That FwId and Regn reminded me of the ipod diagnostics mode. In the abou screen you'll find there exactly those strings. I see progress has been done :-D
> look at offset 0xFFE00 > It seems we have an array of size 4 with following structure, sort of > section headers: > > *name (reversed string) > *0 > *offset in dump > *len in dump > *0x8000000 > *0 > *0 > *0x10005 > *addresse in memory? > > > Moreover on disk we have (raw offset+ len):: > diagflsh raw offset + diagflsh len > 0xB5C40+ 0x14E40 = CAA80 > > and CAA80 is near flshdisk raw offset (0xCAC80) with seems to confirm > sort of section header descriptors > > addresses in memory may be interesting: > 0x810C848 > 0x80F7808 > 0x80F5008 > > because they seem to reflect len on disk: > 0x810C848-0x80F7808 = 0x15040 and diagflsh may be 0x14E40 bytes on disk > 0x80F7808-0x80F5008 = 0x2800 and logoflsh may be 0x2600 on disk > > and for example on PE header, there is file alignment , and memory > alignment which may be different from one to another. (this is just to > compare) > > > > ROM:000FFE00 68 73 6C 66 DCD > 0x666C7368 ; flshdisk > ROM:000FFE04 6B 73 69 64 DCD 0x6469736B > ROM:000FFE08 00 00 00 00 DCD 0 > ROM:000FFE0C 80 AC 0C 00 DCD 0xCAC80 > ROM:000FFE10 80 4F 03 00 DCD 0x34F80 > ROM:000FFE14 00 00 00 08 DCD 0x8000000 > ROM:000FFE18 00 00 00 00 DCD 0 > ROM:000FFE1C 00 00 00 00 DCD 0 > ROM:000FFE20 05 00 01 00 DCD 0x10005 > ROM:000FFE24 48 C8 10 08 DCD 0x810C848 > > ROM:000FFE28 68 73 6C 66 DCD > 0x666C7368 ; diagflsh > ROM:000FFE2C 67 61 69 64 DCD 0x64696167 > ROM:000FFE30 00 00 00 00 DCD 0 > ROM:000FFE34 40 5C 0B 00 DCD 0xB5C40 > ROM:000FFE38 40 4E 01 00 DCD 0x14E40 > ROM:000FFE3C 00 00 00 08 DCD 0x8000000 > ROM:000FFE40 00 00 00 00 DCD 0 > ROM:000FFE44 00 00 00 00 DCD 0 > ROM:000FFE48 05 00 01 00 DCD 0x10005 > ROM:000FFE4C 08 78 0F 08 DCD 0x80F7808 > > ROM:000FFE50 68 73 6C 66 DCD > 0x666C7368 ; logoflsh > ROM:000FFE54 6F 67 6F 6C DCD 0x6C6F676F > ROM:000FFE58 00 00 00 00 DCD 0 > ROM:000FFE5C 40 34 0B 00 DCD 0xB3440 > ROM:000FFE60 00 26 00 00 DCD 0x2600 > ROM:000FFE64 00 00 00 08 DCD 0x8000000 > ROM:000FFE68 00 00 00 00 DCD 0 > ROM:000FFE6C 00 00 00 00 DCD 0 > ROM:000FFE70 05 00 01 00 DCD 0x10005 > ROM:000FFE74 08 50 0F 08 DCD 0x80F5008 > > ROM:000FFE78 00 00 00 00 DCD > 0 ; logo > ROM:000FFE7C 6F 67 6F 6C DCD 0x6C6F676F > ROM:000FFE80 00 00 00 00 DCD 0 > ROM:000FFE84 80 5B 05 00 DCD 0x55B80 > ROM:000FFE88 00 26 00 00 DCD 0x2600 > ROM:000FFE8C 00 00 00 08 DCD 0x8000000 > ROM:000FFE90 00 00 00 00 DCD 0 > ROM:000FFE94 00 00 00 00 DCD 0 > ROM:000FFE98 05 00 01 00 DCD 0x10005 > ROM:000FFE9C FF FF FF FF DCD 0xFFFFFFFF > > > > Next, when we look at each raw offset : > > 0xCAC80 (flshdisk) > ROM:000CAC80 00 00 00 00 DCD 0 > ROM:000CAC84 02 00 00 00 DCD 2 > ROM:000CAC88 02 00 00 00 DCD 2 > ROM:000CAC8C 40 00 00 00 DCD 0x40 > ROM:000CAC90 00 00 00 00 DCD 0 > ROM:000CAC94 80 4F 03 00 DCD 0x34F80 > ROM:000CAC98 90 04 40 DD DCD 0xDD400490 > ROM:000CAC9C 83 20 C0 2E DCD 0x2EC02083 > > at 0xB5C40 (diagflsh) > ROM:000B5C40 00 00 00 00 DCD 0 > ROM:000B5C44 02 00 00 00 DCD 2 > ROM:000B5C48 02 00 00 00 DCD 2 > ROM:000B5C4C 40 00 00 00 DCD 0x40 > ROM:000B5C50 00 00 00 00 DCD 0 > ROM:000B5C54 40 4E 01 00 DCD 0x14E40 > ROM:000B5C58 90 04 40 DD DCD 0xDD400490 > ROM:000B5C5C 9E 90 A9 F5 DCD 0xF5A9909E > > 000B3440 : (logoflsh) > ROM:000B3440 00 00 00 00 DCD 0 > ROM:000B3444 02 00 00 00 DCD 2 > ROM:000B3448 02 00 00 00 DCD 2 > ROM:000B344C 40 00 00 00 DCD 0x40 > ROM:000B3450 00 00 00 00 DCD 0 > ROM:000B3454 00 26 00 00 DCD 0x2600 > ROM:000B3458 90 04 40 DD DCD 0xDD400490 > ROM:000B345C 66 75 E2 35 DCD 0x35E27566 > > > at 00055B80 (logo) > ROM:00055B80 00 00 00 00 DCD 0 > ROM:00055B84 02 00 00 00 DCD 2 > ROM:00055B88 02 00 00 00 DCD 2 > ROM:00055B8C 40 00 00 00 DCD 0x40 > ROM:00055B90 00 00 00 00 DCD 0 > ROM:00055B94 00 26 00 00 DCD 0x2600 > ROM:00055B98 90 04 40 DD DCD 0xDD400490 > ROM:00055B9C 66 75 E2 35 DCD 0x35E27566 > > > we can see the LEN is repeated ; > the section logo & logoflsh (0x2600 both) are the same > So if stream cipher with same key, xor of both sould result in xor > unciphered versions. (erf :) > > > > Another interesting offset: 0x4000 > at 00004000 4 bytes stand for SCfg (config?) > at 00004018 strange string mNrSYM7240KUVQ5 > at 0000402C 4 bytes stand for Fwid (firmware id?) > at 00004040 4 bytes for Hwid (hardware id?) > at 0000407C 4 b: Regn (region??) > at 00004090 ?? DrmV (DRM version, kikoolol . ) > > > ROM:00004000 67 DCB 0x67 ; g > ROM:00004001 66 DCB 0x66 ; f > ROM:00004002 43 DCB 0x43 ; C > ROM:00004003 53 DCB 0x53 ; S > ROM:00004004 A4 00 00 00 DCD 0xA4 > ROM:00004008 00 20 00 00 DCD 0x2000 > ROM:0000400C 01 00 01 00 DCD 0x10001 > ROM:00004010 00 00 00 00 DCD 0 > ROM:00004014 07 00 00 00 DCD 7 > ROM:00004018 6D DCB 0x6D ; m > ROM:00004019 4E DCB 0x4E ; N > ROM:0000401A 72 DCB 0x72 ; r > ROM:0000401B 53 DCB 0x53 ; S > ROM:0000401C 59 DCB 0x59 ; Y > ROM:0000401D 4D DCB 0x4D ; M > ROM:0000401E 37 DCB 0x37 ; 7 > ROM:0000401F 32 DCB 0x32 ; 2 > ROM:00004020 34 DCB 0x34 ; 4 > ROM:00004021 30 DCB 0x30 ; 0 > ROM:00004022 4B DCB 0x4B ; K > ROM:00004023 55 DCB 0x55 ; U > ROM:00004024 56 DCB 0x56 ; V > ROM:00004025 51 DCB 0x51 ; Q > ROM:00004026 35 DCB 0x35 ; 5 > ROM:00004027 00 DCB 0 > ROM:00004028 00 00 00 00 DCD 0 > ROM:0000402C 64 DCB 0x64 ; d > ROM:0000402D 49 DCB 0x49 ; I > ROM:0000402E 77 DCB 0x77 ; w > ROM:0000402F 46 DCB 0x46 ; F > ROM:00004030 00 00 00 01 DCD 0x1000000 > ROM:00004034 DA FA F5 19 DCD 0x19F5FADA > ROM:00004038 00 27 0A 00 DCD 0xA2700 > ROM:0000403C 00 00 00 00 DCD 0 > ROM:00004040 64 DCB 0x64 ; d > ROM:00004041 49 DCB 0x49 ; I > ROM:00004042 77 DCB 0x77 ; w > ROM:00004043 48 DCB 0x48 ; H > ROM:00004044 FF FF FF FF DCD 0xFFFFFFFF > ROM:00004048 FF FF FF FF DCD 0xFFFFFFFF > ROM:0000404C FF FF FF FF DCD 0xFFFFFFFF > ROM:00004050 FF FF FF FF DCD 0xFFFFFFFF > ROM:00004054 72 DCB 0x72 ; r > ROM:00004055 56 DCB 0x56 ; V > ROM:00004056 77 DCB 0x77 ; w > ROM:00004057 48 DCB 0x48 ; H > ROM:00004058 00 00 00 00 DCD 0 > ROM:0000405C 09 00 10 00 DCD 0x100009 > ROM:00004060 00 00 00 00 DCD 0 > ROM:00004064 00 00 00 00 DCD 0 > ROM:00004068 23 DCB 0x23 ; # > ROM:00004069 64 DCB 0x64 ; d > ROM:0000406A 6F DCB 0x6F ; o > ROM:0000406B 4D DCB 0x4D ; M > ROM:0000406C 4D DCB 0x4D ; M > ROM:0000406D 41 DCB 0x41 ; A > ROM:0000406E 34 DCB 0x34 ; 4 > ROM:0000406F 37 DCB 0x37 ; 7 > ROM:00004070 37 DCB 0x37 ; 7 > ROM:00004071 00 DCB 0 > ROM:00004072 00 DCB 0 > ROM:00004073 00 DCB 0 > ROM:00004074 00 00 00 00 DCD 0 > ROM:00004078 00 00 00 00 DCD 0 > ROM:0000407C 6E DCB 0x6E ; n > ROM:0000407D 67 DCB 0x67 ; g > ROM:0000407E 65 DCB 0x65 ; e > ROM:0000407F 52 DCB 0x52 ; R > ROM:00004080 01 00 02 00 DCD 0x20001 > ROM:00004084 02 00 02 00 DCD 0x20002 > ROM:00004088 00 00 00 00 DCD 0 > ROM:0000408C 00 00 00 00 DCD 0 > ROM:00004090 56 DCB 0x56 ; V > ROM:00004091 6D DCB 0x6D ; m > ROM:00004092 72 DCB 0x72 ; r > ROM:00004093 44 DCB 0x44 ; D > ROM:00004094 00 00 00 00 DCD 0 > ROM:00004098 06 00 00 00 DCD 6 > ROM:0000409C 00 00 00 00 DCD 0 > ROM:000040A0 00 00 00 00 DCD 0 > > > > + > serpilliere > > > > _______________________________________________ > Linux4nano-dev mailing list > [email protected] > https://mail.gna.org/listinfo/linux4nano-dev > http://www.linux4nano.org -- Erstellt mit Opera: http://www.opera.com _______________________________________________ Linux4nano-dev mailing list [email protected] https://mail.gna.org/listinfo/linux4nano-dev http://www.linux4nano.org
