Plan of Action

June 8, 2008 11:39 am

After spending an evening poking around the ver 1.01 firmware, I came up with a plan of action. It appears that the firmware has areas of strings that is human readable, areas of code that is not, areas of padding (i.e. repeated patterns that done seem mean much at first glance). We need a systematical way of analyzing the firmware files.

I once put together my own decoder for the X3F files and I recall that the file was broken down into sections. The sections were all labeled (i.e. FOVb, SECd, ect). Perhaps this file is the same. This seems to be in line with first observations that there are string sections and data sections. This also somewhat aligns with some other executable file formats.

My plan is to:

  1. Dump the strings for a firmware version and look for hints.
  2. Look for section identifiers in the firmware.
  3. Attempt to break the firmware down into sections
  4. Compare various firmware versions to each other based on sections.

The approach will use the first few versions of firmware for investigation/comparison. I’ll leave a couple versions, version 1.06 and the two 1.07s, uninvestigated as an unknown baseline to test my final product.

No Responses to “Plan of Action”

Care to comment?