Announcement

Collapse
No announcement yet.

MSS6x Flasher - Now released!

Collapse
This is a sticky topic.
X
X
Collapse
 
  • Page of 31
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 3 13 23 31 template Next
  • CF-CarParts Motorsport
    replied
    do you happen to have any dumbs with the vehicle running? I haven’t tried to do a ram read on a running vehicle, but I’m assuming you can?
    Do you mean you want to sniff?
    In attachment a really old one (060E).

    The biggest problem for me was checksum after changed values for immo delete. This takes most of time to figure out and solve it correctly.
    After was to integrate full obd and bdm lock + VIN lock.

    Injection (left) Internal flash - 512KB
    Injection (left) External flash - 2MB
    Ignition (right) Internal flash - 512KB
    Ignition (right) External Flash - 2MB
    Attached Files
    Last edited by CF-CarParts Motorsport; 08-10-2021, 05:51 AM.

    Leave a comment:

  • hobbit382
    replied
    Originally posted by CF-CarParts Motorsport View Post


    In which file size format you were working? This offset only can be in fullread... but in 3FExxx section there shouldn't be code .
    Just a hint. The correct immo off (working and tested, without CAS Unit (in mss60 and mss65)) is in left side of ecu . Maybe other ways are possible but in left side.
    Attach you several Rams of different versions of working DMEs from me
    the ram starts at 3F8000, offset that value to get the address from terras ram read since it’s only reading the ram.

    thank you for the dumps, I’m not seeing the values I expected, but it is helpful.

    do you happen to have any dumbs with the vehicle running? I haven’t tried to do a ram read on a running vehicle, but I’m assuming you can?
    Last edited by hobbit382; 08-10-2021, 04:51 AM.

    Leave a comment:

  • andriym6
    replied
    Originally posted by CF-CarParts Motorsport View Post
    Search in the threader... addresses are written down before .


    In which file size format you were working? This offset only can be in fullread... but in 3FExxx section there shouldn't be code .
    Just a hint. The correct immo off (working and tested, without CAS Unit (in mss60 and mss65)) is in left side of ecu . Maybe other ways are possible but in left side.
    Attach you several Rams of different versions of working DMEs from me
    Thank you for point me. Read full thread but some reason missed it.

    Sent from my SM-N960U using Tapatalk

    Leave a comment:

  • CF-CarParts Motorsport
    replied
    Can you share how to recover through the BDM. I order ktag but don't know how to splice backup file to write in the left and right processor.
    Thank you.
    Search in the threader... addresses are written down before .

    a year ago I was able to get a mss60 to start off a used dme by forcing 3FEB12 to 0. It ran but ran rough and threw a bunch of faults. I thought might have been checksum related. Due to the flash times with kess and not having a test vehicle I left it at that until I found your amazing app. Then I realized it’s not a checksum issue and need to find different way to bypass ews.

    I’m trying to see the values of 3FCEE0 and 3FCEE1 which I believe to be ews_st and ews_stw_st

    also 3FEB10 would be helpful.
    In which file size format you were working? This offset only can be in fullread... but in 3FExxx section there shouldn't be code .
    Just a hint. The correct immo off (working and tested, without CAS Unit (in mss60 and mss65)) is in left side of ecu . Maybe other ways are possible but in left side.
    Attach you several Rams of different versions of working DMEs from me
    Attached Files
    Last edited by CF-CarParts Motorsport; 08-10-2021, 02:33 AM.
    • Likes 1

    Leave a comment:

  • hobbit382
    replied
    Originally posted by terra View Post

    Anything in particular you're looking for? The app itself can dump the RAM
    working on ews delete. I need a ram read from a working dme, maybe even a ram read from a running vehicle?

    a year ago I was able to get a mss60 to start off a used dme by forcing 3FEB12 to 0. It ran but ran rough and threw a bunch of faults. I thought might have been checksum related. Due to the flash times with kess and not having a test vehicle I left it at that until I found your amazing app. Then I realized it’s not a checksum issue and need to find different way to bypass ews.

    I’m trying to see the values of 3FCEE0 and 3FCEE1 which I believe to be ews_st and ews_stw_st

    also 3FEB10 would be helpful.

    Leave a comment:

  • andriym6
    replied
    Originally posted by MpowerE36 View Post
    My feedback on MSS6x flasher and Bimmergeeks cable. I did approximately 10 program flashes without problems. Then I tried another program flash but the writing had stopped for no reason during the "injection program region 2". The progression bar of MSS6x flasher had stopped to progress and the led of the Bimmergeeks cable had stopped flashing. I don't know what was the problem.

    Now, I am going to try to recover it via bdm.
    Can you share how to recover through the BDM. I order ktag but don't know how to splice backup file to write in the left and right processor.
    Thank you.

    Sent from my SM-N960U using Tapatalk

    Leave a comment:

  • terra
    replied
    Originally posted by hobbit382 View Post
    I just stubbled across this. Terra you are amazing. This flasher is so much better than using kess.

    does anyone happen to have a ram read they would mind sharing?
    Anything in particular you're looking for? The app itself can dump the RAM

    Leave a comment:

  • hobbit382
    replied
    I just stubbled across this. Terra you are amazing. This flasher is so much better than using kess.

    does anyone happen to have a ram read they would mind sharing?

    Leave a comment:

  • MpowerE36
    replied
    My feedback on MSS6x flasher and Bimmergeeks cable. I did approximately 10 program flashes without problems. Then I tried another program flash but the writing had stopped for no reason during the "injection program region 2". The progression bar of MSS6x flasher had stopped to progress and the led of the Bimmergeeks cable had stopped flashing. I don't know what was the problem.

    Now, I am going to try to recover it via bdm.
    Last edited by MpowerE36; 08-06-2021, 01:15 PM.

    Leave a comment:

  • lenninger
    replied
    hey,
    first of all thank you for this program!
    I have an e92 M3 that already has a tune from another programmer.
    I did a full read and wanted to flash the rsa bypass with it.
    When i want to flash the rsa bypass the flasher tells me that i am not working with the orginal software....
    is there a solution to flash anyway?
    or can i find out if the rsa bypass is already flashed?
    greetings from germany and
    thanks for your help.
    Lenny

    Translated with www.DeepL.com/Translator (free version)

    Leave a comment:

  • andriym6
    replied
    Originally posted by CF-CarParts Motorsport View Post
    Hi, KTag works like a charm for it.
    You can safe some time by see some sites ago for terras ram adresses to build a ktag file from your backup mss6x flasher one. Or test by using good cable to get a connection and write your file.
    If you are from germany I also can help you with.
    Thank you sir. Order on. Will se how it go

    Sent from my SM-N960U using Tapatalk

    Leave a comment:

  • dominpl
    replied
    Hello everyone,

    I have a dcan cable that I'm using for couple of years now. I used it with winkfp, xhp flashtool and mhd flaser in my 335i with no issues, so is this cable safe to use with MSS60 Flasher (impressive worka developing this by the way)?
    I also have an ICOM, can it be used with flasher?

    Leave a comment:

  • CF-CarParts Motorsport
    replied
    Hi, KTag works like a charm for it.
    You can safe some time by see some sites ago for terras ram adresses to build a ktag file from your backup mss6x flasher one. Or test by using good cable to get a connection and write your file.
    If you are from germany I also can help you with.
    • Likes 1

    Leave a comment:

  • andriym6
    replied
    Hello. Yesterday I broke my M5 MSS65 DME with a bad cable doing RSA Bypass. I have full back up from it. Did anyone go through the recovery process and which BDM tools did you use or prefer?
    Any advice will be very much appreciated.

    Sent from my SM-N960U using Tapatalk

    Leave a comment:

  • CF-CarParts Motorsport
    replied
    Isnt it ABS fuse... lol. Speed limiter in MSS60 / MSS65 isnt hard to find and remove.

    Leave a comment:

Previous 1 3 13 23 31 template Next
Working...
X