00000000
00000000
00000000
00000000
000000FF
00000000
00000000
00000000
00000000
00000000
00000000
00000000
00000000
00000000
00000000
000000BD
070000FF
80050000
07BF0B70
4E640000tpe wrote:jodynek wrote:I've pages:
09 0035344A
10 E0930400
11 E0930400And it works...
Could you send me the file that is working for you please ?
Here is the file not working, if you want to test it.
0435BDAA
32B44280
79480000
E1101200
0103A00C
340300FE
00000000
00000000
5A504F00
0035344A
E0930400
E0930400
D2002D00
54484742
E09304FF
00000000
00000000
34000000
00000000
00000000
400D0300
081F3154
50B1E0CE
52E74F76
00000000
00000000
00000000
00000000
00000000
000000FF
00000000
00000000
00000000
00000000
00000000
00000000
00000000
00000000
00000000
00000000
000000BD
070000FF
80050000
3D34CDF7
E3140000The problem is:
- remaining length is OK (200m).
- all other info are empty
Sorry to say that but it's not working. Still the same symptoms.
But I'm happy to say it's working well.
No, I'm not mad (not too much), but I have 2 different behaviours. One is working: on Windows. One is not working: on MacOS. Same emulator, same file, same hardware (Windows is running on a virtual machine on my Mac).
So the problem is the XYZ software, not the printer or the hack. Seems there is a bug on the Mac version.
That's interesting find out
That's interesting find out
Quite surprising, and may be an indication that software is developed by 2 different teams. But we have to be careful as the future Windows versions may include the same controls as MacOS version, and it may prevent the hack to work.
Unfortunately, that´s possible. Cat and mouse game 
jodynek wrote:That's interesting find out
Quite surprising, and may be an indication that software is developed by 2 different teams. But we have to be careful as the future Windows versions may include the same controls as MacOS version, and it may prevent the hack to work.
SoliForum - 3D Printing Community → XYZ Printing Hacks & Mods → XYZ Printing Da Vinci Jr (w) / Da Vinci Mini (w) Hacking
Powered by PunBB, supported by Informer Technologies, Inc.
