The first few bytes look like valid ARM reset vectors, I doubt that they would be valid as THUMB. I also doubt that there is a way to make the processor execute the RESET code at 0x00008000 as THUMB code. I'll nevertheless try to disassemble it as THUMB today...
In fact the image has 2 major sections. The first one looks like init code, the reset vector is mapped to its beginning. The second one is sort of a weird file system, with its index at the end of the image. (That's what you probably meant with "reversed header") It contains 6 files: Logo An unnamed one Another unnamed one which overlaps the next two Logoflsh Diagflsh Diskflsh The restore string is probably located in the init code or in diskflsh. Init code seems more likely, but as I can't find it there, that would mean, that the init code is encrypted. Tof is currently trying to read out the contents of the processor's internal ROM, as it is the only place where some decryption code could still be hiding. -----Original Message----- From: Bahattin TOZYILMAZ <[EMAIL PROTECTED]> Sent: Samstag, 17. Mai 2008 05:59 To: Hardware and developpement mailing list. <[email protected]> Subject: Re: [Linux4nano-dev] Readout in Binary I tried to investigate the THUMB code probability. What i could understood is that, first 40 or so instructions (i dont have an ARM emu, and i dont know how to use GBA emu's well) loads some registers, and makes branchs. I dont think they used a second protection to defend iPod, and our binary file should contain some machine instructions. Can it be valuable to use an emu to investigate thumb code? Another interesting thing. Why they created two data segment (i mean that huge string of 0xFF between segment). And that reversed header at the end of file, like we have seen in firmware image. One more, where are the "Use iTunes to restore" text and other images. I think bootloader consists of two images. First one, the hardcore bootloader; Second one, system loader. Regards, Baha _______________________________________________ Linux4nano-dev mailing list [email protected] https://mail.gna.org/listinfo/linux4nano-dev http://www.linux4nano.org _______________________________________________ Linux4nano-dev mailing list [email protected] https://mail.gna.org/listinfo/linux4nano-dev http://www.linux4nano.org
