From b4688f336b7ba07c4f8e6be87998c7a6507e3007 Mon Sep 17 00:00:00 2001 From: Kablersalat Date: Fri, 6 Jun 2025 18:33:59 +0200 Subject: commiting to insanity --- research/firmware-strings/README.md | 148 ++++++++++++++++++++++++++++++++++++ 1 file changed, 148 insertions(+) create mode 100644 research/firmware-strings/README.md (limited to 'research/firmware-strings/README.md') diff --git a/research/firmware-strings/README.md b/research/firmware-strings/README.md new file mode 100644 index 0000000..15d7ce8 --- /dev/null +++ b/research/firmware-strings/README.md @@ -0,0 +1,148 @@ +# Firmware extracts with string command + +HARMONY.txt (firmware for a speaker/the harmony box, seems to be compressed or something only getting garbage from strings) + +HARMONY-TRIO.txt (firmware for speaker with built in clock, unlike harmony seems to actually return partially usable data) + +SIGMA-MASTER-CLOCK.txt is from the masterclock (kinda the heart of the system that shedules bing bongs etc) + +What i scower for : +- `CHK` or `CHK BAD` +- `checksum`, `crc`, `fletcher`, `xor`, `sum`, `verify` +- `traitement` (French for processing) +- `REP STREAM`, `REPIN`, `REPACK`, `REPOUT` +- `opcode`, `frame`, `trame` (French for frame) +- `F_` or `process_` function prefixes +- `validate`, `verify`, `compare`, `assert` +- `0x%04x`, `%04X`, `%04lx`, `%08X`, `%d/%d`, `%lx` (supposedly common checksum formatting) + +what claude ai told me to also search : +CHK or checksum +Direct checksum indicators +F_controle_CHK_protocole +Entry point for protocol checksum check +UI_i_lg_trame +Likely the message length used in calc +calcule, reçu, BAD +May show checksum comparison logic +F_charge_A_vars +Handles file loading with checksum +%04x, %08X, %d/%d, %lx + + + +## Notes things from SIGMA-MASTER-CLOCK + +``` +*** failed *** +TEST DE PRODUCTION +Microquartz Sigma BODET +none +%d.%d.%d.%d +## Warning: gatewayip needed but not set +bad length %d < %d +invalid RARP header +len bad %d < %d +checksum bad + ICMP Host Redirect to + ``` + +Seems to decompress its actual image and start the thing not really what i need but interesting none the less : +``` +gzip compressed +%s %s %s (%s) + Data Size: %d Bytes = + Load Address: %08x + Entry Point: %08x + Contents: + Image %d: %8ld Bytes = +Image at %08lX: + Verifying Checksum ... + Bad Data CRC +## Checking Image at %08lx ... + Bad Magic Number + Bad Header Checksum +Booting ... +## Booting image at %08lx ... +Unsupported Architecture 0x%x +Standalone Application +Wrong Image Type for %s command + XIP %s ... + Uncompressing %s ... +GUNZIP ERROR - must RESET board to recover +Unimplemented compression type %d +autostart +Can't boot image type %d +bootargs +## Transferring control to NetBSD stage-2 loader (at address %08lx) ... +## Transferring control to RTEMS (at address %08lx) ... +bootm +bootm - boot application image from memory +[addr [arg ...]] + - boot application image stored in memory +passing arguments 'arg ...'; when booting a Linux kernel, +'arg' can be the address of an initrd image +boot - boot default, i.e., run 'bootcmd' +bootd +bootd - boot default, i.e., run 'bootcmd' +iminfo +iminfo - print header information for application image +addr [addr ...] + - print header information for application image starting at + address 'addr' in memory; this includes verification of the + image contents (magic number, header and payload checksums) +imls +imls - list all images found in flash + - Prints information about all images found at sector + boundaries in flash. +List of available devices: +%-8s %08x %c%c%c +coninfo +coninfo - print console devices and information +Reset RTC... +Writting Error RTC... %d +RTC is not initialized !!! +``` + + +ive seen d of d in other files too +``` +[%d;%dm + -> +the -s option is meaningful only when verifying checksums +the -w option is meaningful only when verifying checksums +only one argument may be specified when using -c +Invalid format +%s: OK +%s: FAILED +WARNING: %d of %d computed checksums did NOT match +Couldnt close file %s +%s %s +invalid mode `%s' +parents +f-i:i-f +mv: overwrite `%s'? +unable to rename `%s' +non- +cannot remove `%s' +interactive +force +fiRr +cannot remove `.' or `..' +no files +``` + +probably not what we need but could be (might be dhcp though) +``` +couldn't read on raw listening socket -- ignoring +message too short, ignoring +Truncated packet +unrelated/bogus packet +bad IP header checksum, ignoring +packet with bad UDP checksum received, ignoring +received bogus message (bad magic) -- ignoring +oooooh!!! got some! +``` +^ oooooh got some ! (dont think that be written in a netbsd package but who knows) + + -- cgit v1.2.3-70-g09d2