Welcome
Welcome
Blog
Cameras
Hardware
Memory layout
Firmware details
Results
Debug mode
Interpreter
Reversing
Encryption
About Us
Links
Links
Downloads
Blog
 

about this blog

Here you can find latest hack progress reports and other raw information.


tags

recent entries   

GH1 related 

-April 17, 2010

Panasonic Cameras 

-April 12, 2010

Donate for GH1 hack project! 

-April 23, 2010

GH1 firmware update research 

-April 19, 2010

More info on Panasonic 

-April 14, 2010


recent comments

When your supplemental succeeds, you on too. You aren’t in contention with each other to ... 

-October 03, 2019

In some ways, splitting from with a co-conspirator you logical with but aren’t married to ... 

-October 03, 2019

When your share in succeeds, you follow to too. You aren’t in make an analogy ... 

-October 02, 2019

In some ways, splitting from with a doodad you accepted with but aren’t married to ... 

-October 02, 2019

When your party succeeds, you succeed to too. You aren’t in controversy with each other ... 

-October 02, 2019


archive

april 2010

march 2010

september 2009

august 2009



topics

General (13)

Dumping (1)

Disassembling (5)

Features (0)


admin*

Disassembling


Saturday, April 17, 2010

7:31



Current progress of GH firmware reversing can be found at:
 
 
I'll upate my blog with more technical informaton soon.
 
If you have dead GH1 (dropped, completely broken, non-functional parts) contact me, please.
 
I will be also very grateful for any information that you have, but it private information or one that can ve released to public.


Disassembling  comments (1)



Monday, April 12, 2010

7:14



All Panasonic photo cameras use proprietary LSI chips.
CPU command set looks like NM103.
 
If you want to research or modify GH1, TZ5, TZ7 etc firmware here are necessary tools
 
My firmware manipulation tool
 
It allow you to strip all unnecessary info and disassembly firmware, after modification you can use same tool to make all necessary checksums.
Unfortunately this version can't recalculate big 32 byte digest at the end of firmware.
According to my information it uses double MD5.
 
MN103 module compiled for IDA 4.9 Free
 
So, you don't need to pay anything and can legally disassembly Panasonic firmware files.
Original module source author is Hitman, plus few other guys who worked on jump tables.
 


Disassembling  comments (4)



Tuesday, August 25, 2009

15:10



Here is some illustration of progress
 
1) Primer of offset table usage to call functions. This is very interesting part, as it allows to dump vram.
 

2) Second part shows part of shooting speed related procedure, here you can find how big structure is used. I believe that at 0x68 we have mode wheel position.
 
 


Disassembling  comments (5)



Wednesday, August 12, 2009

7:37



Four necessary improvements are:
 

1) Handing of jump tables. This is very frequently used feature.

2) Script to handle offset tables (many of them are present),

   so pressing two keys automatically changes all to offsets

   (until it is proper address and stops as soon as it is not)

   add xref and start analizing procedures.

3) Many parameters are passed by registers. If we could track them somehow and  allow to quickly define this in function definition, so comments can be seen right after commands before call (ala pc.w32).

4) FR module have almost ready auto-comments. Is it desirable to make them work inside IDE (as gray auto-comments). As most people are quite new to this assembler.

If you have time and expirience working with IDA writing IDC scripts and/or plugins and modules, please, contact me.



Disassembling  comments (2)



Tuesday, August 11, 2009

3:53



Screenshot from disassembler during work on GX20 DSP firmware.
 
 
We are using IDA Pro 4.9 Free with special Fujitsu FR module.
If you know IDA Pro and want to help us in this hard work by writing IDC scripts,
updating FR module or just help with disassembling, contact me by email.
 


Disassembling  comments (0)




1 - 5 of 5















(c) 2009 Pentax Hacking Community