From 24462f8cdcd280fad3d444fa7dc5278497e831f4 Mon Sep 17 00:00:00 2001 From: Sigma-Ohio Date: Mon, 9 Jun 2025 00:42:33 +0200 Subject: send help --- README.md | 52 +++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 51 insertions(+), 1 deletion(-) (limited to 'README.md') diff --git a/README.md b/README.md index 5a2eae4..b62615d 100644 --- a/README.md +++ b/README.md @@ -244,4 +244,54 @@ The `executables/hexen.py` script provides a utility to send raw hex payloads an * If you press Enter, nothing is saved for that attempt. * The script checks if the directory for the `MAGIC` file exists and if the file is writable, providing error messages if issues are encountered. -This tool aims to simplify the process of testing variations of known packet structures, especially when only the checksum isnt known \ No newline at end of file +This tool aims to simplify the process of testing variations of known packet structures, especially when only the checksum isnt known + +# MQX ARM M4 Firmware Analysis Tools + +This toolkit provides specialized tools for analyzing MQX ARM M4 firmware, with a particular focus on identifying IP packet checksum algorithms. + +## Tools Overview + +1. **improved_disassembler.py**: An enhanced disassembler with visual formatting, pattern recognition, and network protocol awareness. + +2. **checksum_finder.py**: A specialized tool focused specifically on finding checksum algorithms in firmware. + +## Installation + +Install the required dependencies: + +```bash +pip install -r requirements.txt +``` + +## Usage + +### Analyzing firmware with the improved disassembler + +```bash +python improved_disassembler.py path/to/firmware.bin -o analysis_output.txt -b 0x08000000 +``` + +### Finding checksum algorithms + +```bash +python checksum_finder.py path/to/firmware.bin -o checksum_analysis.txt -b 0x08000000 +``` + +## Tool Features + +- Color-coded output for better readability (in terminal) +- Detection of network-related strings and constants +- Pattern-based identification of common checksum algorithms +- Context-aware disassembly around potential checksum code +- Export analysis to text files for further examination + +## Understanding the Results + +The tools look for: + +- **IP header constants**: Values commonly found in IP header processing (0x0800, 0x45, 0x06, etc.) +- **Checksum patterns**: Common instruction sequences used in checksum calculations +- **Network strings**: TCP/IP-related strings in the firmware + +When a potential checksum implementation is found, the tools provide the surrounding context to help understand the algorithm. \ No newline at end of file -- cgit v1.2.3-70-g09d2