Category Archives: Computer

Computer

Old mystery motherboard and Bios hacking

Leave a comment

When selling a large part of my computer collection I kept a few odd pieces.

Amongst those was a 8088 DIY machine.

It is a 50PTX3 motherboard with a 8088 compatible CPU

  • Power light (Not LED) and connected to power adaptor, not motherboard
  • Reset button??? not connected
  • Power switch
  • Mid center, 5v gnd and 12v
  • 5.25″ drive not connected
Bottom

Tested the power adapter first, a nice 5V and 12V.
Then I plugged the power in the Motherboard add plugged a test ISA card in the slot.
After turning the machine on I saw the Address leds flashing

A NEC D70108C from 1984, which is 8088 pin compatible with Intel 8088 but faster, and has some extra functionality.
The empty socket is for the 8087 Co-processor.

Nec V20 versus 8088

Everything pretty dirty

Rom 2764 (8Kb) and a disconnected speaker wire.

Adding an 8bit Isa hercules/CGA card.

It starts! .. But there is no Floppy controller (yet)

I’ve dumped the Bios to a file and used a hexeditor to play around.
So that’s why there is a bad checksum.

Installing a ZIF socket (Zero Insertion Force) to make things easier to modify.

Burned GlaBios on the Eprom and now I can continue to play around.

So why? Why this all ..

I want to play around with old 8088 assembly code again, but not as I did before using a Dos machine, but hardcoded into Eproms.
I’ve got 8 banks for ROMs and the source code for GlaBios is available.

In the past Edk and me wrote a boot demo, so it was not utilizing Ms-Dos functions. Maybe i can get some graphical and sound stuff working straight from the Bios.

Some commands:

# Dump the bios to file
minipro -w original.rom -p AT2764A@DIP28

xxd and hexdump to view the dump

I've used ghex to alter the ROM

# Write a new bios to a 28C64 (same Eeprom i've used for the C64 Cartridges)
minipro -w /home/henri/Downloads/MYROM -p AT28C64

GlaBios source code:
https://github.com/640-KB/GLaBIOS/blob/main/src/GLABIOS.ASM

I was planning to disassemble the Phoenix Bios, but it’s quite hard to differentiate between code and data, there are no named pointers and you have to interpret every line of code.

So GlaBios it is ..

First code to look at:

This is after the whole post reset.
There is a reset pointer at ffff:fffe
Which points to the bootstrap routine, which ends in below machine code.
I'm going to plug my own code over here.

(See the funny remark about Monster as being displayed in one of above pictures)

;----------------------------------------------------------------------------;
; INT 18 - Unbootable IPL
;----------------------------------------------------------------------------;
; Display a disk boot failure message and wait for a key to cold reboot.
;
; This may be re-vectored to ROM BASIC, if present.
;
; Size: 18 bytes
;----------------------------------------------------------------------------;
INT_18 PROC
		ASSUME DS:_BDA_ABS
	PRINT_SZ  BOOT_FAIL			; print boot failure string
	XOR	AX, AX				; AH = 0 (wait for key)
	MOV	DS, AX				; DS = 0000
	MOV	WARM_FLAG_ABS, AX			; do a cold boot
	INT	16H					; wait for key press
	JMP	BOOT					; reboot
INT_18 ENDP

BOOT ENDP

;----------------------------------------------------------------------------;
;
; END OF BIOS POST/BOOTSTRAP
;
;----------------------------------------------------------------------------;

		ASSUME DS:_BDA
STRINGS PROC
;----------------------------------------------------------------------------;
; Banner Strings
;
BANNER_STRINGS PROC

					IF POST_GLADOS EQ 1
BOOT_BEGIN		DB	CR, LF
			DB	'Starting GLaDOS...'
NL2_Z			DB	LF				; two NL's, null term'd
					ENDIF
NL_Z			DB	CR, LF, 0			; one NL, null term'd
BOOT_FAIL		DB	'Disk Boot Fail.'
			DB	' You monster.'
NL2_ANY_KEY		DB	LF
NL_ANY_KEY		DB	CR, LF
ANY_KEY		DB	'Press the Any Key'
			DB	'...'

Assembly stuff

I’ve got Dosbox installed on my machine.

git clone https://github.com/640-KB/GLaBIOS.git
I copied MASM.EXE and LINK.EXE in the GLaBios src directory.

edit make.bat

change
MASM GLABIOS;
into
MASM /DVER_DATE=”05/24/23″ /DARCH_TYPE=”T” /DCPU_TYPE=”V” GLABIOS;

start dosbox

mount c: /home/henri/projects/

c:

cd glabios/src

make.bat

Computer

SDK-85 Cassettes

Leave a comment
SDK-85 in 2022

Started drawing a Cassette interface in Kicad.
This so i can read back my old cassettes with programs.
(And write some new stuff)

I’m planning to buy a small micro cassette player.
With schematic below, I’m going to use it as save/load device.
But also with the same player, I’m going to convert the tape to a wave file, and try to decode the program using python.

While I’m at it, reading the old manuals, a RS-232 interface would be nice also!

UPDATE 20231016

This is the final version

Information about the 7655A.
A eprom WITH IO ports! Amazing piece of history hardware.

Testing some sims on Linux and Android

Computer, Music

RFID music playlist genre selector.

Leave a comment

Just a proof of concept for a friend.

This one works with Logitech Media Server and Spotify playlists, but also works with generic LMS playlists when you change the url)

Selecting music using the RFID reader module in my game.
(i didnĀ“t have a spare reader)

Cardboard box with rfid tags inside.

Looks nicer using laser lettering.

Maybe a tetrahedron for play,next,previous and stop?
And another with volume settings?

Simple node-red switcher

URL being called:

http://logictechmediaserver:9000/plugins/spotty/index.html?action=play&index=8.12
Computer

JiffyDos notes (work in progress)

Leave a comment

JiffyDOS is an enhanced DOS for the C64. The software is programmed onto ROM chips that replace the Kernal ROM chip on the motherboard and the DOS ROM chip in the disk drive. JiffyDOS is intended to provide greater speed, commands and convenience than on stock systems.

The 1541 drive is a computer on its own, using a 6502 and VIA chips.
(See other pages) (C64 uses a 6510, that is the same slightly modified version of the 6502)
A cool example of the drive being an OS/computer on its own:
https://www.youtube.com/watch?v=zprSxCMlECA

Some notes:

  • I want to use a larger rom and using the higher address lines as kernal selector. Address line A13 and A14 can be used as selector
  • There is a schematic out there using runstop at boottime to do de selection of the rom part

Did I misspell kernel? NO
(Below from Wikipedia)

The KERNAL was known as kernel inside of Commodore since the PET days, but in 1980 Robert Russell misspelled the word as kernal in his notebooks. When Commodore technical writers Neil Harris and Andy Finkel collected Russell’s notes and used them as the basis for the VIC-20 programmer’s manual, the misspelling followed them along and stuck.

Original Kernal: 901227-03
8-kilobyte 2364 ROM 4K * 8 bits PROM

28C265 = 32K * 8bits

Diffference in ROM size AND there are some other pin placements.
V0.1

Romselect should be /(a15 * a14 * a13) depending on ram/rom switch.


SEL0SEL1
00rom0
01rom1
10rom2
11rom3

$E000-$FFFF – ROM
57344-65535

KERNAL ROM or RAM area (8192 bytes); depends on the value of bits #0-#2 of the processor port at memory address $0001
$FFFA-$FFFF – hardware vectors

%x0x: RAM area.

%x1x: KERNAL ROM.
Computer

Converting png images to composite pixels (6502)

Leave a comment
Composite video PCB working

Using searle’s design, i can draw pixels using composite video out.

Converting b/w png to hex include files, for usage in vasm I did the following.

#Python script to convert black levels to pixels
from PIL import Image
i = Image.open("fash.png")

pixels = i.load() # this is not a list, nor is it list()'able
width, height = i.size

all_pixels = []
for x in range(width):
    for y in range(height):
        cpixel = pixels[x, y]
        if cpixel[1] == 255:
            s = '\t.db 0x05,' + hex(int(x)) + ',' + hex(int(y))
            print (s)

Running and output example

python3 image.py > out

head out
	.db 0x05,0x1,0x16
	.db 0x05,0x1,0x18
	.db 0x05,0x1,0x19
	.db 0x05,0x2,0x7
	.db 0x05,0x2,0x8
	.db 0x05,0x2,0xc
	.db 0x05,0x2,0xd
	.db 0x05,0x2,0x17
	.db 0x05,0x3,0x5

Control codes and vasm include

01 (01) - Cursor home (Standard ASCII)
04 (04) - Cursor solid
05 (05) - Set graphics pixel (next two bytes = x,y) 
0C (12) - Clear screen (Standard ASCII)
0D (13) - Carriage return (Standard ASCII)
0E (14) - Set column 0 to 79 (2nd byte is the column number) or 0 to 39 for a 40 char line
0F (16) - Set row 0 to 24 (2nd byte is the row number)
1B (27) - ESC - reserved for ANSI sequences

vasm include part:

message: 
	.db 0x01,0x0c   ; home and clear
	.db 0x1b,0x2d   ; disable ansi translation
	include "out"   ; include hex "png"
	.db 0x00        ; end with 0 (part of message print routine)
Computer, IOT / Domoticz

Mikrotik RB4011 Vlan Guest Wifi (IOT) devices

Leave a comment

See inline comments:

# Add vlan bridge
/interface bridge
add name=bridge_vlan5

# add security profile for wifi
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=iot supplicant-identity=""

# add virtual wifi to 2.4G and 5G APs
/interface wireless
set [ find default-name=wlan2 ] band=2ghz-g/n country=netherlands disabled=no distance=indoors frequency=auto installation=indoor mode=ap-bridge security-profile=xxxxxxxxxxx ssid=MYSSID station-roaming=enabled wireless-protocol=802.11 wps-mode=\
    disabled
set [ find default-name=wlan1 ] band=5ghz-a/n/ac channel-width=20/40mhz-Ce country=netherlands disabled=no distance=indoors frequency=auto installation=indoor mode=ap-bridge name=wlan5 security-profile=xxxxxxxxxxxxx skip-dfs-channels=all ssid=\
    MYSSID station-roaming=enabled wireless-protocol=802.11 wps-mode=disabled
add disabled=no keepalive-frames=disabled mac-address=4A:8F:5A:48:A4:69 master-interface=wlan2 multicast-buffering=disabled name=wlan_iot2 security-profile=iot ssid=IOT vlan-id=5 vlan-mode=use-tag wds-cost-range=0 wds-default-cost=0 \
    wps-mode=disabled
add disabled=no keepalive-frames=disabled mac-address=4A:8F:5A:80:CE:1D master-interface=wlan5 multicast-buffering=disabled name=wlan_iot5 security-profile=iot ssid=IOT vlan-id=5 vlan-mode=use-tag wds-cost-range=0 wds-default-cost=0 \
    wps-mode=disabled

# Add vlans to virtual Wifi
/interface vlan
add interface=wlan_iot2 name=vlan5_iot-2 vlan-id=5
add interface=wlan_iot5 name=vlan5_iot-5 vlan-id=5

# add ip range for dhcp
/ip pool
add name=dhcp_pool5_iot ranges=10.5.0.2-10.5.0.200

# add dhcp server with above range
/ip dhcp-server
add address-pool=dhcp_pool5_iot interface=bridge_vlan5 name=dhcpiot

# add vlans and interfaces to vlan  bridge
/interface bridge port
add bridge=bridge interface=wlan_iot2
add bridge=bridge interface=wlan_iot5
add bridge=bridge_vlan5 interface=vlan5_iot-5
add bridge=bridge_vlan5 interface=vlan5_iot-2

# add vlan to existing bridge (Not really needed) is for inter vlan traffic
/interface bridge vlan
add bridge=bridge_vlan5 vlan-ids=5

# add interfaces to LAN list (firewall needs this)
/interface list member
add interface=vlan5_iot-2 list=LAN
add interface=bridge_vlan5 list=LAN
add interface=vlan5_iot-5 list=LAN

# Add gateway/dhcpserver ip address
/ip address
add address=10.5.0.254/24 comment="IOT (vlan5)" interface=bridge_vlan5 network=10.5.0.0

# dhcp server network
/ip dhcp-server network
add address=10.5.0.0/24 dns-server=1.1.1.1 gateway=10.5.0.254 netmask=24

# generic NAT rule
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WAN
Computer

Mikrotik Plug Alarm

Leave a comment

When plugging an ethernet cable in port one, the alarm will sound.
And a mqtt message is being send

I need to dust my desk in the Attic I know!

In the script is a little sound effect loop, maybe I’m going to write a ABC musicnotation / BagpipeMusicWriter to beep commands.

Script

:do {
	:local broker "NR"
        :local topic "crs109/ether1/alarm"
        :local int1 ether1;
	:foreach a in=[/interface find name=$int1] do={
		:local status [/interface get $a running];
		:if ($status=true) do={
                     :for t1 from=1 to=8 step=1 do={
                     :for t2 from=600 to=750 step=8 do={
                     :beep frequency=$t2 length=11ms;
                     :delay 11ms;
                     }
                     }
                /iot mqtt publish broker=$broker topic=$topic message="{\"ether1\":\"connected\"}"
                }
	}
}

Schedule

/system scheduler
add interval=5s name=schedule1 on-event=script1 policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
    start-date=may/14/2023 start-time=23:25:36
Computer, IOT / Domoticz

Wifi monitoring with Mikrotik Mqtt Nodered and Pushover

Leave a comment

I’ve made a arpscanner in the past
https://www.henriaanstoot.nl/2019/10/15/arpscanner/
But i’m going to migrate the server this is running on.

So I played with ssh commands using ssh connections with a ssh-key, also using Ansible is possible.

ssh user@mikrotik /interface wireless registration-table print

But I didn’t like the continuous logins with automated logins.

So below solution is what i’ve implemented for now.

I’ve installed the IOT extra package from Mikrotik, now I can send MQTT messages from my Wifi enabled Mikrotiks to my Mosquitto broker.
(Download extra package zip, extract iot-7.x-arm.npk, upload this to your mikrotik files folder, and reboot)
The script I’m running on my Mikrotik, sends the active wifi connections with the comments. ( When a comment is set in the Access List, then it’s a know connection )

[admin@RB40111] /iot/mqtt> export
# may/15/2023 21:45:12 by RouterOS 7.9
# software id = xxxx-xxxx
#
# model = RB4011iGS+5HacQ2HnD
# serial number = xxxxxxxxxxxxxxxxx
/iot mqtt brokers
add address=10.1.x.y client-id=rb4011 name=NR

I made the following script on my MT named mqtt

:local broker "NR"

# MQTT topic where the message should be published
:local topic "rb4011/mac"

:foreach i in=[/interface wireless registration-table print proplist=mac-address as-value] do={
:local message "$i"

/iot mqtt publish broker=$broker topic=$topic message=$message
}

A schedule is needed to run this script every 15 minutes

[admin@RB40111] /system/scheduler> export
# may/15/2023 21:48:14 by RouterOS 7.9
# software id = xxxx-xxx
#
# model = RB4011iGS+5HacQ2HnD
# serial number = xxxxxxxxxxx
/system scheduler
add interval=15m name=mqtt on-event=mqtt policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
    start-date=may/15/2023 start-time=13:30:54

Now all wifi connections will be send to topic rb4011/mac.

# Example
.id=*6a;comment=Mobile Henri wlan2;mac-address=44:46:87:xx:xx:xx

Using NodeRed I can make filters and notifications

Below function: get Mac and Comment from payload, if the comment is empty then it is a unknown connection … so send me a warning using Pushover.

// filter function
var output = msg.payload.split(";");

var comment = (output[1].split("="));
var mac = (output[2].split("="));

msg.payload={};
msg.payload = mac[1];
if (comment[1] == "") {
return msg;
}

// is xx:xx:xx:xx:xx:xx online? example
var output = msg.payload.split(";");

var comment = (output[1].split("="));
var mac = (output[2].split("="));

msg.payload={};
msg.payload = mac[1];
if (mac[1] == "xx:xx:xx:xx:xx:xx") {
return msg;
}

Now i’m getting a notification when an unknown wifi connection is made on my Access Point.
( I going to implement the Access List from MT at a later point. No access when not in the Access List)

3dprinting, Computer

3D printing problem and Fluxengine

Leave a comment

3D printed a case for my fluxengine.

Fluxengine disk reader

Last week I got my 1.2MB 5.25″ drive.
And tested it with the fluxengine.
Now i can read old 5.25″ disks again. And convert these to disk images.
Amiga/Atari ST/C64 (single side) and my old MSDos disks.
(That’s what I’m using, the fluxengine can read many more)

Why single side C64? you ask?
Those are flippy disks, that means they are single sided and you flip the disk in the drive to read the other side.

Why can’t the fluxengine read those?

  • There is only one sensor in my drive.
  • Reading side 2 without turning the disk won’t work, the sectors are in reverse!
    (Maybe there is a trick to read in reverse? Fluxengine is reading and decoding raw disk sectors, but i have to read into this)

Note: The 1541 Drive for the commodore’s is a complete 6502 computer with 2x 6522 VIA and ram/rom chips! (2016-15 2K x 8 bit Static RAM / 27128 16kb x 8)

see: https://www.henriaanstoot.nl/tag/6502/

And this amazing trick:

https://www.youtube.com/watch?v=zprSxCMlECA

Maybe i’m going to modify my 5.25 drive with another index sensor.

So i downloaded a diskdrive case from thingiverse, which can hold 2 drives. 3.5″and 5.25″.
https://www.thingiverse.com/thing:3089895

I started printing the bottom, no problem there. But because of the large size of bottom and top. (Both about a day of printing) I had to change the filament.
But I didn’t have a good look at what I took!
Below is what you get when printing PLA and switch to PETG!

Temperatures for PLA:
Tool: 200 and bed 50
Temperatures for PETG:
Tool: 240 and bed 70


So 12 hours printing and I had to start again.

I could not remove the knob, else I would have removed the beige front and spray painted this black.