Hi, Bahattin TOZYILMAZ wrote: > sorry for disturbing. but, our code tries to "branch" (in x86 assembly > "jump" or "call" as i understand) an illegal address(0xFE3BE444). even > i tried to negate the address. it produced 29mb or so. I am asking > that, because i dont know much about ARM asm. My only explanation to > this branch is that, this address is handled by MU (memory unit, i > think).where does it branch, anybody knows?
We are almost all thinking that the dump has few 'clear text' parts which are meaningful in ARM asm but is mainly filled up with ciphered parts which are totally useless until we guess the code. So do not try to execute it blindly because it won't work for sure. For now, we try to identify what kind of encryption scheme is used here and were could be located the key. We highly suspect that this last line of defense is hold tight inside the ARM processor but we have no proof yet. Hopefully, this encryption is a weak one and can be breakable through a brute-force attack. For the ones with a (very) little knowledge in cryptanalysis, you can try to perform some statistical analysis on the ciphered parts of the dump and try to compare it with clear text ARM asm trying to find some bias in the scheme. That's all folks ! :) Regards -- Emmanuel Fleury Sometimes one should just look at things and think about things without doing things. -- Calvin & Hobbes (Bill Waterson) _______________________________________________ Linux4nano-dev mailing list [email protected] https://mail.gna.org/listinfo/linux4nano-dev http://www.linux4nano.org
