Liteon iHASx24 drives: Crossflashing *within* a series (for C, D, and E series/revision drives)

[QUOTE=Ibex;2750836]It will be a long wait, Codeking retired a few years ago. ;)[/QUOTE]

noooo !!!

I think zak7 used either DOSFlash or LtnFlash to extract and replace EEPROM, not EEPROM Utility.

I cannot tell you what to change in the EEPROM file to make it compatible, unfortunately.

i try ltnflash to write eeprom without success…

[QUOTE=zak7;2696222]Just an update over in this thread too, I’ve managed to figure out how to extract the firmware from LiteOn’s new Flashers that don’t work with the extracting tools. As of now i have to manually do this procedure, however it takes merely a minute or less now that i’ve done it a few times. I’m planning on writing a new utility probably in cpp to do this automatically, if i can’t figure that out, i’ll probably just post a tutorial on how. [/QUOTE]

Any Progress?

After a long run with messing with the drives, i went on a hiatus, sorry for the absence, I’ve been catching up with the thread.

Unfortunately, the firmwares extracted from the exe’s, while the data that the binary writes, is not decryptable…which left me stumped for some time, when i thought i’d get one, i’d try it on another binary and reap complete gibberish. Perhaps this is a lack of my talent in whatever encoding/cryptography/blablabla they use to manage their binaries encryption so we can’t extract their raw firmwares for this very reason.

Either way, if an encryption god, or a codek1ng replacement wants to step up…I’m more then happy to join forces and make a effort…however it seems trivial if they’ve done what i expect they did with the binaries. My last attempt before the hiatus was actually monitoring a virtually mounted drive to dump all signals sent over the connection, in this case SATA…took alot of tweaking, some time trying in VM’s, and a few different drivers, and i got very little accomplished.

Sad story I know…wish i had been more productive on that firmware extractor, cause i love c++…

Crossflash (" unlocked flasher") LiteOn iHAS 122 E for LiteOn 124 E\ BenQ DW24AS -seamless \ required to restart the drive \ system .







[QUOTE=czary2mary1;2761152]Crossflash (" unlocked flasher") LiteOn iHAS 122 E for LiteOn 124 E\ BenQ DW24AS -seamless \ required to restart the drive \ system .[/QUOTE]

I knew the E revisions could be crossflash’d with my method, and was more than pleased to see others had success with the revision and crossflashing clones/rebadges to retail/stock iHAS E revision firmware.

What’s more though, it has been made that much easier for those of us still tinkering with drives, as well as others who’ve made it to the game late - and still want and prefer that “all-empowering” iHAS retail firmware.

I’m unsure if you’re the one responsible for unlocking the new (is this the new one?) flasher, as I thought it was scrambled and protected with new copyright protection - or if it was found/provided by a fellow forum user.

All things being equal, great walk-through on the neccesary procedure with the latest available “official” (albeit hacked?) utilities, and this time it appears it is one LiteON supplied for us (I assume…or you’ve done something incredible by imitating it’s GUI and functionality completely :bow: :disagree:)

I thank you for keeping this sticky up to snuff with the current tools. I hope I’ll be making additions myself in the near future.

Time will tell.

zak

[QUOTE=zak7;2761310]I’m unsure if you’re the one responsible for unlocking the new (is this the new one?) flasher, as I thought it was scrambled and protected with new copyright protection - or if it was found/provided by a fellow forum user.

All things being equal, great walk-through on the neccesary procedure with the latest available “official” (albeit hacked?) utilities, and this time it appears it is one LiteON supplied for us (I assume…or you’ve done something incredible by imitating it’s GUI and functionality completely :bow: :disagree:)
[/QUOTE]

Just to clarify, the unlocked flasher method has been around for quite a while, and there’s nothing new about it really. All you need is an unlocked flasher and an unscrambled binary file of the firmware you want to flash. These unlocked flashers are 100% LiteOn stock flashers, they are not hacked or modified in any way, and there are are quite a few unlocked ones around (it doesn’t matter for which drive model they are). For example, the recent iHAS124 E 4L0A flasher is one of these unlocked flashers, which can be used for this purpose…

The idea is that you drag and drop (or copy/paste) the unscrambled binary file on top of one of these unlocked flashers, and doing so essentially makes any of these unlocked flashers to pretty much behave like a standalone flasher and flash the drive you select from the list with the binary firmware you copy/paste (or drag and drop) on it.

Extracting/ripping the binaries from the LiteOn flashers, is a different matter altogether. While they can be extracted manually from memory dumps if you know what you’re doing, when it comes to extracting them directly from the LiteOn flashers themselves (i.e. writing a program to directly extract the *.bin file from the LiteOn flasher *.exe) we still don’t know how to do that (i.e. how to decrypt them directly). Again, nothing particularly new here.

The real breakthrough, has been the release of the new version of the EEPROM Utility (v6.2.0 SE) which C0deKing made available to us recently, and which allows us to make the necessary EEPROM changes when crossflashing requires such EEPROM changes. It is worth mentioning that thanks to C0deKing we also have a new version of the Flash Utility (read the relevant thread for details/limitations).

Any chance we can get an upload of the ihas324E bin. None of the zippyshares are working

[QUOTE=isocrazy;2761346]Any chance we can get an upload of the ihas324E bin. None of the zippyshares are working[/QUOTE]

Sure. Here are the *.bins for the latest iHAS124 E and iHAS324 E firmwares: http://www51.zippyshare.com/v/FlSSXs8l/file.html

Many thanks!

[QUOTE=cvs;2761339]Just to clarify, the unlocked flasher method has been around for quite a while, and there’s nothing new about it really. All you need is an unlocked flasher and an unscrambled binary file of the firmware you want to flash. These unlocked flashers are 100% LiteOn stock flashers, they are not hacked or modified in any way, and there are are quite a few unlocked ones around (it doesn’t matter for which drive model they are). For example, the recent iHAS124 E 4L0A flasher is one of these unlocked flashers, which can be used for this purpose…

The idea is that you drag and drop (or copy/paste) the unscrambled binary file on top of one of these unlocked flashers, and doing so essentially makes any of these unlocked flashers to pretty much behave like a standalone flasher and flash the drive you select from the list with the binary firmware you copy/paste (or drag and drop) on it.

Extracting/ripping the binaries from the LiteOn flashers, is a different matter altogether. While they can be extracted manually from memory dumps if you know what you’re doing, when it comes to extracting them directly from the LiteOn flashers themselves (i.e. writing a program to directly extract the *.bin file from the LiteOn flasher *.exe) we still don’t know how to do that (i.e. how to decrypt them directly). Again, nothing particularly new here.

The real breakthrough, has been the release of the new version of the EEPROM Utility (v6.2.0 SE) which C0deKing made available to us recently, and which allows us to make the necessary EEPROM changes when crossflashing requires such EEPROM changes. It is worth mentioning that thanks to C0deKing we also have a new version of the Flash Utility (read the relevant thread for details/limitations).[/QUOTE]

Oh - I appreciate you taking the time to explain the unscambled flasher bit, I think you may have misunderstood what I may have misunderstood though. I’m fully aware of firmware flashers and the unlocked ones, and was more so asking (by “new one”) referring to the fact that the last time I looked into these flashers latest versions - they we’re all “scrambled” and sort of “extraction-protected”…as in the normal .bin extracters that were posted could not extract a .bin file from the .exe, as they had in the past.

Also that FlashUtility did not work to read the firmwares. Perhaps I am mistaken in thinking that this was the situation…I just remember checking PE Explorer and debugging them in memory, and with the older ones you could literally find the .bin file sitting in memory, as well as change things like modifying registers in memory to make the “check” for the drive type to always return true. Newer ones you could find the block where the .bin was stored, but it was in no way something I would attempt to flash to my drive.

I initially started doing this to use the standard oem firmware exe’s to attempt to crossflash a drive that was a clone to a stock firmware when no .bin’s were currently available.

I’m slightly baked right now (shhh) but I hope this makes sense. I’m not even sure if that research would be relevant or worth pursuing again. Perhaps you can let me know.

Edit: Upon proof reading, I noticed you said “we still don’t know how to do that” - are you referring to what i consider the older firmware flashers? IE probably A B and stuff? or the later drives? Cause like i said, I successfully extracted a few .bin’s from memory that matched .bin’s made available from reading with FlashUtility…others on more later .exe’s from liteon we’re all scrambled data and never even looked like a full firmware file.

Also keep in mind - I just returned to checking into this stuff within the last month or two after being gone probably about a year from messing around with these drives. I happen to think we’re all lucky that c0deking decided to release a new version, and right after I decided to come back to myce too! :smiley:

Crossflash very rare on the HP DH16ACSHR fw.JHG6 for the Plextor PX-891SA .
No need to change the checksums. Most likely EEPROM also compatible with LiteOn iHAS324C \ Asus DRW-24B5ST .





Good to know that there’s no need to adjust the EEPROM checksums for this crossflash. :clap:

Can you post a copy of the DH16ACSHR JHG6 firmware dump please? Thanks! :flower:

[B]@cvs[/B]
Sent PM.:smiley:

It has been a while for me to experiment with crossflashing, but with FU7.2 and FU_Flasher, I was able to confirm both E and F series are capable of going forward and backward. Though neither drives exhibited the blinking LED afterwards, but I did use the change checksum feature in EU6.2SE.

Hi,

with your help i sucsessfully crossflash a DH16ACSHR into a iHAS324-C. Done this without a eeprom. Has anybody a iHAS524-C bin-file? I found nothing jet.

thanks,

max2322

[QUOTE=max2322;2767672]Has anybody a iHAS524-C bin-file? I found nothing jet.[/QUOTE]

You can find a copy of the (latest) iHAS524 C LL25 firmware here: http://www110.zippyshare.com/v/MJg4ArRd/file.html

Oh tank’s a lot, now I will try LabelTag :slight_smile:

Crossflash rare version of DH16ACSH fw.JA11 to the Plextor PX-891SA