Thread: [DEVs] Firmware Summary
View Single Post
Old 02-19-2013, 04:31 PM   #14
knc1
Going Viral
knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.
 
knc1's Avatar
 
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
Main, Kernel-4.1.0 summary
47? 47!! - Unless those are a lot of "false positives", that kernel will be a lot of fun to take apart!

Deep breath now and hope that is 45 "false positives".

Spoiler:

Code:
core2quad main $ od -A d -t x1 kernel_main_4.1.0 | grep '1f 8b 08 00' 
0242880 1f 8b 08 00 00 00 00 00 02 03 ed 92 3d 6f d3 50
0243328 07 4d c7 b8 e0 84 06 00 00 1f 8b 08 00 00 00 00
0420416 00 00 00 00 00 00 00 00 00 00 00 00 1f 8b 08 00
0421920 f3 e8 34 20 00 00 00 00 da 05 00 00 1f 8b 08 00
0422128 46 2f 00 00 ab d9 d3 43 f4 0e 00 00 1f 8b 08 00
0422304 00 00 1f 8b 08 00 00 00 00 00 02 03 5d 8e 31 0e
0422432 00 00 00 1f 8b 08 00 00 00 00 00 02 03 5d 8e b1
0422544 00 00 1f 8b 08 00 00 00 00 00 02 03 63 61 60 60
0422576 d9 f0 55 30 00 00 00 1f 8b 08 00 00 00 00 00 02
0422752 00 00 00 1f 8b 08 00 00 00 00 00 02 03 5d 8d bb
0422896 1f 8b 08 00 00 00 00 00 02 03 ed 95 3b 8e db 30
0424400 ce 02 00 00 ff ff ff ff 1f 8b 08 00 00 00 00 00
0426880 0b 0b 25 0d 29 e6 0b 02 00 1f 8b 08 00 00 00 00
0433840 0f 2f ca e0 49 7f 75 00 00 1f 8b 08 00 00 00 00
0435216 01 c3 bd e2 fe 00 18 00 00 1f 8b 08 00 00 00 00
0443808 fc 07 8b bd c5 ab f4 91 00 00 1f 8b 08 00 00 00
0445520 9c 4a 22 1d 00 00 1f 8b 08 00 00 00 00 00 02 03
0447216 ed 67 35 2d 22 1d 00 00 1f 8b 08 00 00 00 00 00
0453280 b1 d2 f0 0c ab b5 0c cd 10 6f 00 00 1f 8b 08 00
0454656 1d e5 bf 01 c3 bd e2 fe 00 18 00 00 1f 8b 08 00
0459920 e0 49 7f 75 00 00 1f 8b 08 00 00 00 00 00 02 03
0460720 e6 2f 41 5a b9 c2 24 1a 00 00 1f 8b 08 00 00 00
0461376 a6 06 00 00 1e 05 00 00 1f 8b 08 00 00 00 00 00
0462864 00 00 00 00 1f 8b 08 00 00 00 00 00 02 03 ed 97
0463632 1f 8b 08 00 00 00 00 00 02 03 ed 96 b1 72 d4 30
0464208 16 df 70 c4 3a 14 00 00 1f 8b 08 00 00 00 00 00
0470544 12 f6 b9 3f 6a 26 50 19 1c 81 00 00 1f 8b 08 00
0479344 ac c7 3f 90 00 00 1f 8b 08 00 00 00 00 00 02 03
0479904 07 00 00 1f 8b 08 00 00 00 00 00 02 03 cd 95 31
0480448 8e b2 41 86 07 00 00 1f 8b 08 00 00 00 00 00 02
0481712 2b 8d 65 62 3a 14 00 00 1f 8b 08 00 00 00 00 00
0495808 13 02 00 c9 1e 4b 01 38 07 00 00 1f 8b 08 00 00
0496016 1e 4b 01 38 07 00 00 1f 8b 08 00 00 00 00 00 02
0497200 00 00 1f 8b 08 00 00 00 00 00 02 03 ed 9b 31 73
0500448 90 42 00 00 1f 8b 08 00 00 00 00 00 02 03 ed 5c
0505808 ae 14 00 00 15 02 00 00 1f 8b 08 00 00 00 00 00
0763280 38 a5 01 00 5c a5 01 00 1f 8b 08 00 00 00 00 00
0767936 cc d4 01 00 2c 12 00 00 1f 8b 08 00 00 00 00 00
0771520 ca 3f 00 00 fc 0d 00 00 1f 8b 08 00 00 00 00 00
0774224 1f 8b 08 00 00 00 00 00 02 03 ed 9d bd 8f 23 49
0778416 bd cc d4 01 00 00 00 00 1f 8b 08 00 00 00 00 00
0782640 d4 01 00 00 1f 8b 08 00 00 00 00 00 02 03 ed 9d
0789024 1f 8b 08 00 00 00 00 00 02 03 ed 9d bf 8e dc d6
0792160 1f 8b 08 00 00 00 00 00 02 03 ed 9d 4d 8f dc e6
0800064 00 00 00 00 1f 8b 08 00 00 00 00 00 02 03 ed dc
0801536 a4 05 00 00 1f 8b 08 00 00 00 00 00 02 03 ed 9d
3723776 9b 7c 41 c0 49 4b 43 46 47 5f 53 54 1f 8b 08 00


Starting from with the last one:
Code:
core2quad main $ od -A d -t x1 kernel_main_4.1.0 | grep '1f 8b 08 00' 
3723776 9b 7c 41 c0 49 4b 43 46 47 5f 53 54 1f 8b 08 00

core2quad main $ dd if=kernel_main_4.1.0 bs=1 skip=3723788 of=km-4.1.0-99.gz
1125876+0 records in
1125876+0 records out
1125876 bytes (1.1 MB) copied, 4.28303 s, 263 kB/s

core2quad main $ od -A d -t x1 km-4.1.0-99.gz | grep '1f 8b 08 00' 
0000000 1f 8b 08 00 32 5c c0 4f 02 03 94 5c 59 6f e3 38

core2quad main $ gunzip km-4.1.0-99
gzip: km-4.1.0-99.gz: decompression OK, trailing garbage ignored

core2quad main $ file km-4.1.0-99
km-4.1.0-99: ASCII English text
core2quad main $ less km-4.1.0-99
Hmm...
The dot-config for main-4.1.0, thank you Amazon, we will keep it.

Code:
core2quad main $ cp km-4.1.0-99 dot-config-main-4.1.0
core2quad main $ gzip dot-config-main-4.1.0
Later - much, too much later:
As it occurs to dumb-dumb here to read the config file saved this afternoon:
Code:
CONFIG_BLK_DEV_INITRD=y
CONFIG_INITRAMFS_SOURCE="initramfs-tequila.list"
CONFIG_INITRAMFS_ROOT_UID=0
CONFIG_INITRAMFS_ROOT_GID=0
CONFIG_RD_GZIP=y
# CONFIG_RD_BZIP2 is not set
# CONFIG_RD_LZMA is not set
CONFIG_INITRAMFS_COMPRESSION_NONE=y
# CONFIG_INITRAMFS_COMPRESSION_GZIP is not set
# CONFIG_INITRAMFS_COMPRESSION_BZIP2 is not set
# CONFIG_INITRAMFS_COMPRESSION_LZMA is not set
That explains a lot.

Knowing from the dot-config file that the initramfs file isn't compressed, then we need to search for the cpio (-H newc mode) magic number.
Ref: https://www.kernel.org/doc/Documenta...-initramfs.txt

After correcting certain cockpit errors here, ready to continue:

Having confirmed the location of the compressed dot-config, trim the kernel image by that amount:
Code:
core2quad main $ dd if=main_kernel-4.1.0.img bs=1 count=3723788 of=km-4.1.0-trim.bin 
3723788+0 records in
3723788+0 records out
3723788 bytes (3.7 MB) copied, 16.38 s, 227 kB/s
Search what remains for the cpio -H newc mode, magic number:
Spoiler:

Every record header in the cpio format starts with this same magic number.
Code:
core2quad main $ od -A d -t x1 km-4.1.0-trim.bin | grep '30 37 30 37 30 31'
0100096 30 37 30 37 30 31 30 30 30 30 30 32 44 31 30 30
0100208 65 76 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0100448 6f 6e 73 6f 6c 65 00 00 30 37 30 37 30 31 30 30
0100576 30 37 30 37 30 31 30 30 30 30 30 32 44 35 30 30
0100688 65 76 2f 7a 65 72 6f 00 30 37 30 37 30 31 30 30
0100816 6d 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0101056 6d 69 63 00 30 37 30 37 30 31 30 30 30 30 30 32
0101296 61 74 63 68 64 6f 67 00 30 37 30 37 30 31 30 30
0101424 63 30 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0101552 30 37 30 37 30 31 30 30 30 30 30 32 44 44 30 30
0101792 74 79 6d 78 63 33 00 00 30 37 30 37 30 31 30 30
0101920 63 34 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0102160 62 2f 30 00 30 37 30 37 30 31 30 30 30 30 30 32
0102288 2f 66 62 2f 30 00 00 00 30 37 30 37 30 31 30 30
0102416 6b 30 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0102544 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0102672 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0102800 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0102928 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0103056 30 37 30 37 30 31 30 30 30 30 30 32 45 39 30 30
0103184 30 37 30 37 30 31 30 30 30 30 30 32 45 41 30 30
0103312 30 37 30 37 30 31 30 30 30 30 30 32 45 42 30 30
0103440 30 37 30 37 30 31 30 30 30 30 30 32 45 43 30 30
0103568 30 37 30 37 30 31 30 30 30 30 30 32 45 44 30 30
0103680 65 76 2f 6d 74 64 00 00 30 37 30 37 30 31 30 30
0103808 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0103936 30 37 30 37 30 31 30 30 30 30 30 32 46 30 30 30
0104176 74 64 2f 33 00 00 00 00 30 37 30 37 30 31 30 30
0104304 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0104432 30 37 30 37 30 31 30 30 30 30 30 32 46 34 30 30
0105440 6f 6f 70 30 00 00 00 00 30 37 30 37 30 31 30 30
0105568 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0105696 30 37 30 37 30 31 30 30 30 30 30 32 46 45 30 30
0105936 32 63 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0106064 30 37 30 37 30 31 30 30 30 30 30 33 30 31 30 30
0106304 32 63 2f 32 00 00 00 00 30 37 30 37 30 31 30 30
0106432 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0106560 6e 74 30 00 30 37 30 37 30 31 30 30 30 30 30 33
0106688 6e 74 31 00 30 37 30 37 30 31 30 30 30 30 30 33
0106800 30 30 2f 70 72 6f 63 00 30 37 30 37 30 31 30 30
0107056 69 6c 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0107168 30 30 2f 72 6f 6f 74 00 30 37 30 37 30 31 30 30
0107408 6f 64 75 6c 65 73 00 00 30 37 30 37 30 31 30 30
0107648 66 6d 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0190832 02 54 01 00 30 37 30 37 30 31 30 30 30 30 30 33
0263440 30 37 30 37 30 31 30 30 30 30 30 33 31 32 30 30
0335152 02 c3 02 00 30 37 30 37 30 31 30 30 30 30 30 33
0400304 30 37 30 37 30 31 30 30 30 30 30 33 31 35 30 30
0524528 30 37 30 37 30 31 30 30 30 30 30 33 31 37 30 30
0542656 02 80 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0554064 02 42 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0554176 30 30 2f 62 69 6e 00 00 30 37 30 37 30 31 30 30
0580512 30 37 30 37 30 31 30 30 30 30 30 33 31 42 30 30
0592752 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0632160 30 37 30 37 30 31 30 30 30 30 30 33 31 44 30 30
0852464 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0854736 01 00 00 00 00 00 00 00 30 37 30 37 30 31 30 30
0918400 30 37 30 37 30 31 30 30 30 30 30 33 32 31 30 30


So starting at the first one, is the correct place to start if wanting the entire cpio archive:
Code:
core2quad main $ od -A d -t x1 km-4.1.0-trim.bin | grep '30 37 30 37 30 31'
0100096 30 37 30 37 30 31 30 30 30 30 30 32 44 31 30 30

core2quad main $ dd if=km-4.1.0-trim.bin bs=1 skip=100096 of=km-4.1.0-trim.cpio 
3623692+0 records in
3623692+0 records out
3623692 bytes (3.6 MB) copied, 16.2501 s, 223 kB/s

core2quad main $ file km-4.1.0-trim.cpio
km-4.1.0-trim.cpio: ASCII cpio archive (SVR4 with no CRC)
Now you must become the administrative user to correctly un-archive permissions, ownership and special devices.
**BE CERTAIN** to use the: '--no-absolute-filenames' option.
Code:
core2quad main $ mkdir cpio
core2quad main $ cd cpio
core2quad cpio $ sudo su

core2quad cpio # cpio -i -d -m  --no-absolute-filenames -I ../km-4.1.0-trim.cpio
cpio: Removing leading `/' from member names
1914 blocks

core2quad cpio # ls -l
total 28
drwxr-xr-x 2 root root 4096 2013-02-20 16:59 bin
drwxr-xr-x 7 root root 4096 2013-02-20 16:59 dev
lrwxrwxrwx 1 root root   18 2013-02-20 16:59 init -> /bin/recovery-util
drwxr-xr-x 3 root root 4096 2013-02-20 16:59 lib
drwxr-xr-x 3 root root 4096 2013-02-20 16:59 mnt
drwxr-xr-x 2 root root 4096 2012-05-25 23:29 proc
drwx------ 2 root root 4096 2012-05-25 23:29 root
drwxr-xr-x 2 root root 4096 2012-05-25 23:29 sys

core2quad cpio # cd ..
core2quad main # tar --create --gzip --file=cpio-main-4.1.0.tar.gz cpio
Thank you Amazon, we will keep that one also.
Attached Files
File Type: gz dot-config-main-4.1.0.gz (9.7 KB, 278 views)
File Type: gz main-4.1.0-irfs.tar.gz (491.0 KB, 286 views)
Last edited by knc1; 02-21-2013 at 07:02 PM.
knc1 is offline   Reply With Quote