How to edit the bdata partition from a dump to enable ssh, uart, boot wait, telnet.
I'll use the dump posted a few posts above dump_AX6S_1.0.19_data_512-16.bin
You'll need an Hex Editor, I Use HxD.
First we'll check the checksum
Open the dump with hxd
Search -> Go To -> 180000
Take note of the first 4 bytes, in this case:
42 66 F9 39 that's the bdata partition checksum in reverse order:
so we'll check this:
Edit -> select block
Start Offset -> 180004 (Bdata partition minus the 4 bytes of the checksum)
End Offset -> 18FFFF (end of data)
And then:
Analysis -> Checksums -> CRC-32
Result:
CRC-32: 39F96642
So if you look at the first 4 bytes of the partition
First 4 bytes: 42 66 F9 39
CRC32: 39 F9 66 42
CRC32 is the same as the first 4 bytes in reverse order so it's ok.
Now we'll edit the bdata values, just overwrite the 0 with 1, don't press the backspace or delete the value.
If you want to enable boot wait, just add it at the end of the variables, don't add space with the spacebar just add it after "one point" (just look at the picture)
Now, the checksum needs to be corrected after we altered the data, so
Edit -> select block
Start Offset -> 180004 (Bdata partition minus the 4 bytes of the checksum)
End Offset -> 18FFFF (end of data)
And then:
Analysis -> Checksums -> CRC-32
Result:
CRC-32 048308DE
So the checksum changed
CRC-32 048308DE
Reversed: DE088304
So we need to change the first 4 bytes, remember just to overwrite without delete.
And now save it and flash it.
If you dump only the bdata partition the procedure is exactly the same, but obviously the offsets are different.
The AX1800 bdata partition doesn't contain the telnet_en, ssh_en, uart_en, or boot_wait variables, so you must add them like the boot_wait in this example.