Om te toets of 'n Bus Pirate werk, verbind +5V met VPU en 3.3V met ADC en kry toegang tot die buspiraat (Gebruik byvoorbeeld Tera Term) en gebruik die bevel ~:
# Use commandHiZ>~DisconnectanydevicesConnect (Vpu to+5V) and (ADCto+3.3V)Spacetocontinue# Press spaceCtrlAUXOKMODELEDOKPULLUPHOKPULLUPLOKVREGOKADCandsupply5V(4.96) OKVPU(4.96) OK3.3V(3.26) OKADC(3.27) OKBushighMOSIOKCLKOKMISOOKCSOKBusHi-Z0MOSIOKCLKOKMISOOKCSOKBusHi-Z1MOSIOKCLKOKMISOOKCSOKMODEandVREGLEDsshouldbeon!Anykeytoexit#Press spaceFound0errors.
Soos u in die vorige opdraglyn kan sien, het dit gesê dat dit 0 foute gevind het. Dit is baie nuttig om te weet dat dit werk nadat dit gekoop is of nadat 'n firmware geflits is.
Om met die bus-piraat te verbind, kan u die dokumente volg:
In hierdie geval gaan ek verbind met 'n EPROM: ATMEL901 24C256 PU27:
Om met die bus-piraat te praat, het ek Tera Term gebruik wat aan die piraatbus se COM-poort gekoppel is met 'n Opstelling --> Seriële Poort --> Spoed van 115200.
In die volgende kommunikasie kan u vind hoe om die bus-piraat voor te berei om I2C te praat en hoe om vanaf die geheue te skryf en te lees (Opmerkings verskyn met "#", moenie daardie deel in die kommunikasie verwag nie):
# Check communication with buspirateiBusPiratev3.5CommunityFirmwarev7.1-goo.gl/gCzQnW [HiZ 1-WIREUARTI2CSPI2WIRE3WIREKEYBLCDPICDIO]Bootloaderv4.5DEVID:0x0447REVID:0x3046 (24FJ64GA00 2B8)http://dangerousprototypes.com# Check voltagesI2C>vPinstates:1.(BR) 2.(RD) 3.(OR) 4.(YW) 5.(GN) 6.(BL) 7.(PU) 8.(GR) 9.(WT) 0.(Blk)GND3.3V5.0VADCVPUAUXSCLSDA--PPPIIIIIIIGND3.27V4.96V0.00V4.96VLHHLL#Notice how the VPU is in 5V becausethe EPROM needs 5V signals# Get mode optionsHiZ>m1.HiZ2.1-WIRE3.UART4.I2C5.SPI6.2WIRE7.3WIRE8.KEYB9.LCD10.PIC11.DIOx.exit(withoutchange)# Select I2C(1)>4I2Cmode:1.Software2.Hardware# Select Software mode(1)>1Setspeed:1.~5kHz2.~50kHz3.~100kHz4.~240kHz# Select communication spped(1)> 2Clutchdisengaged!!!Tofinishsetup,startupthepowersupplieswithcommand'W'Ready# Start communicationI2C>WPOWERSUPPLIESONClutchengaged!!!# Get macrosI2C>(0)0.Macromenu1.7bitaddresssearch2.I2Csniffer#Get addresses of slaves connectedI2C>(1)SearchingI2Caddressspace.Founddevicesat:0xA0(0x50W) 0xA1(0x50R)# Note that each slave will have a write address and a read address# 0xA0 ad 0xA1 in the previous case# Write "BBB" in address 0x69I2C>[0xA00x000x690x420x420x42]I2CSTARTBITWRITE:0xA0ACKWRITE:0x00ACKWRITE:0x69ACKWRITE:0x42ACKWRITE:0x42ACKWRITE:0x42ACKI2CSTOPBIT# Prepare to read from address 0x69I2C>[0xA00x000x69]I2CSTARTBITWRITE:0xA0ACKWRITE:0x00ACKWRITE:0x69ACKI2CSTOPBIT# Read 20B from address 0x69 configured beforeI2C>[0xA1r:20]I2CSTARTBITWRITE:0xA1ACKREAD: 0x42 ACK 0x42 ACK 0x42 ACK 0x20 ACK 0x48 ACK 0x69 ACK 0x20 ACK 0x44 ACK 0x72 ACK 0x65 ACK 0x67 ACK 0x21 ACK 0x20 ACK 0x41 ACK 0x41 ACK 0x41 ACK 0x00 ACK 0xFF ACK 0xFF ACK 0xFF
NACK
Sniffer
In hierdie scenario gaan ons die I2C kommunikasie tussen die arduino en die vorige EPROM bespied, jy hoef net beide toestelle te koppel en dan die bus piraat aan te sluit op die SCL, SDA en GND-penne:
I2C>m1.HiZ2.1-WIRE3.UART4.I2C5.SPI6.2WIRE7.3WIRE8.KEYB9.LCD10.PIC11.DIOx.exit(withoutchange)(1)>4I2Cmode:1.Software2.Hardware(1)>1Setspeed:1.~5kHz2.~50kHz3.~100kHz4.~240kHz(1)>1Clutchdisengaged!!!Tofinishsetup,startupthepowersupplieswithcommand'W'Ready# EVEN IF YOU ARE GOING TO SNIFF YOU NEED TO POWER ON!I2C>WPOWERSUPPLIESONClutchengaged!!!# Start sniffing, you can see we sniffed a write commandI2C>(2)SnifferAnykeytoexit[0xA0+0x00+0x69+0x41+0x41+0x41+0x20+0x48+0x69+0x20+0x44+0x72+0x65+0x67+0x21+0x20+0x41+0x41+0x41+0x00+]
