Results 1 to 9 of 9

Thread: How to Disassemble vxworks System?

  1. #1

    Exclamation How to Disassemble vxworks System?

    i want Disassemble an vxworks system,vxworks system have a elf image file,,and i use IDA Pro Disassemble it ,but have a problem.

    http://www.routerclub.com/attachments/Snap1a_NP0RpFNROu4B.gif

    this system is a bas system, it use network card mac address to register it.
    underside is the system file.

    ftp://61.161.79.48/router/vxwork.rar
    www.routerclub.com

  2. #2
    mr. routerclub,

    please its getting boring, _what_ is your problem? what did you do to try to solve it???

    --
    0xf001

  3. #3
    this vxworks system is crack by me ,thanks 0xf001
    www.routerclub.com

  4. #4
    evilkings
    Guest

    will u ?

    will you give more information about this ? we are facing some problem in analyzing a vxworks binary .
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #5
    And what did YOU do to try to solve it?

    Regards,
    JMI

  6. #6
    evilkings
    Guest
    i tried to load the binary into ida and its running for more than 24 hours and i couldnt able to get the section info.
    And more than, when i loaded it, few of the variables thats within the text section is not linked.
    for ex,

    push 0xnnnnnnnn -> Actually this is part of text section

    And IDA is not linking it properly. In few of the places all the strings used in the function is included between the function,
    any idea howto automate this ? did anyone faced the same kind of problems ?
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #7
    I tried once to crack some vxwoks firmware. Inside the original file was another zlib compressed file that needed to be extracted. I used simple python script to extract data and continue analysis. Could find script if interested.
    Did you set correct processor for your binary?
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  8. #8
    evilkings
    Guest
    yes.it was an interesting exercise to try !! after playing with the large binary for lonnng time, i could manage to disassemble it correctly . whatever i had was x86 binary and i loaded that in the ida pro as binary file and after doing few more analysis, i could able to create few function and then on...it was a nice experience !!
    "hazard" if you could share that script, please send it across . it will be useful in few cases if you are reversing Linux kernel binary also. please share that !!
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  9. #9
    it's super simple but effective
    Code:
    from sys import *
    from struct import *
    from zlib import *
    
    def main():
        print "\nextract and decompress zlib"
        if len(argv) is not 3:
            print """
    Usage:
      <argv1> source file
      <argv2> dest file
        """
            exit()
        else:
            print """
    Using:
      Source: %s
      Dest: %s
         """ % (argv[1],argv[2])
        try:
            in_fd=open(argv[1],"rb")
        except:
            print "[-]Could't open file %s" % argv[1]
            exit()
    
        try:
            out_fd=open(argv[2],"wb")
        except:
            print "[-]Could't open file %s" % argv[2]
            exit()
    
        buff=in_fd.read()
        print 'Length', hex(len(buff))
    
        for i in range(len(buff)):
            try:
                decomS = decompress(buff[i:])
            except:
    #            print '.'
                continue
    
        print "Got it :)", i, hex(i)
        out_fd.write(decomS)
        print "[+]Done writing to '%s'" % argv[2]
    
    if __name__=="__main__":
        main()
    I promise that I have read the FAQ and tried to use the Search to answer my question.

Similar Threads

  1. MHS 4.0.0.0: Search/Hex Edit/Disassemble/Debug/Inject/More
    By L. Spiro in forum Tools of Our Trade (TOT) Messageboard
    Replies: 39
    Last Post: August 24th, 2008, 04:58
  2. System Driver Linking
    By kolina in forum Advanced Reversing and Programming
    Replies: 4
    Last Post: May 28th, 2003, 07:47
  3. ViaTech eLicense System
    By xor37h in forum Advanced Reversing and Programming
    Replies: 8
    Last Post: November 6th, 2001, 21:40
  4. crack tornado (vxworks) install serial
    By wowo in forum Malware Analysis and Unpacking Forum
    Replies: 3
    Last Post: April 5th, 2001, 07:50

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •