Welcome
Welcome
Blog
Cameras
Hardware
Memory layout
Firmware details
Results
Debug mode
Interpreter
Reversing
Encryption
About Us
Links
Links
Downloads
Blog
 

about this blog

Here you can find latest hack progress reports and other raw information.


tags

recent entries   

GH1 related 

-April 17, 2010

Panasonic Cameras 

-April 12, 2010

Donate for GH1 hack project! 

-April 23, 2010

GH1 firmware update research 

-April 19, 2010

More info on Panasonic 

-April 14, 2010


recent comments

Never mind, I just found it... If anybody is wondering the same thing, here are ... 

-August 30, 2010

I must be dumb, but I can't find the AF TEST section in the debug ... 

-August 30, 2010

comment re-above, .474 does work, secret is to leave the flash card door open, thanks 

-August 29, 2010

Anyone know the modset for k-7 version 1.10.00.25? .474 and .txt arn't doing it for ... 

-August 29, 2010

pentax-hack.info/firmware/pan/ptool.zip This broken link! 404 error, please fix! -Thanks 

-August 13, 2010


archive

april 2010

march 2010

september 2009

august 2009



topics

General (13)

Dumping (1)

Disassembling (5)

Features (0)


admin*

Disassembling


Saturday, April 17, 2010

2:31



Current progress of GH firmware reversing can be found at:
 
 
I'll upate my blog with more technical informaton soon.
 
If you have dead GH1 (dropped, completely broken, non-functional parts) contact me, please.
 
I will be also very grateful for any information that you have, but it private information or one that can ve released to public.


Disassembling  comments (1)



Monday, April 12, 2010

2:14



All Panasonic photo cameras use proprietary LSI chips.
CPU command set looks like NM103.
 
If you want to research or modify GH1, TZ5, TZ7 etc firmware here are necessary tools
 
My firmware manipulation tool
 
It allow you to strip all unnecessary info and disassembly firmware, after modification you can use same tool to make all necessary checksums.
Unfortunately this version can't recalculate big 32 byte digest at the end of firmware.
According to my information it uses double MD5.
 
MN103 module compiled for IDA 4.9 Free
 
So, you don't need to pay anything and can legally disassembly Panasonic firmware files.
Original module source author is Hitman, plus few other guys who worked on jump tables.
 


Disassembling  comments (4)



Tuesday, August 25, 2009

10:10



Here is some illustration of progress
 
1) Primer of offset table usage to call functions. This is very interesting part, as it allows to dump vram.
 

2) Second part shows part of shooting speed related procedure, here you can find how big structure is used. I believe that at 0x68 we have mode wheel position.
 
 


Disassembling  comments (5)



Wednesday, August 12, 2009

2:37



Four necessary improvements are:
 

1) Handing of jump tables. This is very frequently used feature.

2) Script to handle offset tables (many of them are present),

   so pressing two keys automatically changes all to offsets

   (until it is proper address and stops as soon as it is not)

   add xref and start analizing procedures.

3) Many parameters are passed by registers. If we could track them somehow and  allow to quickly define this in function definition, so comments can be seen right after commands before call (ala pc.w32).

4) FR module have almost ready auto-comments. Is it desirable to make them work inside IDE (as gray auto-comments). As most people are quite new to this assembler.

If you have time and expirience working with IDA writing IDC scripts and/or plugins and modules, please, contact me.



Disassembling  comments (2)



Monday, August 10, 2009

22:53



Screenshot from disassembler during work on GX20 DSP firmware.
 
 
We are using IDA Pro 4.9 Free with special Fujitsu FR module.
If you know IDA Pro and want to help us in this hard work by writing IDC scripts,
updating FR module or just help with disassembling, contact me by email.
 


Disassembling  comments (0)




1 - 5 of 5















(c) 2009 Pentax Hacking Community