FreeCalypso > hg > freecalypso-reveng
view arm7dis/README @ 215:d69f7512e3c1
Pirelli: documented and verified the checksum scheme used for the factory block
author | Mychaela Falconia <falcon@freecalypso.org> |
---|---|
date | Sun, 25 Dec 2016 23:48:16 +0000 |
parents | c883e60df239 |
children |
line wrap: on
line source
The present package is a basic standalone disassembler for the ARMv4T instruction set implemented on the ARM7TDMI CPU core, commonly used in classic cellular phone baseband processors. The armdis utility interprets an arbitrary raw binary image (i.e., one being reverse-engineered) as 32-bit ARM instructions; thumbdis interprets the same image as 16-bit Thumb instructions. The form in which the disassembly output is presented is a look-and-feel copycat of GNU objdump: armdis is meant to replace objdump -b binary -m arm -EL -M reg-names-std -D unknown-firmware.bin and thumbdis is meant to replace objdump -b binary -m arm -EL -M reg-names-std -M force-thumb -D unknown-fw.bin Aside from sparing the operator from having to remember all those options every single time, and aside from being an independent from-scratch implementation (lean and mean, only knows how to disassemble those instructions which are meaningful on ARM7TDMI), these tools have one other feature which partly prompted me to write them: whenever *dis disassembles a PC-relative ldr instruction, it shows the value pulled from the literal pool on that ldr line. In the reverse engineering jobs I've had to do, it has been a very valuable feature for me. Happy hacking, Spacefalcon the Outlaw