A method of disabling the protection CRP3 microcontroller LPC2478.
This method does not allow the reading of locked memory microcontroller.

https://youtu.be/G2EteKs_haQ

Details...
350?C

Good work friend.
Probably the success rate is not 100 %, but it is a good solution.
We thank you alll.

K-Tag pins. Photography is not mine

try ,but When I connect pin 148 mcu > 3.3v
led red not blink

Good find,MCU is susceptible to power glitch.

Not that susceptible to power glitch i guess. Thinking how things work, i suspect the trick is that after certain ammount of heat the microprocessor cannot read properly the flash content upon initialization, if just one single bit of the CRP3 pattern gets changed/corrupted the bootloader not enter/obey CRP3 mode inmediately and allow bootmode to kick in. Guess after that, the only operation allowed without recheck for CRP3 pattern again is FULL ERASE, that's why you cannot read MCU content once it cooled and have access to flash again. This is all theory/educated guess, haven't tested myself over a real MCU.

j-link You can read, is to try but always the same failure
no read target memory

have you try with ktag?

I see it takes two tools,
flash magic + j link.
I have only jlink I can do it, or do I need another tool where I can buy, Greetings

Only rs232 (uart) + flash magic.

need connect 12v ?
my led red always off if not connect 12v

LED need to monitor the state of the processor and it must be switched by the controller. If you do not have the power on the controller when connected by USB, then connect the other power source.

Good find, will check soon ;)

Sent from my GT-N7100 using Tapatalk

Can i ask for help here, i lifted off one pad from my ktag, and i cant find now where it should connect it to make it work. I marked it with yellow, its one of the pads that should be connected with white wire. i tried to solder wire, but it was too thick, and i lifted the whole pad as marked ... i preheated it i think, and it felt with the wire ;( I need to know where is it going, so i can fix it ...

Tried but not working, do you need to give 3.3v somewhere to Ktag, like in Kess? Or just heat and try to connect?

for kt*g you can try these 2 points

Its gnd and 3.3v ... what to wire there?

Sent from my GT-N7100 using Tapatalk

hello friends
after reset the CPU then what are the steps?
please post dump for NXP MCU and SD card arhive
thanks

i need ktag lpc2478
bin file
do you have?

hello friends
after reset the CPU then what are the steps?
please post dump for NXP MCU and SD card arhive
thanks


i need ktag lpc2478
bin file
do you have?

just use the search button forum

Its gnd and 3.3v ... what to wire there?

Sent from my GT-N7100 using Tapatalk

are the same points that used in the video , just in different location

but in the video its kess, no video with ktag and what to do with the 3.3v ...

So, we solder wire to 3.3v and touch ground?

yes ,and hot air

So, Is it possible to reset tokens as we reflash new firmware to the nxp that was locked and erased ?

no work with ktag is fake

no work with ktag is fake
:goodnight:

I also try with ktag now without success, i heat it untill green light stops itself ... then when it power on again, i reset with 3.3v and gnd ... tried alot times, either i make something wrong, or its just not working ...

Have anyone Hexfile to programm Kess V2 without CRP3???

You can make your hex from bin with jlink sw

Sent from my GT-N7100 using Tapatalk

unloacked by kess, not write nxp, put nxp in ktag, write ok and work

So we get one kess for unlock nxp then put in ktag? This mean not only me have no sucess with ktag unlock?

Sent from my GT-N7100 using Tapatalk

nice job:burnout:

Hi all,

Here are all pinouts.

Regards

I got problem with my kess ... i tried on 3 kess, no success, the problem is, when i connect the 25pin plug to kess, with the 2 jumped gnds, i dont get my kess tool red light on. If i disconnect the 25pin plug, i got it working. I tried first to plug the kess, to get the red light on, then to plug the 25 pin one ... and after one touch of the 3.3v wire(reset) i again get not lighting red light. Double and tripple checked, made few 25 pin connectors for tests, but when i connect pin1 and pin25 as on the pictures, kess dont start, and pc dont recognise it. I have now 3 laptops, and 3 kess to test, and they all work the same way ... just dont turn on with the 25pin plug in. Anybody know a fix?

you try invert the plug coneection?
i have this issue, inverted the cable and all ok

Hi all,

Here are all pinouts.

Regards
His pcb ktag is reset button , but If the pcb ktag isn?t reset button? Where can I find pinout the two blue wires " reset button"?

Thank you.

i was directed that i can do this with jlink, but on page 1, eduard tells us that its not working, so my question is now am i be able to glitch with my jlink and reflash or do i ahve to wait for a new uart device?

To flash the LPC2478 via Jlink, the level of protection should be CRP0, ie protection should be disabled. If security levels CRP1 and CRP2 have the ability to erase and reflash LPC2478 via UART, eg via USB to UART TTL adapter ftdi232 or cp2102 and Flashmagic program.
So buy a new chip or USB to UART TTL adapter.

I used this method yesterday, my NXP was blocked with C555, Kess working again, great job,
Now I do not worry about block nxp

Hello partners. I tried with 3 KESS make the operation as the videos and I have not been successful. you can tell me how much time and temperature? I tried 300c? and 350?. the red light is off but nothing. there is another type of operation? raise some PIN?


thanks and regards.

TxD and RxD pins are 5v ? just for try with some max232 to rs232 common interface

Hello from Argentina, i'am need firmware for kess 4.036 and Ktag 2.13 for repair with jlink. The interfaz is dead, after the internet conexion. Thank you.

Hi visio!
You do not need to flash the processor. It is necessary to replace the SD-card and update the protocols.
Good luck.

After this you can read the NXP?


Is there any way to read the NXP?

Good work thanks