2014-07-11 |
Michael Spacefalcon |
leo-obj/l1_custom_int/l1_cust.hints: created
|
2014-07-10 |
Michael Spacefalcon |
leo-obj/l1_custom_int: ind_os.hints added
|
2014-07-10 |
Michael Spacefalcon |
leo-obj/l1_custom_int: added
|
2014-07-06 |
Michael Spacefalcon |
objgrep/README written
|
2014-07-04 |
Michael Spacefalcon |
objgrep-fe: works after fixing a buglet
|
2014-07-04 |
Michael Spacefalcon |
objgrep-fe written, compiles
|
2014-07-04 |
Michael Spacefalcon |
objgrep -r: dump symbols in other sections recovered through relocs
|
2014-07-04 |
Michael Spacefalcon |
objgrep: -r implemented
|
2014-07-04 |
Michael Spacefalcon |
objgrep: -s implemented
|
2014-07-04 |
Michael Spacefalcon |
objgrep: parsing of -r and -s options implemented, no functionality yet
|
2014-07-04 |
Michael Spacefalcon |
objgrep: weed out empty source sections
|
2014-07-04 |
Michael Spacefalcon |
objgrep: works after fixing a buglet
|
2014-07-04 |
Michael Spacefalcon |
objgrep: written, compiles
|
2014-06-30 |
Michael Spacefalcon |
leo-obj/osx_na7_db/osx.hints: created
|
2014-06-30 |
Michael Spacefalcon |
leo-obj: starting to look at OSX
|
2014-06-15 |
Michael Spacefalcon |
leo-obj/frame_na7_db_ir: os_mem.hints added
|
2014-06-15 |
Michael Spacefalcon |
leo-obj/frame_na7_db_fl: os_{sem,tim}.hints created
|
2014-05-15 |
Michael Spacefalcon |
locked C139 bootloader reverse-engineered
|
2014-05-15 |
Michael Spacefalcon |
starting to examine Tracfone's locked C139 bootloader
|
2014-05-15 |
Michael Spacefalcon |
malware version of the C118 bootloader reversed
|
2014-05-15 |
Michael Spacefalcon |
C123 bootloader re complete
|
2014-05-15 |
Michael Spacefalcon |
start of C123 bootloader re
|
2014-05-14 |
Michael Spacefalcon |
mot931c break-in procedure cracked
|
2014-05-03 |
Michael Spacefalcon |
leo-obj: started analyzing frame_na7_db_ir objects
|
2014-05-02 |
Michael Spacefalcon |
tiobjd ctypes: print more useful hex byte offsets for struct fields
|
2014-05-02 |
Michael Spacefalcon |
leo-obj/frame_na7_db_fl: extract ctypes info as well
|
2014-05-02 |
Michael Spacefalcon |
leo-obj: frame_na7_db_fl/os_pro.obj disassembles the way it should
|
2014-05-01 |
Michael Spacefalcon |
tiobjd disasm: implemented -l option to show line markers
|
2014-05-01 |
Michael Spacefalcon |
tiobjd disasm -g: line break after function locals
|
2014-04-29 |
Michael Spacefalcon |
tiobjd disasm -g: dump of function locals implemented
|
2014-04-29 |
Michael Spacefalcon |
tiobjd richsym handling: prep for handling function locals
|
2014-04-29 |
Michael Spacefalcon |
tiobjd disasm -g: support -b as well
|
2014-04-29 |
Michael Spacefalcon |
tiobjd: beginning of disasm -g
|
2014-04-29 |
Michael Spacefalcon |
tiobjd ctypes: buglet in the -bb mode
|
2014-04-29 |
Michael Spacefalcon |
tiobjd: ctypes command implemented
|
2014-04-28 |
Michael Spacefalcon |
tiobjd: started implementing rich symbolic info parsing
|
2014-04-28 |
Michael Spacefalcon |
tiobjd: raw dump of line number records implemented
|
2014-04-28 |
Michael Spacefalcon |
tiobjd: show symtab aux entries
|
2014-04-27 |
Michael Spacefalcon |
leo-obj: started disassembling frame_na7_db_ir
|
2014-04-09 |
Michael Spacefalcon |
OSL flash objects: created disasm hints for os_com through os_mis
|
2014-04-07 |
Michael Spacefalcon |
tiobjd disasm: smarter logic for when the <end of section> line
|
2014-04-07 |
Michael Spacefalcon |
leo-obj: starting to examine GPF OSL objects
|
2014-04-07 |
Michael Spacefalcon |
leo-obj/main: hints for init.obj
|
2014-04-07 |
Michael Spacefalcon |
tiobjd: disasm hints work now
|
2014-04-07 |
Michael Spacefalcon |
tiobjd: disasm of code and data sections unified
|
2014-04-07 |
Michael Spacefalcon |
tiobjd: implemented parsing of the hint input files
|
2014-04-07 |
Michael Spacefalcon |
tiobjd: Thumb bl w/o reloc: find symbol if there is one
|
2014-04-07 |
Michael Spacefalcon |
leo-obj/Makefile: created
|
2014-04-06 |
Michael Spacefalcon |
leo-obj/main: created
|
2014-04-06 |
Michael Spacefalcon |
leo-obj project subtree started, tiobjd tool moved into it
|
2014-04-06 |
Michael Spacefalcon |
miscellaneous C programs moved out of the top level directory
|
2014-04-05 |
Michael Spacefalcon |
tiobjd disasm: initial hook-in of the hints mechanism
|
2014-04-05 |
Michael Spacefalcon |
tiobjd: section disasm mode hinting rethought
|
2014-04-05 |
Michael Spacefalcon |
tiobjd: first preparations for adding disasm hints mechanism
|
2014-04-04 |
Michael Spacefalcon |
tiobjd disasm: bss handling
|
2014-04-04 |
Michael Spacefalcon |
tiobjd disasm: data section handling added
|
2014-04-04 |
Michael Spacefalcon |
tiobjd: handling of $CODE16 symbols at byte positions
|
2014-04-04 |
Michael Spacefalcon |
tiobjd Thumb disasm: compute results of adding to pc
|
2014-04-04 |
Michael Spacefalcon |
tiobjd: handling of symbol-less relocs
|
2014-04-04 |
Michael Spacefalcon |
tiobjd: auto-translation of section-relative relocs made more conservative
|
2014-04-04 |
Michael Spacefalcon |
tiobjd: sorted profile output
|
2014-04-03 |
Michael Spacefalcon |
tiobjd: better handling of section-relative relocs
|
2014-04-03 |
Michael Spacefalcon |
tiobjd: Thumb_BL reloc handling
|
2014-04-03 |
Michael Spacefalcon |
tiobjd: retain the original symtab order for symbols at the same position
|
2014-04-03 |
Michael Spacefalcon |
tiobjd: literal reloc recognition restricted to RTYPE_LONG
|
2014-04-03 |
Michael Spacefalcon |
tiobjd: ARM_B reloc handling
|
2014-04-03 |
Michael Spacefalcon |
tiobjd: recognizing relocs in ldr literals
|
2014-04-03 |
Michael Spacefalcon |
tiobjd disasm: beginning of reloc handling
|
2014-04-03 |
Michael Spacefalcon |
tiobjd: disassembly integrated, no relocs or hints yet
|
2014-04-03 |
Michael Spacefalcon |
tiobjd: higher-level reloc handling
|
2014-03-31 |
Michael Spacefalcon |
C156 boot code cracked
|
2014-03-31 |
Michael Spacefalcon |
C156 boot code disassembly started
|
2014-03-31 |
Michael Spacefalcon |
arm7dis: README and header comments added
|
2014-03-31 |
Michael Spacefalcon |
analysis of what osmocon's voodoo payloads disassemble to in ARM/Thumb
|
2014-03-31 |
Michael Spacefalcon |
C139 boot ROM fully cracked
|
2014-03-31 |
Michael Spacefalcon |
C139 boot re: got to UART initialization
|
2014-03-31 |
Michael Spacefalcon |
thumbdis: buglet in the decoding of sub-from-sp
|
2014-03-31 |
Michael Spacefalcon |
c139 boot re: entry code analyzed
|
2014-03-31 |
Michael Spacefalcon |
thumbdis: nop recognition
|
2014-03-31 |
Michael Spacefalcon |
C139 boot re: use thumbdis
|
2014-03-31 |
Michael Spacefalcon |
C139 boot re: C140 differences noted
|
2014-03-31 |
Michael Spacefalcon |
C139 boot re setup using the new arm7dis
|
2014-03-30 |
Michael Spacefalcon |
thumbdis written, compiles
|
2014-03-30 |
Michael Spacefalcon |
arm7dis/Makefile: install added
|
2014-03-30 |
Michael Spacefalcon |
armdis: swp decoding implemented
|
2014-03-30 |
Michael Spacefalcon |
armdis: ldm/stm decoding implemented
|
2014-03-30 |
Michael Spacefalcon |
armdis: buglet in literal pool handling: forgot to add base_vma
|
2014-03-30 |
Michael Spacefalcon |
armdis: full ldr/str decoding implemented
|
2014-03-30 |
Michael Spacefalcon |
armdis: ldr/str decoding implemented (but not PC-relative ldr yet)
|
2014-03-29 |
Michael Spacefalcon |
armdis: implemented decoding of multiplication instructions
|
2014-03-29 |
Michael Spacefalcon |
armdis: BX/MRS/MSR decoding implemented
|
2014-03-29 |
Michael Spacefalcon |
armdis: implemented decoding of data processing instructions
|
2014-03-29 |
Michael Spacefalcon |
armdis: skeleton compiles
|
2014-03-28 |
Michael Spacefalcon |
beginning of ARM7 disassembler
|
2014-03-27 |
Michael Spacefalcon |
compal boot ROM re: minor progress
|
2014-03-27 |
Michael Spacefalcon |
beginning of C139 boot ROM re
|
2014-03-26 |
Michael Spacefalcon |
tiobjd: known reloc types defined
|
2014-03-26 |
Michael Spacefalcon |
tiobjd: beginning of reloc handling
|
2014-03-26 |
Michael Spacefalcon |
tiobjd: symbol sorting implemented
|
2014-03-26 |
Michael Spacefalcon |
tiobjd: preparation for symbol sorting
|
2014-03-26 |
Michael Spacefalcon |
tiobjd: profile operation implemented
|
2014-03-26 |
Michael Spacefalcon |
tiobjd: symbol storage classes decoded into mnemonics
|
2014-03-25 |
Michael Spacefalcon |
tiobjd: basics dump streamlined
|
2014-03-25 |
Michael Spacefalcon |
ticoff/Makefile: install added
|
2014-03-25 |
Michael Spacefalcon |
tiobjd: dumpsym implemented
|
2014-03-25 |
Michael Spacefalcon |
tiobjd: a little refactoring
|
2014-03-25 |
Michael Spacefalcon |
tiobjd: symbol table parsing implemented
|
2014-03-25 |
Michael Spacefalcon |
Pirelli PCB re: Winbond chip connections
|
2014-03-22 |
Michael Spacefalcon |
tiobjd: successful parsing of the section header table
|
2014-03-22 |
Michael Spacefalcon |
tiobjd started
|
2014-03-13 |
Michael Spacefalcon |
Pirelli PCB re: major refdeses assigned
|
2014-02-10 |
Michael Spacefalcon |
pirelli preboot re: figured out the triggering condition
|
2014-02-09 |
Michael Spacefalcon |
started disassembly of Pirelli's boot code
|
2014-02-02 |
Michael Spacefalcon |
atsc hack: apparently this AT@SC command needs double quotes
|
2014-02-02 |
Michael Spacefalcon |
atsc hack written
|
2014-01-16 |
Michael Spacefalcon |
rfcap-grep.c hack-utility written
|
2013-12-02 |
Michael Spacefalcon |
Pirelli PCB RE: another failed attempt at tracing the keypad connections
|
2013-12-02 |
Michael Spacefalcon |
Pirelli PCB RE: got some success with the LCD connector pinout
|
2013-12-01 |
Michael Spacefalcon |
Pirelli PCB RE: attempt to trace out KBC/KBR lines stopped by grind-down damage
|
2013-11-29 |
Michael Spacefalcon |
imeibrute written
|
2013-11-29 |
Michael Spacefalcon |
Pirelli's IMEI obfuscation cracked!
|
2013-11-13 |
Michael Spacefalcon |
Pirelli PCB: some measurements of the debug connector footprint
|
2013-11-12 |
Michael Spacefalcon |
some success in finding familiar TI code in moko11 and Pirelli fw binary images
|
2013-10-20 |
Michael Spacefalcon |
Pirelli PCB tracing: voice band i/f, MCSI and MODEM UART
|
2013-08-02 |
Michael Spacefalcon |
Pirelli PCB: traced the earpiece and loudspeaker analog signals
|
2013-07-28 |
Michael Spacefalcon |
another Pirelli PCB tracing session, focusing on the display subsystem
|
2013-07-26 |
Michael Spacefalcon |
factdiff: print the number of bytes in each varying chunk
|
2013-07-25 |
Michael Spacefalcon |
factdiff utility written
|
2013-07-24 |
Michael Spacefalcon |
pirollback: resurrect file descendant chains
|
2013-07-24 |
Michael Spacefalcon |
pirollback: actual rollback utility implemented, compiles
|
2013-07-07 |
Michael Spacefalcon |
pirollback: catino implemented, works
|
2013-07-07 |
Michael Spacefalcon |
pirollback dumpjournal utility: print some additional info
|
2013-07-07 |
Michael Spacefalcon |
pirollback: dumpjournal utility written, works
|
2013-07-07 |
Michael Spacefalcon |
pirollback: journal parsing implemented
|
2013-07-06 |
Michael Spacefalcon |
pirollback: pathname reconstruction implemented
|
2013-07-06 |
Michael Spacefalcon |
pirollback: name check implemented
|
2013-07-06 |
Michael Spacefalcon |
pirollback: tree walk implemented
|
2013-07-06 |
Michael Spacefalcon |
pirollback: started
|
2013-07-05 |
Michael Spacefalcon |
MPFFS description: documented relocated chunks and the journal file
|
2013-07-01 |
Michael Spacefalcon |
mpffs-cat and mpffs-xtr converted to use the new extra chunk handling
|
2013-07-01 |
Michael Spacefalcon |
iterate_extra_chunks() function written, mpffs-ls converted to use it
|
2013-07-01 |
Michael Spacefalcon |
mpffs-dbgls: reworked for the new understanding of relocated chunks
|
2013-06-30 |
Michael Spacefalcon |
mpffs-cat: more sensible handling of -v
|
2013-06-30 |
Michael Spacefalcon |
mpffs-xtr ported over
|
2013-06-30 |
Michael Spacefalcon |
mpffs-cat implemented
|
2013-06-30 |
Michael Spacefalcon |
mpffs-rdutils: pathname search implemented
|
2013-06-30 |
Michael Spacefalcon |
mpffs-dbgls implemented
|
2013-06-30 |
Michael Spacefalcon |
mpffs-ls: report the full chunk length of the /.journal file
|
2013-06-30 |
Michael Spacefalcon |
mpffs-ls reports file sizes
|
2013-06-30 |
Michael Spacefalcon |
mpffs-ls works with the length code stubbed out
|
2013-06-30 |
Michael Spacefalcon |
mpffs-rdutils code started
|
2013-06-30 |
Michael Spacefalcon |
Mokopir-FFS: verbal description finished
|
2013-06-30 |
Michael Spacefalcon |
beginning of Mokopir-FFS verbal description
|
2013-05-18 |
Michael Spacefalcon |
MysteryFFS: extract utility seems to work
|
2013-05-18 |
Michael Spacefalcon |
MysteryFFS: beginning of the extract utility
|
2013-05-18 |
Michael Spacefalcon |
MysteryFFS dump2: dumping all file fragments
|
2013-05-18 |
Michael Spacefalcon |
MysteryFFS: dump2 started, dumping the initial frag of each file
|
2013-05-18 |
Michael Spacefalcon |
MysteryFFS dump1 tool written
|
2013-05-18 |
Michael Spacefalcon |
beginning to explore MysteryFFS
|
2013-04-25 |
Michael Spacefalcon |
boot ROM re: some sensible documentation written up
|
2013-04-25 |
Michael Spacefalcon |
boot ROM re: some better comments
|
2013-04-25 |
Michael Spacefalcon |
boot ROM re: appears to be complete!
|
2013-04-25 |
Michael Spacefalcon |
boot ROM re: got through the <w handler
|
2013-04-25 |
Michael Spacefalcon |
boot ROM re: getting the download state machine, <p parsed
|
2013-04-25 |
Michael Spacefalcon |
boot ROM re: unraveling the response message routine
|
2013-04-24 |
Michael Spacefalcon |
boot ROM re: starting to unravel the serial command handling
|
2013-04-24 |
Michael Spacefalcon |
boot ROM re: continuing plowing through the serial protocol code
|
2013-04-24 |
Michael Spacefalcon |
boot ROM re: making inroads into the 0x2c8 routine
|
2013-04-21 |
Michael Spacefalcon |
boot ROM re: got to the 0x1090 routine
|
2013-04-20 |
Michael Spacefalcon |
Pirelli PCB rev eng: finally have something worthy to report:
|
2013-04-19 |
Michael Spacefalcon |
Pirelli PCB: failed attempt at tracing out the 4 under-SIM test points
|
2013-04-17 |
Michael Spacefalcon |
boot ROM re: trying to understand the code that runs after '<' received
|
2013-04-16 |
Michael Spacefalcon |
boot ROM re: flash application image interface documented
|
2013-04-16 |
Michael Spacefalcon |
boot ROM re: further understanding of the external flash image booting
|
2013-04-16 |
Michael Spacefalcon |
boot ROM re: making inroads into the flash image validity criteria
|
2013-04-16 |
Michael Spacefalcon |
boot ROM re: got as far as UART init
|
2013-04-15 |
Michael Spacefalcon |
boot ROM re: started on main() and the 0xe2c routine
|
2013-04-15 |
Michael Spacefalcon |
boot ROM rev eng: progressing on the RESET code
|
2013-04-15 |
Michael Spacefalcon |
beginning of boot ROM reverse eng
|
2013-04-15 |
Michael Spacefalcon |
mokosrec2bin utility written
|