Difference between revisions of "Xbox 360 BenQ VAD6038 Flash"
| Line 2: | Line 2: | ||
== DosFlash == | == DosFlash == | ||
Download the DosFlash tool [http://www.xboxhacker.net/index.php?topic=8517.0] and put DosFlash files from the DosFlash16 folder on a working MS-DOS boot disk. | Download the DosFlash tool [http://www.xboxhacker.net/index.php?topic=8517.0] and put the DosFlash files from the DosFlash16 folder on a working MS-DOS boot disk. | ||
== Install Switch == | == Install Switch == | ||
| Line 22: | Line 22: | ||
== Read Flash == | == Read Flash == | ||
Disconnect the drive from the computer if it's connected. | Disconnect the drive from the computer if it's connected and turn the switch to OFF-position. | ||
# Boot MS-DOS and connect the SATA cable to the computer. | # Boot MS-DOS and connect the SATA cable to the computer. | ||
| Line 28: | Line 28: | ||
# Connect the power cable to the BenQ drive. | # Connect the power cable to the BenQ drive. | ||
# A second later turn the switch to ON. | # A second later turn the switch to ON. | ||
# In DosFlash, enter the number of the drive, normally '6', press enter. | # In DosFlash, enter the number of the discovered drive, normally '6', press enter. | ||
# To read the firmware, press 'r', and enter a new filename to dump the firmware. | # To read the firmware, press 'r', and enter a new filename to dump the firmware. | ||
# The drive should now be dumping the 4 banks. | # The drive should now be dumping the 4 banks. | ||
Revision as of 13:38, 30 September 2007
For a few months the new BenQ VAD6038 drive for the Xbox 360 couldn't be dumped or flashed. A new DosFlash tool by Schtrom made it possible to access the drive flash memory.
DosFlash
Download the DosFlash tool [1] and put the DosFlash files from the DosFlash16 folder on a working MS-DOS boot disk.
Install Switch
For the DosFlash application to read the BenQ flash memory, the power to the flash memory has to be applied after DosFlash discovered the drive. The purpose of this is to go around the FirmGuard and jump into the flash memory right before the FirmGuard protection is enabled.
By delaying powering up (with a switch) the flash memory after applying power to the drive, the FirmGuard can be circumvented.
Cut Traces
Two traces has to be cut to install the switch. The traces are on the bottom side of the circuit board, facing down into the drive.
I used a razorblad to cut the traces and a fiberpen to scratch the coating to expose the copper.
<<
Solder Switch
Solder two wires to the traces facing away from the cut and flash memory, as seen in the picture below. Connect the ends to a simple on/off switch.
<<
Read Flash
Disconnect the drive from the computer if it's connected and turn the switch to OFF-position.
- Boot MS-DOS and connect the SATA cable to the computer.
- Execute DosFlash.exe and wait for it to finish searching for drives.
- Connect the power cable to the BenQ drive.
- A second later turn the switch to ON.
- In DosFlash, enter the number of the discovered drive, normally '6', press enter.
- To read the firmware, press 'r', and enter a new filename to dump the firmware.
- The drive should now be dumping the 4 banks.
Write Flash
To flash the drive, replace 'r' with 'w' in the procedure above.
