|
|
@@ -245,53 +245,3 @@ The `executables/hexen.py` script provides a utility to send raw hex payloads an
|
|
|
* The script checks if the directory for the `MAGIC` file exists and if the file is writable, providing error messages if issues are encountered.
|
|
|
|
|
|
This tool aims to simplify the process of testing variations of known packet structures, especially when only the checksum isnt known
|
|
|
-
|
|
|
-# MQX ARM M4 Firmware Analysis Tools
|
|
|
-
|
|
|
-This toolkit provides specialized tools for analyzing MQX ARM M4 firmware, with a particular focus on identifying IP packet checksum algorithms.
|
|
|
-
|
|
|
-## Tools Overview
|
|
|
-
|
|
|
-1. **improved_disassembler.py**: An enhanced disassembler with visual formatting, pattern recognition, and network protocol awareness.
|
|
|
-
|
|
|
-2. **checksum_finder.py**: A specialized tool focused specifically on finding checksum algorithms in firmware.
|
|
|
-
|
|
|
-## Installation
|
|
|
-
|
|
|
-Install the required dependencies:
|
|
|
-
|
|
|
-```bash
|
|
|
-pip install -r requirements.txt
|
|
|
-```
|
|
|
-
|
|
|
-## Usage
|
|
|
-
|
|
|
-### Analyzing firmware with the improved disassembler
|
|
|
-
|
|
|
-```bash
|
|
|
-python improved_disassembler.py path/to/firmware.bin -o analysis_output.txt -b 0x08000000
|
|
|
-```
|
|
|
-
|
|
|
-### Finding checksum algorithms
|
|
|
-
|
|
|
-```bash
|
|
|
-python checksum_finder.py path/to/firmware.bin -o checksum_analysis.txt -b 0x08000000
|
|
|
-```
|
|
|
-
|
|
|
-## Tool Features
|
|
|
-
|
|
|
-- Color-coded output for better readability (in terminal)
|
|
|
-- Detection of network-related strings and constants
|
|
|
-- Pattern-based identification of common checksum algorithms
|
|
|
-- Context-aware disassembly around potential checksum code
|
|
|
-- Export analysis to text files for further examination
|
|
|
-
|
|
|
-## Understanding the Results
|
|
|
-
|
|
|
-The tools look for:
|
|
|
-
|
|
|
-- **IP header constants**: Values commonly found in IP header processing (0x0800, 0x45, 0x06, etc.)
|
|
|
-- **Checksum patterns**: Common instruction sequences used in checksum calculations
|
|
|
-- **Network strings**: TCP/IP-related strings in the firmware
|
|
|
-
|
|
|
-When a potential checksum implementation is found, the tools provide the surrounding context to help understand the algorithm.
|
