Page 4 of 16 FirstFirst 1234567814 ... LastLast
Results 31 to 40 of 158
  1. Collapse Details
    #31
    Default
    Quote Originally Posted by someone1.00 View Post
    I don't say anything about gzip headers or even it's signature in firmware. And it's not a secret that FirmwareData_user_xxxxxxx_loader.dat is not a firmware itself. Its a container and even encrypted firmware file lay inside it not in a simple way. And sure you will not find any plain text in crypted firmware.
    About encryption. I cannot tall anything about it at this moment.
    If you cannot decrypt the FirmwareData file, where did you get the information about the tar format, *.img's and scenarios? It sounds right, but how did you discover it?


    Reply With Quote
     

  2. Collapse Details
    #32
    Default
    Quote Originally Posted by rdrr View Post
    If you cannot decrypt the FirmwareData file, where did you get the information about the tar format, *.img's and scenarios? It sounds right, but how did you discover it?
    It's better than truth its how it is I can access decripted files from firmware.


    Reply With Quote
     

  3. Collapse Details
    #33
    Default
    i have nex 5n , when may occur the first firmware?


    Reply With Quote
     

  4. Collapse Details
    #34
    Default
    I misunderstand a structure of a firmware. It's not a simple tar but the tar is a part of a firmware.


    Reply With Quote
     

  5. Collapse Details
    #35
    Default
    I’ve finished with my investigations. At this point I have two ways. Modify the firmware for myself or share the algo and the key. In last case I want to try to decrypt a77 firmware. The algo I know is not compatible with it, nex5n, a57 and 65. I need to be donated to be able to buy nex 3 a77 and nex 5n. If any community will be able to support me I will share algo and key.It can decrypt any nex 3, nex 5 firmmwares, VG10, a33 and a55. I can create a windows executable that will take an updater files or an updater itself and extract firmware from it. I can prove my knowledge in any way. I can suggest to open a small middle part of a firmware (one means any) not less when 1K and not too big. But it’s only a suggestion.
    Here is a short video https://rapidshare.com/files/2428685917/Video5.avi
    fw.tar is a part of the firmware I’ve talked earlier. The end of archive warning is a 7z warning. The tar is pretty solid for me but probably not finished with proper empty spaces. I found this right now and don’t want to lose a time to investigate. I've browse some files structure (full listing is below) and extracted most interesting images. I’ve used some commercial software to assure it’s not a fake screen. And yes I can create such fake tar but content of the linux images looks pretty fine for me. You can see headers and different notes… I’ve searching for sony word inside it.
    Below is a file/directory list from some firmware
    usr2
    usr2/data
    usr2/data/sound
    usr2/data/BEEPDATA.BIN
    usr2/data/scenarios
    usr2/data/scenarios/app_cwb_snr.esf
    usr2/data/scenarios/app_rec_snr.esf
    usr2/data/scenarios/app_uud_snr.esf
    usr2/data/scenarios/app_eps_rsf.rsf
    usr2/data/scenarios/app_repair_snr.esf
    usr2/data/scenarios/app_palette_snr.esf
    usr2/data/scenarios/app_movie_rec_snr.esf
    usr2/data/scenarios/app_stg_snr.esf
    usr2/data/scenarios/app_hdmi_snr.esf
    usr2/data/scenarios/app_play_snr.esf
    usr2/data/scenarios/app_dlg_snr.esf
    usr2/data/scenarios/app_rhg_snr.esf
    usr2/data/scenarios/app_dds_snr.esf
    usr2/data/scenarios/app_usb_snr.esf
    usr2/data/scenarios/app_top_snr.esf
    usr2/data/scenarios/app_menu_snr.esf
    usr2/boot
    usr2/boot/initrd.img
    usr2/boot/vmlinux.bin
    usr2/boot/rootfs.img
    usr2/ex_conf_223.h
    avsys
    avsys/av.bin
    avsys/sa_srec.bin
    avsys/ancy_ipl.bin
    avsys/ancy.bin
    boot
    boot/GPS
    boot/ACCY
    boot/factory
    boot/factory/Asys.bin
    boot/factory/initreg.bin
    boot/factory/Hsys.bin
    boot/factory/ex_cnf.bin
    boot/cas
    boot/cas/CA_FROM.BIN
    boot/cas/CA_FRAM.BIN
    boot/cas/BRD.bin
    boot/backup
    usr
    usr/log
    usr/bin
    usr/bin/mpr_monio
    usr/bin/app
    usr/bin/app/main.sh
    usr/bin/app/deviceInfo.xml
    usr/bin/app/main
    usr/bin/app/haif.ko
    usr/bin/app/serr.ko
    usr/bin/app/main3.sh
    usr/bin/debugio
    usr/bin/mpr_viewLog
    usr/bin/memtool
    usr/bin/sen
    usr/bin/usr_up
    usr/bin/testcmd
    usr/bin/debugio_core
    usr/bin/ud_datcnv
    usr/bin/av_conio
    usr/bin/up
    usr/lib
    usr/lib/libadj30.so
    usr/lib/libpro00.so
    usr/lib/libadj33.so
    usr/lib/libwtle.so
    usr/lib/libSnr.so
    usr/lib/libosal.so
    usr/lib/libcmdcmm.so
    usr/lib/libadj36.so
    usr/lib/libBackupTable.so
    usr/lib/libusbcmd.so
    usr/lib/libul_debug.so
    usr/lib/libadj32.so
    usr/lib/libpro01.so
    usr/lib/libadj31.so
    usr/lib/libadj37.so
    usr/lib/libul_xml.so
    usr/lib/libpro11.so
    usr/lib/libBackupCore.so
    usr/lib/libusb.so
    usr/lib/libdebugprintf.so
    usr/lib/libgps.so
    usr/lib/libadj34.so
    usr/lib/libAppBackupApi.so
    usr/lib/libupdatercommon.so
    usr/lib/libsencore.so
    usr/lib/libitype.so
    usr/lib/libupdaterapi.so
    usr/lib/libAppSenserApi.so


    Reply With Quote
     

  6. Collapse Details
    #36
    Default
    Hey that's pretty fantastic! How did you find the algorithm and key? Annoyingly I only have a 5n to play with so I'm still investigating, though I think you should share your methods anyway because it might help ;D


    Reply With Quote
     

  7. Collapse Details
    #37
    Default
    Quote Originally Posted by rdrr View Post
    Hey that's pretty fantastic! How did you find the algorithm and key? Annoyingly I only have a 5n to play with so I'm still investigating, though I think you should share your methods anyway because it might help ;D

    I will share it only if i'll be sure it will not work for older firmware versions. This will not lat manufacturer to prevent this. And yes it can be prevented very simple. And one more thing... It took almost a year to crack it. And will not be much faster second time from the beginning.


    Reply With Quote
     

  8. Collapse Details
    #38
    Default
    If you can improve the video bitrate on the Nex-5n Ill give you 100 and a ham sandwich. Game on!


    Reply With Quote
     

  9. Collapse Details
    #39
    Default
    So how can we help? What is your plan moving forward? Are you planning on releasing the freed firmware to the community once you've verified it will work with all existing models?

    Quote Originally Posted by someone1.00 View Post
    I will share it only if i'll be sure it will not work for older firmware versions. This will not lat manufacturer to prevent this. And yes it can be prevented very simple. And one more thing... It took almost a year to crack it. And will not be much faster second time from the beginning.


    Reply With Quote
     

  10. Collapse Details
    support
    #40
    Default
    I know a while back there were a lot of people in this group pledging money to anyone who could hack the firmware. I'd post something here, I think you'll get a lot of feed back. https://vimeo.com/groups/nexvg10


    Reply With Quote
     

Page 4 of 16 FirstFirst 1234567814 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •