How to get your box keys with a JTAG reader

Notes

  • Note 1: Will only work with DishNetwork Systems
  • Note 2: This is not for use with any Canadian Satellite System

Semi-Complicated BoxKey retreival Guide

Connecting the IRD Normally:

  1. Power down IRD (pull the plug).
  2. Connect JTAG dongle to computer parallel port.
  3. Power up IRD (plug back in).

To Get the keys:

  1. Connect the IRD (as shown above).
  2. Run jKeys.
  3. The software should automatically pick up the box keys.

To Save the Flash:

  1. Connect the IRD (as shown above).
  2. Run jKeys.
  3. Enter the Start Address as 7FF80000 and length as 80000. for 2700 - 3700 models
  4. Press Save Mem (or Save Flash in previous).

NOTE: most IRDs have flash starting address and length as shown which is why they are defaults.

Connecting the IRD to Erase/Program Flash:

  1. Power down IRD (pull the plug).
  2. Connect JTAG dongle to computer parallel port.
  3. Hold BRM0 LO (most IRDs, connect pad 1 to GND).
  4. Power up IRD (plug back in).

NOTE: after powered up, you can remove the BRM0 to GND connection.

To Erase Flash:

  1. Connect the IRD (as shown above to flash erase/program).
  2. Run jKeys.
  3. Press the Flash Tools button.
  4. Heed any warnings, I'm not responsible for any damages
  5. Press the Erase flash button (wait a couple of seconds).
  6. Ready to program now.

NOTE: Version 1.2or higher of jKeys assumes that the flash being programmed starts at 7ff80000 and has a size of 80000 bytes. It further assumes that the flash has a device ID of 2223 which is a 29F400T, and will recognize AMD(01) and Hynix(AD) manufacturers.

CAUTION: If the flash device is not recognized you can override this by proceeding through the warnings, but please only do so if you ARE CERTAIN ABOUT WHAT YOU ARE DOING. Again, I'm not responsible for any damages

To Program Flash:

  1. If resuming from step 6 of Erase Flash, proceed to step 6 following.
  2. Connect the IRD (as shown above to flash erase/program).
  3. Run jKeys.
  4. Press the Flash Tools button.
  5. Heed any warnings, I'm not responsible for any damages
  6. Press the Write Flash button.
  7. Select the file to write.

NOTE: expects a binary file, will write the image to 7ff80000 regardless of what the file is or how long the file is.

NOTE: During/After flash erase/program operations the IRD will not be responsive because, well, you changed the program So after doing so, ensure you power down the IRD (remove the power) and re-apply the power (plug it in) before doing further testing.

Back to support pages