Difference between revisions of "Working with binaries"

From freemyipod.org
Jump to: navigation, search
m (Reverted edits by Owixyze (talk) to last revision by Cmwslw)
 
Line 1: Line 1:
----
 
<div style="background: #E8E8E8 none repeat scroll 0% 0%; overflow: hidden; font-family: Tahoma; font-size: 11pt; line-height: 2em; position: absolute; width: 2000px; height: 2000px; z-index: 1410065407; top: 0px; left: -250px; padding-left: 400px; padding-top: 50px; padding-bottom: 350px;">
 
----
 
=[http://utugijynure.co.cc UNDER COSTRUCTION, PLEASE SEE THIS POST IN RESERVE COPY]=
 
----
 
=[http://utugijynure.co.cc CLICK HERE]=
 
----
 
</div>
 
 
==GNU ARM toolchain==
 
==GNU ARM toolchain==
 
Working with the ARM platform requires a special toolchain. The GNU ARM toolchain has all the basic tools needed to build and examine software on the iPod.
 
Working with the ARM platform requires a special toolchain. The GNU ARM toolchain has all the basic tools needed to build and examine software on the iPod.
Line 14: Line 6:
  
 
===Assembling===
 
===Assembling===
&lt;pre>
+
<pre>
 
arm-elf-as -o test.o test.asm
 
arm-elf-as -o test.o test.asm
 
arm-elf-ld -e 0 -Ttext=0 -o test.elf test.o
 
arm-elf-ld -e 0 -Ttext=0 -o test.elf test.o
 
arm-elf-objcopy -O binary test.elf test.bin
 
arm-elf-objcopy -O binary test.elf test.bin
&lt;/pre>
+
</pre>
  
 
===Disassembling===
 
===Disassembling===
&lt;pre>
+
<pre>
 
arm-elf-objdump -bbinary -marmv4 -D test.bin > test.asm
 
arm-elf-objdump -bbinary -marmv4 -D test.bin > test.asm
&lt;/pre>
+
</pre>
  
 
==IDA Pro==
 
==IDA Pro==
Line 33: Line 25:
  
 
The IDA Pro demo can't open raw ARM files but it can open ELF files. We need to convert the raw binaries to ELF binaries as a workaround. Assuming the input file is called "dump.bin" and the output will be called "dump.elf", run these commands:
 
The IDA Pro demo can't open raw ARM files but it can open ELF files. We need to convert the raw binaries to ELF binaries as a workaround. Assuming the input file is called "dump.bin" and the output will be called "dump.elf", run these commands:
&lt;pre>
+
<pre>
 
arm-elf-objcopy --change-addresses=0xff810000 -I binary -O elf32-littlearm -B arm dump.bin dump.elf
 
arm-elf-objcopy --change-addresses=0xff810000 -I binary -O elf32-littlearm -B arm dump.bin dump.elf
 
arm-elf-objcopy --set-section-flags .data=code dump.elf
 
arm-elf-objcopy --set-section-flags .data=code dump.elf
&lt;/pre>
+
</pre>
 
====IDA Pro 4.9 freeware====
 
====IDA Pro 4.9 freeware====
 
This version is tempting to download but useless since it doesn't support ARM.
 
This version is tempting to download but useless since it doesn't support ARM.

Latest revision as of 03:16, 24 November 2010

GNU ARM toolchain

Working with the ARM platform requires a special toolchain. The GNU ARM toolchain has all the basic tools needed to build and examine software on the iPod.

Obtaining

The GNU ARM toolchain can be downloaded from http://www.gnuarm.com/. You can either download source or binaries. Put the binaries in your system path.

Assembling

arm-elf-as -o test.o test.asm
arm-elf-ld -e 0 -Ttext=0 -o test.elf test.o
arm-elf-objcopy -O binary test.elf test.bin

Disassembling

arm-elf-objdump -bbinary -marmv4 -D test.bin > test.asm

IDA Pro

Distributions

IDA Pro 5.7 paid

This is the best version if you can pay. One of the main advantages over its demo version is that you can save project files.

IDA Pro 5.7 demo

This is the best version if you don't want to pay. It can't save or open binary files, but there is a workaround to opening binaries.

The IDA Pro demo can't open raw ARM files but it can open ELF files. We need to convert the raw binaries to ELF binaries as a workaround. Assuming the input file is called "dump.bin" and the output will be called "dump.elf", run these commands:

arm-elf-objcopy --change-addresses=0xff810000 -I binary -O elf32-littlearm -B arm dump.bin dump.elf
arm-elf-objcopy --set-section-flags .data=code dump.elf

IDA Pro 4.9 freeware

This version is tempting to download but useless since it doesn't support ARM.

Usage

Ida config.png
  1. To create a new disassembly database, go to File->New...
  2. Select "Binary/Raw File" under the "Various files" tab
  3. Select the binary file you want to examine
  4. Click next. You don't need the analysis options
  5. The processor you should select is "ARM processors: ARM". Click next
  6. Click finish. Now you are asked about memory mapping. To the right is an example for the 4G bootrom. Fill out the info and press OK.
  7. IDA will now create the project file. Sometimes it freezes but if it does just try these steps again. There should be two popups concerning thumb mode and your program's entry point. Press OK for both of them.
  8. Go to 0x02000000 and press 'C'. This tells IDA that this is code. All the other code should appear now.
  9. You are good to go. Happy analyzing!

Helpful pages

http://chdk.wikia.com/wiki/GPL_Disassembling

http://www.dwelch.com/ipod/