Freescale Microcontroller IC chip Crack Typical Method

Freescale Microcontroller IC chip Crack Typical Method

Method of crack microcontroller IC chip from FREESCALE company has typical pattern to follow, we do some research and would like to take MC9S12DP256 microcontroller IC chip as example to introduce the crack way of FLASH microcontroller IC chip.

FREESCALE has a lot of different microcontroller which will use background debug mode as downloading and debug port.

BDM is a single line debug mode and microcontroller IC chip do the communication with programmer through only one pin. In HCS12 series microcontroller IC chip, there are standard BDM debug module inside it.

There are three different functions for BDM when crack microcontroller IC chip:

1 can read and write the internal RAM or ROM, download the user data to target IC chip or read the data out from RAM or ROM.

2 Install the microcontroller IC chip working way and resource. Part of storage system refers to microcontroller IC chip crack method and resource distribution can only be modified by BDM orders sent through programmer.

3 Program debugging: use BDM can read the internal RAM and CPU internal ROM, modify the program.

When HCS12 microcontroller IC chip under the status of decryption, use BDM hardware order can read the program out from FLASH ROM or write new program into it. BDM order can be sent out from isolated hardware when crack it. We can call it BDM programmer.

There are two ways of microcontroller IC chip crack, one is full encryption and one is for encryption by security password. These crack ways can be used in different situations according to customer requirement.

AM or ROM, download the user data to target IC chip or read the data out from RAM or ROM.

2 Install the microcontroller IC chip working way and resource. Part of storage system refers to microcontroller IC chip crack method and resource distribution can only be modified by BDM orders sent through programmer.

3 Program debugging: use BDM can read the internal RAM and CPU internal ROM, modify the program.

 

When HCS12 microcontroller IC chip under the status of decryption, use BDM hardware order can read the program out from FLASH ROM or write new program into it. BDM order can be sent out from isolated hardware when crack it. We can call it BDM programmer.

Complete microcontroller IC chip encryption:

Complete encryption means protect the microcontroller IC chip completely and shield the IC chip from all reading operation include crack. in MC9S12DP256 microcontroller, encryption can be carried out by programming a single unit of FLASH. The operation of BDM programmer against FLASH about reading will be prohibited after encryption.

After complete encryption, it will be impossible to read the ROM code which can be viewed as the most secure method. If user want to modify the code, wipe out all the data on the FLASH is the only way. And the operation can be fulfilled by BDM programmer.

When HCS12 microcontroller IC chip under the status of decryption, use BDM hardware order can read the program out from FLASH ROM or write new program into it. BDM order can be sent out from isolated hardware when crack it. We can call it BDM programmer.

Use BDM programmer to clean the content of FLASH ROM & EEPROM is same as the process of clear out by FLASH ROM. The only difference between them is read and write of register and storage unit is carried out by BDM order. Send a series of complete erasing sequence into microcontroller IC chip before crack through BDM status register and wipe out the content in FLASH ROM & EEPROM.

During the process of totally wipe out, BDM programmer can reset the system and system can check automatically to see if the microcontroller IC chip crack has been done successfully. If success, UNSEC in the BDM status register can set up to 1 and system will enter the crack decryption status.

When HCS12 microcontroller IC chip under the status of decryption, use BDM hardware order can read the program out from FLASH ROM or write new program into it. BDM order can be sent out from isolated hardware when crack it. We can call it BDM programmer.

Comments are closed.

top