Tutorial  Updated

How to flash the HWFLY Clone chips

See below for updates.

IF YOU BREAK YOUR BOOT0 PIN. DO NOT DM ME ASKING FOR HELP. THAT'S IT. YOU BREAK THAT PIN AND YOU CANT FLASH. YOUR CHIP IS STUCK WITH WHATEVER HWFLY PUT ON IT


Pre-requisites:




  • Raspberry Pi Zero W
    • You may use another flasher if you desire.
  • Pinout Diagram
  • Modchip Diagram
  • FULL_CHIP_STOCK.bin
  • Modchip Diagram, find the PA9(TX) and the PA10(RX) pins on your modchip, and do the following:
    • Connect GPIO14(TX) on your Raspberry Pi Zero W to the PA10(RX) pin on your modchip.
    • Connect GPIO15(RX) on your Raspberry Pi Zero W to the PA9(TX) pin on your modchip.

  1. Solder a wire to each of the following pinouts on the Raspberry Pi Zero W:
    • 3.3V
    • Ground
    • GPIO 14 (UART TX)
    • GPIO 15 (UART RX)
  2. Do the following to prepare the modchip:
    1. Lift pin 44 (also known as BOOT0).
    2. You will need a way to power the chip, so you need to find two 3.3v points. It can be on a MOSFET, but it will differ based on the revision of the modchip.
    3. Connect Ground on your Raspberry Pi Zero W to the Ground pin on your modchip.
    4. Check the Modchip Diagram, find the PA9(TX) and the PA10(RX) pins on your modchip, and do the following:
      • Connect GPIO14(TX) on your Raspberry Pi Zero W to the PA10(RX) pin on your modchip.
      • Connect GPIO15(RX) on your Raspberry Pi Zero W to the PA9(TX) pin on your modchip.
  3. Boot your Raspberry Pi Zero W and do the following:
    1. In the terminal, type the following command, and press enter:
      Bash:
      sudo nano /boot/config.txt
    2. Add the following line to the end of the file:
      INI:
      dtoverlay=pi3-miniuart-bt
    3. Press CTRL + X to save and exit the editor.
    4. In the terminal, type the following command, and press enter:
      Bash:
      sudo nano /boot/cmdline.txt
    5. Remove the following line from the file:
      INI:
      console=serial0,115200
    6. Press CTRL + X to save and exit the editor.
    7. Restart your Raspberry Pi with this command
      Bash:
      sudo /sbin/reboot
    8. In the terminal, type the following commands, and press enter after each command:

      Bash:
      git clone https://github.com/Pheeeeenom/stm32flash.git
      cd stm32flash
      sudo make install
  4. Now you will flash the modchip.
    Note: This will remove read protection, and the modchip will wipe itself (that is what we want).
    1. In the terminal, type the following command, and press enter:
      Bash:
      stm32flash -k /dev/serial0
    2. Now to flash Spacecraft-NX Version 0.2.0, type the following, and press enter:
      Bash:
      stm32flash -v -w ./FULL_CHIP_STOCK.bin /dev/serial0
  5. Once you're done flashing your modchip, remove the wiring from the modchip, and restore the 3.3v pin on the modchip to its original position.

Please post pictures of your work here to further the identification of the different board revisions!


UPDATE: So it seems like stitching the spacecraft bootloader and firmware together from the repo causes unstable glitching behaviors. For now, consistent glitching behavior works with this bootload/firmware combo.
This is the original file on the OLED variant chip which has 0.2.0 spacecraft. As for glitching, I'll figure it out, give me some time...unless someone else wants to hop in and reverse the differences.

For now, this at least solves the 0.1.0 HWFLY gen 3 issue. More to come.

UPDATE 2: This is only going to work on some HWFLY chips. Older ones use higher protection than the new revisions that seem to use the QFN FPGA.

UPDATE 3: This should fully work on OLED modchips with the QFN FPGA. https://github.com/Pheeeeenom/firmware
 
Last edited by Mena,

urherenow

Well-Known Member
Member
Joined
Mar 8, 2009
Messages
4,714
Trophies
2
Age
48
Location
Japan
XP
3,588
Country
United States
Yay! Got my v3 chip in the mail today, along with 99.9% IPA. Now I need the rest of the stuff to arrive… like the 0.1mm enameled wire and thermal paste and solder mask and stuff. So I can’t dig into the installation yet. This sucker is so tiny! Glad I asked the seller to get me the instruction page, because what you see here, is what you get. No instructions, or even a receipt in the box. No links to firmware or software. Confirmed it comes with the USB dongle though...

V3.jpg
 

xdMatthewbx

Well-Known Member
Newcomer
Joined
Nov 9, 2017
Messages
52
Trophies
0
Age
53
XP
407
Country
Canada
I don't know, this was given to me by a friend.

to be clear here: this has issues. "infinite glitching" still happens
Is overall glitching behaviour improved though? Does it get worse? Trying to decide if it's worth flashing since SD compatibility isn't a huge issue for me.

Also: someone mentioned putting "firmware.bin" and ".force_update" on the SD to update the firmware. Does this work? Is it recommended?
 
Last edited by xdMatthewbx,
  • Like
Reactions: lufeig

lufeig

Well-Known Member
Member
Joined
Oct 22, 2009
Messages
306
Trophies
1
Age
45
Location
São Paulo, Brazil
XP
1,057
Country
Brazil
Yay! Got my v3 chip in the mail today, along with 99.9% IPA. Now I need the rest of the stuff to arrive… like the 0.1mm enameled wire and thermal paste and solder mask and stuff. So I can’t dig into the installation yet. This sucker is so tiny! Glad I asked the seller to get me the instruction page, because what you see here, is what you get. No instructions, or even a receipt in the box. No links to firmware or software. Confirmed it comes with the USB dongle though...

View attachment 295212
 

urherenow

Well-Known Member
Member
Joined
Mar 8, 2009
Messages
4,714
Trophies
2
Age
48
Location
Japan
XP
3,588
Country
United States
Wait… crap. So I ordered the wrong wire? Should work anyway. I Hope. But I guess I didn’t need solder mask. I need a grinding pen still, so I have to wait for that.
 

lufeig

Well-Known Member
Member
Joined
Oct 22, 2009
Messages
306
Trophies
1
Age
45
Location
São Paulo, Brazil
XP
1,057
Country
Brazil
Yay! Got my v3 chip in the mail today, along with 99.9% IPA. Now I need the rest of the stuff to arrive… like the 0.1mm enameled wire and thermal paste and solder mask and stuff. So I can’t dig into the installation yet. This sucker is so tiny! Glad I asked the seller to get me the instruction page, because what you see here, is what you get. No instructions, or even a receipt in the box. No links to firmware or software. Confirmed it comes with the USB dongle though...

View attachment 295212
if you think that is tiny, wait until you have to scratch the console motherboard to expose point D and solder a wire on it. or another wire on the resistor right beside it ;)

Wait… crap. So I ordered the wrong wire? Should work anyway. I Hope. But I guess I didn’t need solder mask. I need a grinding pen still, so I have to wait for that
the video shows another wire option. there's no right or wrong, this one has silicon instead of enamel. you can use any of them, as long as you know how to use them.

solder mask is not necessarily needed, but you can use it to fix a wire or protect a soldering point.

and you don't need a grinding pen. I scratched my pcb with a needle. carefully and slowly. it took 1 minute or 2.
 
Last edited by lufeig,

Mena

Well-Known Member
OP
Member
Joined
Oct 5, 2020
Messages
148
Trophies
0
Age
29
XP
1,032
Country
United States
Is overall glitching behaviour improved though? Does it get worse? Trying to decide if it's worth flashing since SD compatibility isn't a huge issue for me.

Also: someone mentioned putting "firmware.bin" and ".force_update" on the SD to update the firmware. Does this work? Is it recommended?
50 glitches in this recording
 

Attachments

  • IMG_0993.MP4
    2.7 MB

lufeig

Well-Known Member
Member
Joined
Oct 22, 2009
Messages
306
Trophies
1
Age
45
Location
São Paulo, Brazil
XP
1,057
Country
Brazil
50 glitches in this recording
@Mena video appears broken to me, both on my computer and cellphone. is it only me?

Wait… crap. So I ordered the wrong wire? Should work anyway. I Hope. But I guess I didn’t need solder mask. I need a grinding pen still, so I have to wait for that.
@urherenow, out of curiosity, I noticed that you don't have any of the required materials to perform this kind of installation. have you ever did a service like this before? I know I should mind my own business first, but if this is your first time doing such small soldering, I would strongly suggest you to not try learning on the Switch. Trust me, it would probably be the most expensive lesson you ever had.
 

Mena

Well-Known Member
OP
Member
Joined
Oct 5, 2020
Messages
148
Trophies
0
Age
29
XP
1,032
Country
United States
@Mena video appears broken to me, both on my computer and cellphone. is it only me?


@urherenow, out of curiosity, I noticed that you don't have any of the required materials to perform this kind of installation. have you ever did a service like this before? I know I should mind my own business first, but if this is your first time doing such small soldering, I would strongly suggest you to not try learning on the Switch. Trust me, it would probably be the most expensive lesson you ever had.
https://cdn.discordapp.com/attachme....03E61677-7CEB-4CFF-83BC-9723551DB72D.MOV.mov
 
  • Like
Reactions: lufeig

xdMatthewbx

Well-Known Member
Newcomer
Joined
Nov 9, 2017
Messages
52
Trophies
0
Age
53
XP
407
Country
Canada
50 glitches in this recording
Oh damn then yea I'd say improved.

As for the flashing thing? Will that work? I'm on Linux so flashing even by USB will be difficult (not sure if the flasher works in wine, doubt it due to the whole driver thing)
 

FR0ZN

Well-Known Member
Member
Joined
Nov 2, 2013
Messages
1,362
Trophies
1
Age
37
XP
3,816
Country
United States
OP says this only works on QFN style FPGAs.
Are there pictures of modchips that 100% don't work?
How do not compatible FPGAs look?
 

lufeig

Well-Known Member
Member
Joined
Oct 22, 2009
Messages
306
Trophies
1
Age
45
Location
São Paulo, Brazil
XP
1,057
Country
Brazil
@Mena I have just flashed my OLED modchip through USB using the latest file (0.2.0 China proper edition) you provided here: https://github.com/Pheeeeenom/firmware

I think it flashed successfully (cmd windows closed immediately after flashing, so I couldn't see anything after it finished) and training lasted approx 10 minutes.

Could you please help me by answering the questions below?

Should it show the fw version on the lower-right corner of the NOSD screen?

Should it turn off in 2 seconds by pressing the power button on the NOSD screen?

Or are those features not present in the fw version?

Mine doesn't have them and glitching times don't seem to have improved.
 
Last edited by lufeig,

Mena

Well-Known Member
OP
Member
Joined
Oct 5, 2020
Messages
148
Trophies
0
Age
29
XP
1,032
Country
United States
@Mena I have just flashed my OLED modchip through USB using the latest file (0.2.0 China proper edition) you provided here: https://github.com/Pheeeeenom/firmware

I think it flashed successfully (cmd windows closed immediately after flashing, so I couldn't see anything after it finished) and training lasted approx 10 minutes.

Could you please help me by answering the questions below?

Should it show the fw version on the lower-right corner of the NOSD screen?

Should it turn off in 2 seconds by pressing the power button on the NOSD screen?

Or are those features not present in the fw version?

Mine doesn't have them and glitching times don't seem to have improved.
Those features are currently not present. I’m currently waiting on more reports before I add SD card compatibility. If you want me to send that to you privately, I can. I don’t like having to keep track of who has what but if you want it I can do it
 
  • Like
Reactions: lufeig

lufeig

Well-Known Member
Member
Joined
Oct 22, 2009
Messages
306
Trophies
1
Age
45
Location
São Paulo, Brazil
XP
1,057
Country
Brazil
Those features are currently not present. I’m currently waiting on more reports before I add SD card compatibility. If you want me to send that to you privately, I can. I don’t like having to keep track of who has what but if you want it I can do it
Thank you very much, I really appreciate your kindness, but it won't be necessary.

I just wanted to make sure, and wanted to give you my feedback about glitching times, since I read on another thread that the non usb modchip version had almost instant glitching times. Mine obviously is the USB version, and it seems to be random, sometimes it blinks 15 times before glitching, sometimes 12, 30, twice, 86... who knows? maybe it's trying to tell me winning lottery numbers. LOL
 
Last edited by lufeig,

MrGrinch

Member
Newcomer
Joined
Jul 31, 2020
Messages
23
Trophies
0
Age
46
XP
90
Country
United States
I just wanted to make sure, and wanted to give you my feedback about glitching times, since I read on another thread that the non usb modchip version had almost instant glitching times. Mine obviously is the USB version, and it seems to be random, sometimes it blinks 15 times before glitching, sometimes 12, 30, twice, 86... who knows? maybe it's trying to tell me winning lottery numbers. LOL

I had the same experience at first. 25-35 pulses before going green. I recently updated to the r021 firmware and made sure I let it complete the training routine and now it only pulses 2-5 times max. Data point of 1, so take it for what it's worth. I only planned to try the r021 firmware to see how it behaved and then move to Mena's FW, but it's worked so well that I don't want to mess with it now.
 

lufeig

Well-Known Member
Member
Joined
Oct 22, 2009
Messages
306
Trophies
1
Age
45
Location
São Paulo, Brazil
XP
1,057
Country
Brazil
I had the same experience at first. 25-35 pulses before going green. I recently updated to the r021 firmware and made sure I let it complete the training routine and now it only pulses 2-5 times max. Data point of 1, so take it for what it's worth. I only planned to try the r021 firmware to see how it behaved and then move to Mena's FW, but it's worked so well that I don't want to mess with it now.
Thanks for sharing!

I left my switch opened, so I'll try the r021 version right now and report will here.
 

Mena

Well-Known Member
OP
Member
Joined
Oct 5, 2020
Messages
148
Trophies
0
Age
29
XP
1,032
Country
United States
I had the same experience at first. 25-35 pulses before going green. I recently updated to the r021 firmware and made sure I let it complete the training routine and now it only pulses 2-5 times max. Data point of 1, so take it for what it's worth. I only planned to try the r021 firmware to see how it behaved and then move to Mena's FW, but it's worked so well that I don't want to mess with it now.
My firmware replicates their glitch.c. Your results should be identical
 
  • Like
Reactions: Donnie-Burger

lufeig

Well-Known Member
Member
Joined
Oct 22, 2009
Messages
306
Trophies
1
Age
45
Location
São Paulo, Brazil
XP
1,057
Country
Brazil
so I flashed firmware r021 provided by sthetix on my oled mochip through usb.

I started it 15 times and counted how many pulses it took to glitch successfully: 3, 2, 7, 4, 10, 3, 2, 4, 2, 12, 3, 3, 8, 2, 10. quick math, average is 5.

undoubtedly better timings than 0.2.0 China proper edition. I don't know what difference in coding results in this better performance, but I will keep r021 at least by now, and would agree with you, @MrGrinch.

again, thanks for sharing your experience.
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • No one is chatting at the moment.
  • Sicklyboy @ Sicklyboy:
    maaaaan that's so awesome but I also don't want to fork over a hundo for it
  • Veho @ Veho:
    The fuuuuu---
  • Veho @ Veho:
    I thought it was an actual xBox at that price.
  • Sicklyboy @ Sicklyboy:
    I wanna grab a 360 Slim and a 360 E one of these days. Missed the boat of getting them at their lowest though, once they were discontinued. Could've got them for cheap back when I was a broke 20 something working at Target, but then again, I was a broke 20 something working at Target
  • Veho @ Veho:
    Being broke is no fun.
  • K3Nv2 @ K3Nv2:
    @Sicklyboy, $150 isn't that bad for a jtag slim on ebay
  • Veho @ Veho:
    I only wish it was actually playable.
  • Veho @ Veho:
    There's a guy on the Tube of You that makes playable mechanical arcade games out of Lego. This could work on the same principle.
  • Veho @ Veho:
    Just a couple of guys taking their manatee out for some fresh air, why you have to molest them?
  • Veho @ Veho:
    Stupid Chinese shop switched their shipping company and this one is slooooooow.
  • LeoTCK @ LeoTCK:
    STOP BUYING CHINESE CRAP THEN
  • LeoTCK @ LeoTCK:
    SUPPORT LOCAL PRODUCTS, MAKE REVOLUTION
  • LeoTCK @ LeoTCK:
    THEY KEEP REMOVING LOCAL SHIt AND REPLACING WItH INFERIOR CHINESE CRAP
  • LeoTCK @ LeoTCK:
    THATS WHY MY PARTNER CANT GET A GOOTWEAR HIS SIZE ANYMORE
  • LeoTCK @ LeoTCK:
    HE HAS BIG FOOT AND BIG DUCK
  • LeoTCK @ LeoTCK:
    d*ck i mean*
  • LeoTCK @ LeoTCK:
    lol
  • Veho @ Veho:
    Mkay.
  • Veho @ Veho:
    I just ordered another package from China just to spite you.
  • SylverReZ @ SylverReZ:
    Leo could not withstand communism.
  • SylverReZ @ SylverReZ:
    Its OUR products to begin with lol.
    SylverReZ @ SylverReZ: Its OUR products to begin with lol.