Flashhack

Introduction

Flashhack is a free tool for reflashing certain older GM ECMs through the diagnostic port.  It will allow you to tune your engine quickly and safely with a minimum chance of failure.

It’s open source and should run well on Windows 7, Windows 10, or Linux.

This tool replaces EEHack’s built in flash tool for LT1 engines and is intended to support many other ECMs in the future.

Supported ECMs/Vehicles

LT1 (EE) 1994-1995

LT1 and L99 engines.  16188051, 16181333.  Well supported and tested on all vehicles including corvettes.  Can handle nearly all possible failure scenarios without bricking.   Also includes bin format converter tool.

V6 P66 1993-1995

3100 and 3.4L engines.  Should work with 16172693, 16184164, 16184737, 16196397. Does not include hardware recovery logic, but should recover from failure as long as you keep the ECM powered up.

Downloads

This program doesn’t have an installer.  Extract the zip file somewhere and run flashhack.exe

If you are updating the program, you should probably delete the old folder and completely replace it with the new version to be safe.

Download “flashhack beta” flashhack_b0.6.4.zip – Downloaded 788 times – 12 MB

The full source code is included.

Features

Flashhack’s main goal is maximum stability and speed, and seamless error recovery, making it very unlikely that you could permanently brick an (old and rare) ECM due to a malfunction.

I’ve tested the following failure scenarios many times with an LT1 with no failures:

  • Cut power to the programmer (laptop) at any point in a flash
  • Unplug the USB cable from the programmer at any point in the flash
  • Unplug the ALDL cable from the vehicle at any point in the flash

The worst case if something goes wrong should be restarting the program and writing again.

I’ve designed flashhack in a way that allow you to use your computer for other things while the reflash is happening, you should be able to go ahead and browse the web until it’s complete.

For certain ECMs we have more advanced recovery features, for example the LT1 has a special “recovery rom” that’s written early on in the flash procedure, that will allow the ECM to boot seamlessly even after an ECM power failure during a reflash.  There is only an approx. 7 second window during which this recovery rom is not yet functional, making bricking this ecm incredibly unlikely.

Speed is a fairly large issue with these older busses.  The diagnostic port has fairly slow communication speed, and flashing can take quite a long time, especially with a poor interface.  We have several hacks and procedures to us to speed up the reflash operation.

The largest speed increases involve avoiding writing in regions that do not have to be written.  When a flash chip is erased, it is set to FF, so areas intended to be FF are already in the correct state after an erase.  If we go a step further and fill completely unused regions of the bin with FF, we can skip even larger segments.  Flashhack abuses this whenever possible, even going as far as detecting when certain tables are used and skipping them when they are not.

In the case of multi-chip ECMs, we use methods to determine which chips need to be changed by remembering the data from your last successful flash, which can provide a massive overall speed (and safety) increase.

FAQ

Q: Who do I complain at if this cooks my ECM because of a glitch in the recovery?

A: You can let me know.  These cars and their circuitry are really old, so anything can happen.  I will not compensate you as this isn’t a commercial outfit and there’s no warranty, however I’d like to know what went wrong.