Jump to content

Rebranding Atheros AR5006EG to a Vanilla Card


iHack13
 Share

222 posts in this topic

Recommended Posts

.........................

ath_info -f -g 3:0 -w 0xdfc00000 0085 280 (note the -f to force and not need of type yes)

 <lot of code>
 #ERR do_write_pairs: offset 0x0085: wrote 0x0280 but read 0x0200

 bt ~ #

EDIT: Ignore this reply since you have found the solution.

 

Have you try to write with other GPIO (-g) value? Please read ath_info.c file for more information.

 

kizwan

Link to comment
Share on other sites

EDIT: Ignore this reply since you have found the solution.

 

Have you try to write with other GPIO (-g) value? Please read ath_info.c file for more information.

 

kizwan

 

Many thx for your quick answer, now i have the card looking like:

02:00.0 Network controller: Atheros Communications, Inc. AR5006EG 802.11 b/g Wireless PCI Express Adapter (rev 01)
lspci -v :
02:00.0 Network controller: Atheros Communications, Inc. AR5006EG 802.11 b/g Wireless PCI Express Adapter (rev 01)
Subsystem: Apple Computer Inc. Device 0086
Flags: fast devsel
Memory at <unassigned> (64-bit, non-prefetchable) [disabled]
Capabilities: [40] Power Management version 2
Capabilities: [50] Message Signalled Interrupts: Mask- 64bit- Queue=0/0 Enable-
Capabilities: [60] Express Legacy Endpoint, MSI 00
Capabilities: [90] MSI-X: Enable- Mask- TabSize=1
Capabilities: [100] #168c
Capabilities: [001] #1c16

now i have this on dmesg: (same as before rebranding.)

ath_attach: devid 0x1c
unable to attach hardware; HAL status 13
start [/SourceCache/AirPortDriverAtheros5424/AirPortDriverAtheros5424-314.43.1/src/driver/AtherosController.cpp:516] loaded unsuccessfully

 

any suggests?

Link to comment
Share on other sites

02:00.0 Network controller: Atheros Communications, Inc. AR5006EG 802.11 b/g Wireless PCI Express Adapter (rev 01)
  lspci -v :
  02:00.0 Network controller: Atheros Communications, Inc. AR5006EG 802.11 b/g Wireless PCI Express Adapter (rev 01)
   Subsystem: Apple Computer Inc. Device 0086
   Flags: fast devsel
   Memory at <unassigned> (64-bit, non-prefetchable) [disabled]
   Capabilities: [40] Power Management version 2
   Capabilities: [50] Message Signalled Interrupts: Mask- 64bit- Queue=0/0 Enable-
   Capabilities: [60] Express Legacy Endpoint, MSI 00
   Capabilities: [90] MSI-X: Enable- Mask- TabSize=1
   Capabilities: [100] #168c
   Capabilities: [001] #1c16

Looks like successful rebranding, but I don't have any idea why it still not working. I assume you have tried cool-boot your laptop, right? Maybe you can try to boot to windows (if you have dual boot with windows), turn on your wireless card & reboot to OS X.

 

kizwan

Link to comment
Share on other sites

Looks like successful rebranding, but I don't have any idea why it still not working. I assume you have tried cool-boot your laptop, right? Maybe you can try to boot to windows (if you have dual boot with windows), turn on your wireless card & reboot to OS X.

 

kizwan

 

fail! i dont have any other os than osx on the wind. the backtrack i have it on a sdcard (wireless spoofing - aircrack-ng)

the card seems to work well on linux

Link to comment
Share on other sites

Ok I now am able to boot correctly with 10.5.7 update, ethernet is now working thanks to the kext in 10.5.7.

 

My problem now is that in networkprefs plist I have my ethernet as en0 and airport as en1, however in system profiler it shows them the other way around, I have heard that having airport as en1 is sometimes the key to success. My card shows up but cannot find any networks. do you think that it would work if I could get the airport to be en1?

 

EDIT: So i managed to get the airport as en1 and ethernet as en0 but it still just endlessly scans and finds nothing, guess its time to buy a dell 1390 card.

 

Can you post your syslog (just maximize terminal and then) :

syslog |grep ath

and after:

syslog |grep io8

 

Paste both. I guess that you are having the same isues people are getting on the modded kexts. It would be great also that someone paste here the io80211family.kext from the 5007EG macbooks so we could compare if there is also something different on their plugin kexts

Link to comment
Share on other sites

Can you post your syslog (just maximize terminal and then) :

syslog |grep ath

and after:

syslog |grep io8

 

Paste both. I guess that you are having the same isues people are getting on the modded kexts. It would be great also that someone paste here the io80211family.kext from the 5007EG macbooks so we could compare if there is also something different on their plugin kexts

 

I'll have to reinstall osx as I have run into some other problems. I will post what you've asked for later this evening

Link to comment
Share on other sites

nothing happens when I input those commands in terminal, what am I doing wrong? Do I need to change directories and if so, what to?

 

EDIT: I am writing this connected to wireless, unfortunately I am having to use the kismac method to get a connection, but it is working so there has to be a proper solution to my problem.

Link to comment
Share on other sites

nothing happens when I input those commands in terminal, what am I doing wrong? Do I need to change directories and if so, what to?

 

EDIT: I am writing this connected to wireless, unfortunately I am having to use the kismac method to get a connection, but it is working so there has to be a proper solution to my problem.

 

be sure to have the interface down

ifconfig ath0 down

Link to comment
Share on other sites

ifconfig ath0 down

 

This command told me i didn't have priveliges, so I added sudo to the start and all went well, however the syslog commands still do nothing in terminal.

 

To clarify, I am using a Samsung NC10 with mysticus and jas nc10 10.5.6 iso then updated to 10.5.7 with mysticus' patches.

 

I have no idea what is going on.

Link to comment
Share on other sites

i still continue without a working atheros card. now im running windosx86 10.5.4 updated to 10.5.7

lspci output:

02:00.0 Network controller: Atheros Communications, Inc. AR5006EG 802.11 b/g Wireless PCI Express Adapter (rev 01)

lspci -v

02:00.0 Network controller: Atheros Communications, Inc. AR5006EG 802.11 b/g Wireless PCI Express Adapter (rev 01)
Subsystem: Apple Computer Inc. Device 0086
Flags: fast devsel
Memory at <unassigned> (64-bit, non-prefetchable) [disabled]
Capabilities: [40] Power Management version 2
Capabilities: [50] Message Signalled Interrupts: Mask- 64bit- Queue=0/0 Enable-
Capabilities: [60] Express Legacy Endpoint, MSI 00
Capabilities: [90] MSI-X: Enable- Mask- TabSize=1
Capabilities: [100] #168c
Capabilities: [001] #1c16

Note: On Backtrack linux it works charmely with injections, monitor mode and normal mode. no changes since the rebranding

Link to comment
Share on other sites

these commands are supposed to be run in osx and not linux right?

 

Those shell script is a simple script to compile the binaries on ubuntu.

 

i can indicate the successfull use of a live cd, exactly "backtrack3" cause it has madwifi modules and ath_info installed, and its live, so its able to start from sdcard.

 

btw. i get now the atheros workin, but it detects any wlan.

picture1qzy.png

post-421149-1242803509_thumb.png

Link to comment
Share on other sites

Hi there!!!!

I tried to rebrand an atheros AR5007 from a Samsung NC10, I succefully reanded it with ubuntu, The card is showing now Apple IDs and still working really well in ubuntu, but when I try to boot OSX I have a kenel PAnic:

 

kernel loadable modules in backtrace .... :

com.apple.drivers.AirPortBrcm43xx....

dependency com.apple.iokit. IOPCIFAmily (2.6.......

 

Any idea why it's not working under osx???

 

Update, I tried to play around with IO812etccc...kext by removing the ID 168.e4 from brodcom driver and injecting this value in atheros drivers but the result is no go snifff :-( help!

Link to comment
Share on other sites

  • 2 weeks later...

I have some questions that I'm sure are no brainers, but I would rather be safe than sorry. I have a D-Link DWL-G520 that I am trying to rebrand. My current specs are:

 

class_id is 200

vendor_id is 168c

device_id is 0013

subven_id is 1186

subdev_id is 3a13

 

I followed the tutorial and have the dump available, but looking at the address chart by iHack13 in step 4 of the tutorial I am confused about the address.

 

EEPROM dump (16384 byte)

==============================================

0001: 168c 0200 0001 0000 5001 0000 3a13 1186

0009: 1c0a 0100 0000 01c2 0002 c606 0001 0000

0011: 0000 0000 0000 0000 0000 0000 0000 0000

 

when entering the: ath_info -g 3:0 -w 0x<memory_loc> <class_id_loc> 280

 

should memory location be 0001

and class_id_loc be 0001

and is there a space between the two memory locations?

Also, my dump produced 8 identicl lines with the device_id as the last entry in the dump but preceding the other 7 listings.

 

03f9: 0000 0000 0000 0000 0000 0000 0000 0013

0401: 168c 0200 0001 0000 5001 0000 3a13 1186

0409: 1c0a 0100 0000 01c2 0002 c606 0001 0000

0411: 0000 0000 0000 0000 0000 0000 0000 0000

 

In case your wondering, I would like to change this to

 

class_id 280

vendor_id 168c

device_id 001c

subven_id 168c

subdev_id 3061

 

My Hack is a P4 HT prescott 3Ghz HP a1240n running XP SP3, Leopard 10.5.7 and Tiger 10.4.11

Linux is on an external....screwed up my bootloader but I can still get to my internal!!

 

Any other advice is welcome...

 

Since I haven,t heard from anyone....I thought I would give it a go.

I entered:

ath_info -g 3:0 -w 0x00010001 280

 

and got this error: Mmap of device at 0X00010001 for 0x10000 bytes failed - invalid argument

 

ANY HELP OUT THERE?????

Link to comment
Share on other sites

Hi there!!!!

I tried to rebrand an atheros AR5007 from a Samsung NC10, I succefully reanded it with ubuntu, The card is showing now Apple IDs and still working really well in ubuntu, but when I try to boot OSX I have a kenel PAnic:

 

kernel loadable modules in backtrace .... :

com.apple.drivers.AirPortBrcm43xx....

dependency com.apple.iokit. IOPCIFAmily (2.6.......

 

Any idea why it's not working under osx???

 

Update, I tried to play around with IO812etccc...kext by removing the ID 168.e4 from brodcom driver and injecting this value in atheros drivers but the result is no go snifff :-( help!

 

I have been experimenting too. I found that after the rebranded card boots into OS X it will have a kernel panic if

you are using a patched kext. You need to get the vanilla kext for your os version 10.5.7 or whatever. I am still messing with mine...still not working in os x...

Link to comment
Share on other sites

  • 3 weeks later...

Hi,

 

 

 

I'm using Leo 10.5.7 on my Asus 900 with Voodoo 9.5 SSE2 Kernel. I can (have) succesfully changed the eeprom on my wifi card.

 

OSX still doesn't want to use this card as "native". I still have to use IO80211Family 2.1.2 kext and use KisMac to activate. With KisMac it works perfectly, so I know the card works under OSX. When I try with the original IO80211 kext that comes with the 10.5.7 upgrade OSX doesnt recognize any airport.

 

Any suggestions which Ven ID/Dev ID I should use (could try) to get this card working natively??

 

Thanks

Link to comment
Share on other sites

  • 4 weeks later...
Hi !

I'm trying to rebrand a atheros 5006eg from a eeepc 701

I'm stuck at ath_info -d 0xfbef0000

This gives me an error : Mac version 0xffff is not supported.

 

What can i do to bypass this ?

Thanks

 

sama, were you able to solve this issue??

I happen to have the same issue and fixed it by doing a workaround the drivers of the card apparently the card is not even natively supported by ubuntu and some tweaks have to be done in other for you to read the card with ath_info utility..

 

let me know or PM me!!

Link to comment
Share on other sites

I rebranded an wifi pci card as this guide. It is an Atheros 5006x ar5413 b/g. The vendor id and the device id are unchanged: 168c , 001b. For windows was simple, i changed the .inf file and everything is ok. But Mac OS X, does not seen it ( ideneb v1.5 Snow Leopard 10.5.7). Give me some help please, what kext do i need to use for make it working. And if it is needed to insert the vendor id and the device id in the info of the kext. Thanks a lot

Link to comment
Share on other sites

  • 3 weeks later...

hi, i have successfully rebranded my atheros ar5007eg card from BENQ JOybook Lite u101, after rebranding, it's working on xp, detected as ar5006, and i made a fresh install of my os x, using ipc osx86 10.5.6, after install i get kernel panic, so i booted from dvd, installed the IO8211-something, i was able to boot, however, my card is not detected in mac os

 

edit 1:

hmmn... mac os x detects my card as AirPort Extreme (0x168c,0x86)

however, i still need kismac to connect to network..

Link to comment
Share on other sites

hi, I have bricked my gigabyte gn-wi07ht-rh last weekend. I would change the class_id and then after power reconnect the card wouldnt be recognized. before I have reset the Laptop I have get a dump of the registers. Now it comes!

the command ath_info -g 3:0 -w 0x0fa000000 class_id 0x0280 has written to the card, but the offset for change the class_id is WRONG!!! it has wrote to 0x03 and it should be wrote to 0x085. After this Failure is the header Type of the card unknown and the PCI-e autoconfig fails. in effect the card (and the Port) could not be initialized. I have tried to initialize the port with another wlan card (ar5007eg) change to gigabyte and then to repair the register with value from first dumped rom. This also fails cause after change the card will recognize with false magic 0xfffff. LSPCI told that header 7f is from unknown type. I think there is no way to repair the card without special hardware.

 

here comes the warning: if You would change the class_id. Find the right offset from table above and compare with dump of your card. Then use the manually recherched offset address for writing to the card. Don't Use the named offset class_id!!! This may brick Your card !!! Here was some people with the same problem in past... I don't know if this failure is only in some versions of ath_info or madwifi or general. In fact there is a hi chance that the named offset table is incorrect! :rolleyes:

 

I hope You will make it better :)

 

 

Szifu

Link to comment
Share on other sites

  • 3 weeks later...

Hello all!

I've successfully rebranded my atheros wifi card in my notebook - acer aspire 5920g. Previously i had Intel 3945 inside it, but two days ago i've changed it to Atheros AR50006X (AR5BXB63) from some broken Toshiba notebook. All my ID values in EEPROM is exactly same, as you. After rebrand and many reboots there is right info in "lspci -nnvv" output (apple, etc.) but still no luck with MacOSX 10.5.6 - message "bla-bla-bla/Airport/ loaded unsuccessfully".

But...

If I manually try to load with "kextload -t -v /System/Library/Extensions/AppleAirport.kext", it prints that this kext has wrong arch - and that's right, "file /System/Library/Extensions/AppleAirport.kext" prints ppc arch. What do you think about it?

 

-------------------------------

Dmitiy Vasin

AI Technologies Group.

Link to comment
Share on other sites

Move that kext somewhere else or rename the extension. Seems to be the wrong one.

Try loading /System/Library/Extensions/IO80211Family.kext/Contents/PlugIns/AirPortAtheros.kext instead

 

Hello! Still not working after this operations :( AirPortAtheros.kext loads successfully, but nothing happens with network interfaces.

 

 

I've tried KissMAC, but no luck again :)

 

Maybe, something wrong with my rebrand?

 

Here is output from "lspci -vvnn" in Ubuntu 9.10 LiveCD:

 

06:00.0 Network controller [0280]: Atheros Communications Inc. AR242x 802.11abg Wireless PCI Express Adapter [168c:001c] (rev 01)
 	   Subsystem: Apple Computer Inc. Device [106b:004e]
 	   Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx-
 	   Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx-
 	   Latency: 0, Cache Line Size: 64 bytes
 	   Interrupt: pin A routed to IRQ 19
 	   Region 0: Memory at 88000000 (64-bit, non-prefetchable) [size=64K]
 	   Capabilities: [40] Power Management version 2
 			   Flags: PMEClk- DSI- D1- D2- AuxCurrent=375mA PME(D0-,D1-,D2-,D3hot-,D3cold-)
 			   Status: D0 PME-Enable- DSel=0 DScale=0 PME-
 	   Capabilities: [50] Message Signalled Interrupts: Mask- 64bit- Queue=0/0 Enable-
 			   Address: 00000000  Data: 0000
 	   Capabilities: [60] Express (v1) Legacy Endpoint, MSI 00
 			   DevCap: MaxPayload 128 bytes, PhantFunc 0, Latency L0s <128ns, L1 <2us
 					   ExtTag- AttnBtn- AttnInd- PwrInd- RBE- FLReset-
 			   DevCtl: Report errors: Correctable- Non-Fatal- Fatal- Unsupported-
 					   RlxdOrd+ ExtTag- PhantFunc- AuxPwr- NoSnoop-
 					   MaxPayload 128 bytes, MaxReadReq 512 bytes
 			   DevSta: CorrErr- UncorrErr+ FatalErr- UnsuppReq+ AuxPwr- TransPend-
 			   LnkCap: Port #0, Speed 2.5GT/s, Width x1, ASPM L0s L1, Latency L0 <512ns, L1 <64us
 					   ClockPM- Suprise- LLActRep- BwNot-
 			   LnkCtl: ASPM Disabled; RCB 128 bytes Disabled- Retrain- CommClk+
 					   ExtSynch- ClockPM- AutWidDis- BWInt- AutBWInt-
 			   LnkSta: Speed 2.5GT/s, Width x1, TrErr- Train- SlotClk+ DLActive- BWMgmt- ABWMgmt-
 	   Capabilities: [90] MSI-X: Enable- Mask- TabSize=1
 			   Vector table: BAR=0 offset=00000000
 			   PBA: BAR=0 offset=00000000
 	   Capabilities: [100] Advanced Error Reporting <?>
 	   Capabilities: [140] Virtual Channel <?>
 	   Kernel driver in use: ath5k
 	   Kernel modules: ath5k

 

 

Looks like normal rebrand, right? And this is from "ioreg -l" directly in my Leopard 10.5.8:

 

| |   | +-o IOPCI2PCIBridge  <class IOPCI2PCIBridge, registered, matched, active, busy 0, retain 7>
    | |   |   | {
    | |   |   |   "IOProviderClass" = "IOPCIDevice"
    | |   |   |   "IOProbeScore" = 18446744073709551516
    | |   |   |   "CFBundleIdentifier" = "com.apple.iokit.IOPCIFamily"
    | |   |   |   "Bridge Memory Ranges" = (18446744071564230656,18446744071565213695,18446744073708503040,1048575)
    | |   |   |   "IOMatchCategory" = "IODefaultMatchCategory"
    | |   |   |   "Bridge IO Ranges" = (61440,4095)
    | |   |   |   "IONameMatched" = "pci-bridge"
    | |   |   |   "IOClass" = "IOPCI2PCIBridge"
    | |   |   |   "IONameMatch" = "pci-bridge"
    | |   |   |   "IOPowerManagement" = {"ChildrenPowerState"=2,"CurrentPowerState"=2}
    | |   |   | }
    | |   |   | 
    | |   |   +-o network@0  <class IOPCIDevice, registered, matched, active, busy 0, retain 6>
    | |   |	   {
    | |   |		 "IOPCIResourced" = Yes
    | |   |		 "IOInterruptControllers" = ("io-apic-0","IOPCIMessagedInterruptController")
    | |   |		 "IOName" = "network"
    | |   |		 "subsystem-id" = <4e000000>
    | |   |		 "IOPCIExpressLinkCapabilities" = 211985
    | |   |		 "IODeviceMemory" = (({"address"=18446744071564165120,"length"=65536}))
    | |   |		 "class-code" = <00800200>
    | |   |		 "IOPowerManagement" = {"CurrentPowerState"=2}
    | |   |		 "revision-id" = <01000000>
    | |   |		 "IOInterruptSpecifiers" = (<1300000007000000>,<0600000000000100>)
    | |   |		 "assigned-addresses" = <1000038200000000000020800000000000000100>
    | |   |		 "built-in" = <00>
    | |   |		 "IOChildIndex" = 1
    | |   |		 "device-id" = <1c000000>
    | |   |		 "vendor-id" = <8c160000>
    | |   |		 "name" = "network"
    | |   |		 "subsystem-vendor-id" = <6b100000>
    | |   |		 "IOPCIExpressLinkStatus" = 4113
    | |   |		 "reg" = <0000030000000000000000000000000000000000100003020000000000000000000000000000
0100>
    | |   |		 "compatible" = <"pci106b,4e","pci168c,1c","pciclass,028000">
    | |   |	   }

 

 

Is this correct values or something goes wrong? Any help would be appreciated! Thanks.

 

-------------------------------

Dmitiy Vasin

AI Technologies Group

Link to comment
Share on other sites

 Share

×
×
  • Create New...