Hidden serial service-port

[Go4IT]

While browsing through the disassembly of the preFL firmware (AG) i found something which may be a hidden service port for the device. I traced down the port this routines accessing and found out that they connect an RXD/TXD to the IPC connector at pins, not utilized by the car.
It's most likely that this is specially made for service functions for the manufacturer (Visteon). I'm not 100% what it all does, but there is a "switch-statement" which reacts on bytes read on that interface. One of the submenus which get's called then is the hidden "pointer placement service menu".
Other menus draws graphics, which i need to trace down to see what they contain. Uh, by the way, do we have a tool that can extract and image from a given location? That may help.

I report as i proceed with my findings...

[DGAlexandru]

Uh, by the way, do we have a tool that can extract and image from a given location?

Can you be more specific on what you need?

[Go4IT]

Thanks for asking, i remebered your tool ConversHacker and this did the job.
I recently found that eSCI module in MAC usually implements LIN. I'll try to find the setup routine in the code to get closer to the protocol.

[Stevebe]

While browsing through the disassembly of the preFL firmware (AG) i found something which may be a hidden service port for the device. I traced down the port this routines accessing and found out that they connect an RXD/TXD to the IPC connector at pins, not utilized by the car.

i did try looking at the serial ports all i could find was raw can data , i also tryed a UART to see if there was and boot seial data like there is on the mk5, i made up a unit so i can flip between the serial ports
more to do

flipcmods.JPG

[Go4IT]

Did you look at the signals with a DSO?