ARMu its an free and ultra fast program to disassemble ARM binary
With filtering :
Uploaded with ImageShack.us
Armu
http://pel.hu/down/ARMu.exe
Trace32 SimArm :
www.lauterbach.com/cgi-bin/download.pl?file=simarm.zip
Trace32 OseArm :
http://www.lauterbach.com/cgi-bin/download.pl?file=osearm.zip
http://pel.hu/armu/
This seems the Developer from ARMu...
I strongly recommend debugging ARM code using Lauterbach Tools :
OSEARM < Use for elf debugging
SIMARM < Use for binary debugging
Click to expand...
Click to collapse
:good:
Maybe we could try to collect few more Tools and hints...
Best Regards
adfree said:
http://pel.hu/armu/
This seems the Developer from ARMu...
:good:
Maybe we could try to collect few more Tools and hints...
Best Regards
Click to expand...
Click to collapse
Debugging and Disassemble are same ?
Debugging and Disassemble are same ?
Click to expand...
Click to collapse
Never worked really with this to find out the difference...
Maybe we could do small workshop with SMALL files.
For instance *.so in bada and in Android...
http://forum.xda-developers.com/showthread.php?t=1372861
I have no idea. If Instructions are big important...
As you can choose between many ARM CPUs...
Best Regards
Disassembling is analysing binary code. Debugging is working with live code, being executed on device. It does allow breaking code execution at any point and dumping program state for instance. JTAG for example is debugging tool used for ARM devices. Debugging on ARMs does usually involve disassembling aswell.
//edit1:
Also please do not double threads like this: http://forum.xda-developers.com/showthread.php?t=1829802
//edit2:
About tools - ARMu is indeed pretty nice tool, but it can't even stand behind IDA. IDA beats everything when it comes to analyse and disassembly.
Related
Not sure where to post this... but now that the Android OS source is realsed, what is needed to compile a native version for Hermes?
http://source.android.com/download
MrCeddy said:
Not sure where to post this... but now that the Android OS source is realsed, what is needed to compain a native version for Hermes?
http://source.android.com/download
Click to expand...
Click to collapse
Already on kaiser, maybe can be ported:
http://forum.xda-developers.com/showthread.php?t=396782
Keep in mind this is the official OS which was released today.
Its been noted that its not that easy.
1) the CPU in the Hermes is a older ARM that doesn't support all the needed instructions.
2) We couldnt "port it", it would need to be recompiled for the Hermes's older ARM, and that would be HARD.
3) We would then need Storage/wifi/touchscreen/ect ect drivers, and someone would need to write them, theres not going to be a device with the same chipset as the Hermes to steal the drivers off, like there is for the Kaiser.
So, unless you know a lot about writing drivers/recomplieing linux, tisnt going to happen
veyka said:
Its been noted that its not that easy.
1) the CPU in the Hermes is a older ARM that doesn't support all the needed instructions.
2) We couldnt "port it", it would need to be recompiled for the Hermes's older ARM, and that would be HARD.
3) We would then need Storage/wifi/touchscreen/ect ect drivers, and someone would need to write them, theres not going to be a device with the same chipset as the Hermes to steal the drivers off, like there is for the Kaiser.
So, unless you know a lot about writing drivers/recomplieing linux, tisnt going to happen
Click to expand...
Click to collapse
Thanks for your input!
So, are you planning to fiddle with the idea??
joshkoss said:
Already on kaiser, maybe can be ported:
http://forum.xda-developers.com/showthread.php?t=396782
Click to expand...
Click to collapse
so somebody wrote the drivers for kaiser ??
Originally Posted by veyka
Its been noted that its not that easy.
1) the CPU in the Hermes is a older ARM that doesn't support all the needed instructions.
2) We couldnt "port it", it would need to be recompiled for the Hermes's older ARM, and that would be HARD.
3) We would then need Storage/wifi/touchscreen/ect ect drivers, and someone would need to write them, theres not going to be a device with the same chipset as the Hermes to steal the drivers off, like there is for the Kaiser.
So, unless you know a lot about writing drivers/recomplieing linux, tisnt going to happen
Click to expand...
Click to collapse
if somebody did manage to get it working in kaiser, it can be done for hermes ?
don't we already have working linux ports for hermes? can't the drivers be pulled from there ?
It would be sweet to have both of them ('cuz the qwerty keyboard and the large display). With a compiler i could be set on debug mode while i'd be waiting for the bus.
If you need a pascal compiler. Take a look at larazus project.
It's possible to cross compile to ARM
i tried lazarus project but without any progress.
nigh7ang3l said:
i tried lazarus project but without any progress.
Click to expand...
Click to collapse
DId you install the cross compiler package?
no, i didn't install anything. could u guide me ?
nigh7ang3l said:
no, i didn't install anything. could u guide me ?
Click to expand...
Click to collapse
How can you say that you tried larazus if you did not install it?
well .. wich part of it ? there r a lot of files in it.
For pascal i use pocket dos and old borland pascal for dos. It run great. For c++ i don't know how to do this
i didn't think about that. can you upload the files please?
try this one
(i cant post links....yet)
google it "smorgasbordet" and "Pelles C"
"Pelles C is a complete development kit for Windows and Windows Mobile. It contains among other things an optimizing C compiler, a macro assembler, a linker, a resource compiler, a message compiler, a make utility and install builders for both Windows and Windows Mobile. "
thanks mate, i apreciate. but speaking of pascal compiler?
I need a disassembler to decompile and recompile .so files which I believe are Linux binaries coded in C or C++. I am on Windows Vista and I would appreciate it if anyone could help me find Linux binary decompliers for Windows. If we are able to edit these files, Cufirmwares will be a reality!
They are signed by RSA 1024...
Best Regards
We can try to research a little bit in these files... maybe we find usefull things.
But to replace or to edit them should be very tough...
Not tested by me. I've only seen files in data folder...
Anyway, you can try and report.
Best Regards
Edit 1.
Attached little overview... based on XXJL2:
Code:
SystemFS\Osp\AppControl.so
SystemFS\Osp\BluetoothAppControl.so
SystemFS\Osp\BrowserAppControl.so
SystemFS\Osp\CalendarAppControl.so
SystemFS\Osp\CameraAppControl.so
SystemFS\Osp\CommerceAppControl.so
SystemFS\Osp\ContactAppControl.so
SystemFS\Osp\data
SystemFS\Osp\FGraphicsEgl.so
SystemFS\Osp\FGraphicsOpengl.so
SystemFS\Osp\FMediaPiServer.so
SystemFS\Osp\FMessagingPiServer.so
SystemFS\Osp\FNetPiServer.so
SystemFS\Osp\FOsp.so
SystemFS\Osp\FOspPiClient.so
SystemFS\Osp\FSecurityPiServer.so
SystemFS\Osp\FSevenPiServer.so
SystemFS\Osp\FSocialPiServer.so
SystemFS\Osp\FSystemPi.so
SystemFS\Osp\FSystemPiServer.so
SystemFS\Osp\FUixPiServer.so
SystemFS\Osp\FWebPiServer.so
SystemFS\Osp\GenericAppControl.so
SystemFS\Osp\libc-newlib.so.0
SystemFS\Osp\libCurl.so
SystemFS\Osp\libeay32.so
SystemFS\Osp\libexpat.so
SystemFS\Osp\libgcc_s.so.1
SystemFS\Osp\libm-newlib.so.0
SystemFS\Osp\libstdc++.so.6
SystemFS\Osp\libwrapper.so
SystemFS\Osp\libwrapperS.so
SystemFS\Osp\libZlib.so
SystemFS\Osp\mappserver.so
SystemFS\Osp\matrix.so
SystemFS\Osp\mbase.so
SystemFS\Osp\mbaseio.so
SystemFS\Osp\mcontentS.so
SystemFS\Osp\mdevDataSyncManagerServer.so
SystemFS\Osp\MediaAppControl.so
SystemFS\Osp\MessageAppControl.so
SystemFS\Osp\mlocCommon.so
SystemFS\Osp\mlocLocationAgent.so
SystemFS\Osp\mlocS.so
SystemFS\Osp\mosp.so
SystemFS\Osp\msAccel.so
SystemFS\Osp\msclLifelogPi.so
SystemFS\Osp\msclSnsGateway.so
SystemFS\Osp\msecCredentialManagerServer.so
SystemFS\Osp\msecCryptoPi.so
SystemFS\Osp\msecPrivilegeManagerServer.so
SystemFS\Osp\msGps.so
SystemFS\Osp\msMagnetic.so
SystemFS\Osp\msProximity.so
SystemFS\Osp\msTilt.so
SystemFS\Osp\msvcConnectionManagerServer.so
SystemFS\Osp\msvcMessageAgentServer.so
SystemFS\Osp\msWeather.so
SystemFS\Osp\msysserver.so
SystemFS\Osp\MTAdaptor.so
SystemFS\Osp\newlibAdaptor.so
SystemFS\Osp\Osp.so
SystemFS\Osp\ospmemory.so
SystemFS\Osp\OspServer.so
SystemFS\Osp\SettingAppControl.so
SystemFS\Osp\ShpAppFrmwkClient.so
SystemFS\Osp\ShpGWESMEClient.so
SystemFS\Osp\ShpGWESWinSetClient.so
SystemFS\Osp\ShpScAdaptor.so
SystemFS\Osp\ShpScPushAdaptor.so
SystemFS\Osp\ShpWinServer.so
SystemFS\Osp\SignInAppControl.so
SystemFS\Osp\SnsAuthAppControl.so
SystemFS\Osp\sqlite360.so
SystemFS\Osp\ssleay32.so
SystemFS\Osp\StubDynCast.so
SystemFS\Osp\TestUtil.so
SystemFS\Osp\WidgetAppControl.so
astrotom said:
I need a disassembler to decompile and recompile .so files which I believe are Linux binaries coded in C or C++. I am on Windows Vista and I would appreciate it if anyone could help me find Linux binary decompliers for Windows. If we are able to edit these files, Cufirmwares will be a reality!
Click to expand...
Click to collapse
Only one windows disassembler works fine with ARM Elf files - it is IDA pro. Hte can be used as a hex-editor, and is well recognize elf-header (this information may be usefull), but can not disassemble arm code.
is sharing pirated programs against the forum rules????
i found IDA pro but don't know for real how to deal with it
mylove90 said:
is sharing pirated programs against the forum rules????
i found IDA pro but don't know for real how to deal with it
Click to expand...
Click to collapse
Could you please share IDA Pro? It would be a great help!
ok it is a torrent file in fact
here you go
Mod edit: Removed link to pirated software.
We need to find a way to decrypt these RSA 1024bit encryptions somehow. Research shows that RSA 1024bit is not as secure as t seems.
mylove90 said:
ok it is a torrent file in fact
here you go
Click to expand...
Click to collapse
Thanks for that! You have by no chance the latest IDA Pro 6.1? It supports ARM code debugging and Android bytecode (Dalvik) dissassembly.
made my research and it is obviously cracked before by 3 men
they used 81 Pentium 4 processors and it took from them 104 hours to make it happen
i don't see that easy at all
no i don't have 6.1
i looked for it too but i think that version supports arm processor too
don't know about other things but i'll keep looking for it
mylove90 said:
made my research and it is obviously cracked before by 3 men
they used 81 Pentium 4 processors and it took from them 104 hours to make it happen
i don't see that easy at all
Click to expand...
Click to collapse
Well, I think 10-20 core i7 processors will more than surpass the 80 pentium 4's
mylove90 said:
made my research and it is obviously cracked before by 3 men
they used 81 Pentium 4 processors and it took from them 104 hours to make it happen
i don't see that easy at all
Click to expand...
Click to collapse
You should read more carefully as you don't understand the nature of that attack. If you had the possibility to sign arbitrary data you wouldn't need to attack the private key in the first place.
Nice would be, we would known which Cert is used. Maybe in Security folder...
Or if only public key is somewhere in the NAND...
And btw... RSA 1024 private key to "generate" is tough. More then tough.
Simple example:
A-128 Byte is public key
B-128 Byte is the Signature
Signature contains Hash Value, depend on Settings in Cert... in other Words it is encrypted Hash.
MD5 or SHA1 is very often used...
Step 1.
If you know public key you can look into Signature.
You can decrypt...
Step 2.
Depend on your result... Maybe MD5 is in the Signature. Then you have 16 Byte.
Step 3.
You have to be sure, which part of Data is hashed ...
MD5 of full Data or not.
The private key is used to encrypt MD5 in my example...
So 16 Byte MD5 is encrypted by 128 Byte private key, result is the Signature:
128 Byte
Look here. This are 128 Byte:
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Okay. Looks not soooo big.
But hey, its HEX Value...
If you try to Brute Force then you have many, many MANY combinations to try.
The hardest part is to create Software for such RSA attacks...
To click 1 Button and wait maybe 3 years is not really problem.
But there is no such Software public to try it at home.
Some smart Hacker could start with RSA 32... I have forgotten which is smallest RSA allowed in Certs...
Best Regards
hahahaha
so funny the hex value code
imagine it as binary and yes it is like a nightmare to crack
astrotom said:
I need a disassembler to decompile and recompile .so files which I believe are Linux binaries coded in C or C++. I am on Windows Vista and I would appreciate it if anyone could help me find Linux binary decompliers for Windows. If we are able to edit these files, Cufirmwares will be a reality!
Click to expand...
Click to collapse
Could you describe what exactly you are planning to change there?
mijoma said:
Could you describe what exactly you are planning to change there?
Click to expand...
Click to collapse
If you dump the ShpApp file, you will find a lot of files in .so format. I thought we could dissassmble them just like any other normal binary so that I can explore into those files and see what I can change. But as adfree added, they are RSA 1024 bit encrypted files. All you will get in ASCII or unicode is non-human readable crap! *Disappointed*
astrotom said:
If you dump the ShpApp file, you will find a lot of files in .so format. I thought we could dissassmble them just like any other normal binary so that I can explore into those files and see what I can change. But as adfree added, they are RSA 1024 bit encrypted files. All you will get in ASCII or unicode is non-human readable crap! *Disappointed*
Click to expand...
Click to collapse
They are SIGNED, not encrypted. We can disassemble them. What human-readable are you expecting to see? Is assembly human-readable enough?
adfree said:
Nice would be, we would known which Cert is used. Maybe in Security folder...
Or if only public key is somewhere in the NAND...
Click to expand...
Click to collapse
Under OSP/data for each .so file there are a .htb and a .sig file, maybe that could you help you to find what are looking for.
mijoma said:
They are SIGNED, not encrypted. We can disassemble them. What human-readable are you expecting to see? Is assembly human-readable enough?
Click to expand...
Click to collapse
I tried disassembling with IDA Pro but not much help since the disassembled code contains odd characters in some places where instead, codes should have been found.
If someone knows assembly codes, maybe he can help to rewrite the disassembled code in pure C/C++
http://www.ollydbg.de/
I have minor knowledge with OllyDbg... loooooong time ago...
Some Update Tools from Siemens... to catch Firmware from RAM...
Now I would like to sniff some functions from bada SDK... Simulator/Emulator...
But both Software not cooperate... Samsung protect their bada SDK...
Is it possible to use OllyDbg or other to better understand how Firmware is working?
Remember apps, RC1, etc. is in bada SDK too... not encrypted...
Please.
I need advice.
Thanx in advance.
Best Regards
Edit 1.
Not solved...
But now new Threadtitle...
http://www.chip.de/downloads/IDA-Pro-Free-4.9_29744270.html
Oh, not realized...
FREE Version of IDA...
Not tested yet.
Maybe good enough for first steps...
My first tests also with limited DEMO Version of IDA:
https://www.hex-rays.com/products/ida/support/download_demo.shtml
Best Regards
Edit 1.
4.9 Version of IDA...
Now found 5.0 as FREE
http://www.computerbild.de/download/IDA-Pro-Freeware-7450735.html
Edit 2.
Demo Version is 6.4...
Problem 1...
In IDA 6.4 DEMO I can click click ARM click click and IDA do something with my ELF files...
In FREE Version 5.0 I have problems to find correct setting...
See Screenshot, this Tab is complete unusable...
Any ideas?
I'm trying to open BL3 ELF...
Best Regards
adfree said:
Problem 1...
In IDA 6.4 DEMO I can click click ARM click click and IDA do something with my ELF files...
In FREE Version 5.0 I have problems to find correct setting...
See Screenshot, this Tab is complete unusable...
Any ideas?
I'm trying to open BL3 ELF...
Best Regards
Click to expand...
Click to collapse
i have IDA PRO portable, see(kona.exe):
only crazy to understand this program, too complicated.
Demo of 6.4 looks identically...
Easy click click ready...
Free Versions 5.0 and 4.9 looks different in first menu...
Maybe someone can tell us how to work with FREE Version 5.0...
Thanx in advance.
Best Regards
http://www.riffbox.org/RIFFBOX_GDB_IDA__Feel_the_FULL_power_of_IDA.swf
http://www.riffbox.org/RIFF_JTAG_GDB_SERVER_IDA_DEBUG_SAMSUNG_I9100.swf
Nice Videos... about IDA + JTAG RIFF :good:
Best Regards
Windows 10 compiled for the original Surface RT devices has leaked.
Source: BetaWiki
It would be super cool if this community managed to create a working image for the OG RTs (de-bombed & with correct drivers). Anybody here who could share the leaked image with us?
Avonlady said:
Windows 10 compiled for the original Surface RT devices has leaked.
Source: BetaWiki
It would be super cool if this community managed to create a working image for the OG RTs (de-bombed & with correct drivers). Anybody here who could share the leaked image with us?
Click to expand...
Click to collapse
Well, it hasn't exactly leaked yet. Do you have the actual file? I can add the correct drivers and remove the timebomb if I can get my hands on it
Unfortunately no, I don't have access to BetaArchive's FTP. But I would be shocked if nobody on this forum had... Fingers crossed it gets reuploaded soon.
Avonlady said:
Unfortunately no, I don't have access to BetaArchive's FTP. But I would be shocked if nobody on this forum had... Fingers crossed it gets reuploaded soon.
Click to expand...
Click to collapse
Another thing we need to find out, does it require configuration to boot? Or is it just a bootable install image?
Well I manage to get the file. Its not iso its a zip. But I have honestly not Idea what to do with it, and I try in all inventive ways, LOL!. I could make a torrent file if any its interested on. With the compromise on do a tutorial later if some one manage to do anything with it.
Qiangong2 said:
Well, it hasn't exactly leaked yet. Do you have the actual file? I can add the correct drivers and remove the timebomb if I can get my hands on it
Click to expand...
Click to collapse
To benefit the community and have more people working on this, Did you think you could do some quick howto on doing this. Or point us on the right learning path! Im so eager to learn this stuff!
hackinc2000 said:
To benefit the community and have more people working on this, Did you think you could do some quick howto on doing this. Or point us on the right learning path! Im so eager to learn this stuff!
Click to expand...
Click to collapse
In the end, I won't know how exactly to fix the timebomb unless I can see the file itself. Replacing the drivers are just as easy as copy paste into the wim file.
Qiangong2 said:
In the end, I won't know how exactly to fix the timebomb unless I can see the file itself. Replacing the drivers are just as easy as copy paste into the wim file.
Click to expand...
Click to collapse
PM you in a moment!
I've been trying to get this running on Surface 2, the way I've been trying with this is a dual boot with RT 8.1 and I've partitioned my device to allow roughly 12GB for the Windows 10 installation.
Unfortunately there is an issue with nvpep causing a BSOD that is beyond my abilities to solve, without nvpep nothing else will work. I don't have a Surface RT to test with but I read that this issue does not manifest on those devices, however it still won't work out of the box.
I've pieced together some information that might be of help if your trying to install that applies to RT and 2.
Make sure secureboot debug policy is applied and don't forget to enable testsigning and nointegritychecks. If you have Jailbreak killing updates installed its probably faster to factory reset your device.
You will need to replace sdbus.sys and ststor.sys in \Windows\system32\drivers\ with versions from RT 8.1.
You will need to edit the registry on build 15035 to disable UAC - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System - EnableLUA set value to 0.
Before booting 15035 you will need to create new directory on EFIESP in \EFI\Microsoft\Recovery and then create an empty BCD Store in that location.
If you don't add the Surface 2 drivers it will actually boot to the desktop but no devices will work (Pretty much every device requires nvpep up and running first), you can play around with it using a USB keyboard and mouse but its a little pointless at the moment.
Would it be possible to share the build with wider community, so more people can have a shot at getting it up and running? I know I would love to play around with it.
Avonlady said:
Would it be possible to share the build with wider community, so more people can have a shot at getting it up and running? I know I would love to play around with it.
Click to expand...
Click to collapse
Please make no mistake on the significance of said leak. There is no other known more-recent ARM 32bit Windows 10 build available on the Internet. The driver hacking community could appreciate a more open leak very much (just look at what it did to the Lumia 950/XL hacking scene around gus33000).. Sites like uup dot rg-adguard dot net fail to list this build.
Avonlady said:
Would it be possible to share the build with wider community, so more people can have a shot at getting it up and running? I know I would love to play around with it.
Click to expand...
Click to collapse
Found this on MDL (Mega.nz Download - I can't seem to post full URL's so remove the "_")
Code:
h_t_t_p_s:/_/mega.nz/#!mJ8BSABD!kgdXbJUTKDehFlAMJ9EXswgZs1gYvijeMEZjDNeBfqU
ChumpDrive said:
Found this on MDL (Mega.nz Download - I can't seem to post full URL's so remove the "_")
Code:
h_t_t_p_s:/_/mega.nz/#!mJ8BSABD!kgdXbJUTKDehFlAMJ9EXswgZs1gYvijeMEZjDNeBfqU
Click to expand...
Click to collapse
I might try it.
Well, what about compatibility with the Lumia 2520? Do you think it would be possible to install Win10 or at least 10S on that one too? It runs 8.1RT, like the old surface RT...
mivas said:
Well, what about compatibility with the Lumia 2520? Do you think it would be possible to install Win10 or at least 10S on that one too? It runs 8.1RT, like the old surface RT...
Click to expand...
Click to collapse
h-t-t-p-s-:-/-/-betawiki.net/wiki/Windows_10_build_15035
lxy3427 said:
h-t-t-p-s-:-/-/-betawiki.net/wiki/Windows_10_build_15035
Click to expand...
Click to collapse
Thank you very much for the link.
Sadly, it says that it doesn't support Lumia 2520... It requires a driver...
I think I won't even ask for unreleased protos, like the Lumia 2020 ("Illusionist") etc
Here's a guide how to install this build on Lumia 1520: https://translate.google.com/translate?sl=auto&tl=en&u=https://www.ithome.com/0/468/534.htm
Avonlady said:
Here's a guide how to install this build on Lumia 1520: https://translate.google.com/translate?sl=auto&tl=en&u=https://www.ithome.com/0/468/534.htm
Click to expand...
Click to collapse
Wow! Soo Nice! This makes me want to buy this phone... :good:
Can someone upload these files somewhere else from baidu?
Hello!
This is a guide to install Windows 10 ARM on Surface RT 1/2. https:_/_/_m_.ithome.com/html/469731.htm (remove all _ signs)
What do you think about this?