PAGalaxyLab / vxhunter

ToolSet for VxWorks Based Embedded Device Analyses
BSD 2-Clause "Simplified" License
339 stars 73 forks source link

Huawei firmware. Unable to demangle symbol: _GLOBAL__D___gthread_once #20

Open Ya-Mir opened 1 year ago

Ya-Mir commented 1 year ago

Hello! I'm have trubl with huawei firmware. My setup: Ghidra 10.2.3 Java Version 17.0.7 VxHunter latest CPU: HiSil1210A Architecture: 64-bit ARMv8-A , Cortex-A53 (CPU: HISILICON - CortexA9 (ARM from bootlog) VxWorks 6.7(8) (from boot log)

Message from Ghidra: Demangler GNU> Unable to demangle symbol: _GLOBAL__D___gthread_once at 014a919c. Message: Expected the demangled string to contain a namespace Log from Ghidra: [INFO ][vxhunter_core.find_symbol_table] symbol table start offset: 0000261ab8 [INFO ][vxhunter_core.find_symbol_table] Symbol table end offset: 000028c128 [INFO ][vxhunter_core._check_vxworks_endian] VxWorks endian: Big endian. [INFO ][vxhunter_core.quick_test] Load address is not 0080002000 [INFO ][vxhunter_core._check_load_address] String None at offset 22935724 didn't match symbol table. [INFO ][vxhunter_core.quick_test] Load address is not 0000010000 [INFO ][vxhunter_core._check_load_address] String None at offset 22997164 didn't match symbol table. [INFO ][vxhunter_core.quick_test] Load address is not 0000001000 [INFO ][vxhunter_core.quick_test] Load address is not 00f2003fe4 [INFO ][vxhunter_core._check_load_address] String None at offset 21952684 didn't match symbol table. [INFO ][vxhunter_core.quick_test] Load address is not 0000100000 [INFO ][vxhunter_core._check_load_address] String None at offset 21919948 didn't match symbol table. [INFO ][vxhunter_core.quick_test] Load address is not 0000107fe0 [INFO ][vxhunter_core.find_string_table_by_key_function_index] Found string table start address at 000020c6f8 [INFO ][vxhunter_core.find_string_table_by_key_function_index] Found string table end at 0000235755 [INFO ][vxhunter_core.find_string_table_by_key_function_index] Found a string table at: 000020c718 to 0000235755 [INFO ][vxhunter_core.find_loading_address] Starting loading address analysis [INFO ][vxhunter_core.find_loading_address] load address is 0001400000 [INFO ][vxhunter_firmware_init.init_firmware] Analyze Load Address takes 3.526 seconds [INFO ][vxhunter_firmware_init.init_firmware] Rebase image takes 0.014 seconds [INFO ][vxhunter_firmware_init.init_firmware] Creating symbol table takes 0.138 seconds [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named tolower at 0160d04c: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0160d044 to 0160d053 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named toupper at 0160d05c: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0160d054 to 0160d063 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named i at 0160d178: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0160d170 to 0160d179 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named ctime at 0160d52c: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0160d528 to 0160d531 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named cos at 0160dc0c: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0160dc08 to 0160dc0f [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named sin at 0160dc14: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0160dc10 to 0160dc17 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named tan at 0160dc1c: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0160dc18 to 0160dc1f [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named abs at 0160dc50: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0160dc4c to 0160dc53 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named ioctl at 016109fc: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 016109e4 to 01610a01 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named ld at 01611a30: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01611a08 to 01611a32 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named checksum at 01611bb0: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01611b98 to 01611bb8 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named type at 01611c58: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01611c40 to 01611c5c [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named sp at 01615844: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01615834 to 01615846 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named free at 01615d0c: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01615d08 to 01615d10 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named Get_CRC at 01616360: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0161635c to 01616367 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named GetUncompressedDataSize at 01616758: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01616754 to 0161676f [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named ifAddrDelete at 016167ac: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 016167a8 to 016167b8 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named kLzmaDecode at 01616854: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01616850 to 0161685f [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named LZMA_ExpandData at 016168f0: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 016168ec to 016168ff [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named LzmaDecodeProperties at 01616904: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01616900 to 01616918 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named ProbsMemInfo at 0161695c: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01616958 to 01616968 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named Reflect at 01616984: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01616980 to 0161698b [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named StopResetWatchdog at 01616dc8: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01616dc4 to 01616dd9 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named inInit at 01616f78: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01616f70 to 01616f7e [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named _GetBoardType at 01617bc4: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01617bc0 to 01617bd1 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named time at 01619888: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01619884 to 0161988c [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named cacheFlush at 0161a9d8: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0161a9d4 to 0161a9e2 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named ti at 0161ae00: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0161adf0 to 0161ae02 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named atan at 0161c184: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0161c180 to 0161c188 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named exp at 0161c190: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0161c18c to 0161c193 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named log at 0161c198: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0161c194 to 0161c19b [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named sqrt at 0161c1a0: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0161c19c to 0161c1a4 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named rm at 0161cbb4: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0161cb9c to 0161cbb6 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named b at 0161f120: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0161f10c to 0161f121 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named tt at 0161f2e0: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0161f2d4 to 0161f2e2 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named ddr at 01622044: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01622034 to 01622047 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named creationDate at 01622cc8: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01622cc0 to 01622cd4 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named l at 01624784: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01624778 to 01624785 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named m at 01624c24: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01624c18 to 01624c25 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named e at 016278d8: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 016278cc to 016278d9 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named ts at 01627ec8: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01627ec0 to 01627eca [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named index at 01628484: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0162847c to 01628489 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named w at 01628740: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01628738 to 01628741 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named tr at 016299f0: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 016299e8 to 016299f2 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named ll at 0162a46c: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0162a458 to 0162a46e [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named PortInit at 0162ca54: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0162ca50 to 0162ca5c [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named h at 0162cce8: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0162ccdc to 0162cce9 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named dir at 0162d12c: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0162d128 to 0162d12f [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named select at 0162fda4: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0162fda0 to 0162fdaa [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named stat at 0162fdb0: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0162fdac to 0162fdb4 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named LogicSetPin at 016301c0: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 016301bc to 016301cb [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named LogicSetPinMRFU at 016301d0: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 016301cc to 016301df [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named LogicSetPinMRFUV02 at 016301e4: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 016301e0 to 016301f6 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named LogicSetPinMRRU at 016301fc: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 016301f8 to 0163020b [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named LogicSetPinXRRU at 01630210: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0163020c to 0163021f [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named shutdown at 016326cc: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 016326c8 to 016326d4 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named printf at 016339c0: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 016339bc to 016339c6 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named snprintf at 01633b40: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01633b3c to 01633b48 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named sprintf at 01633b74: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01633b70 to 01633b7b [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named StartRelTimer at 01633b9c: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01633b98 to 01633ba9 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named strtol at 01633bdc: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01633bd8 to 01633be2 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named bufAlloc at 01634604: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01634600 to 0163460c [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named bufFree at 01634614: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01634610 to 0163461b [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named close at 01635594: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01635590 to 01635599 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named open at 016356ac: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 016356a8 to 016356b0 [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named read at 016356b8: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 016356b4 to 016356bc [ERROR ][symbol.add_symbol] Failed to create ascii string for symbol named write at 01635710: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 0163570c to 01635715 [INFO ][vxhunter_firmware_init.init_firmware] Waiting for pending analysis to complete... [INFO ][vxhunter_firmware_init.init_firmware] Load symbols takes 2.935 seconds [INFO ][vxhunter_firmware_init.init_firmware] Ghidra analyzer all takes 4.480 seconds

BOOT log device.txt MRRUV2_Rom.zip extracted binwalk 90B1.zip

Thanks for very cool tools!

dark-lbp commented 1 year ago

Hi @Ya-Mir , thank you for using VxHunter. The Unable to demangle symbol and Failed to create ascii string errors should not affect the analysis procedure. Does functions in firmware decompiled as expected?

Ya-Mir commented 1 year ago

I'm get only function name, decompile not successful.

Отправлено из Mail.ru для Android понедельник, 15 мая 2023г., 06:58 +04:00 от dark-lbp @.*** :

Hi @Ya-Mir , thank you for using VxHunter. The Unable to demangle symbol and Failed to create ascii string errors should not affect the analysis procedure. Does functions in firmware decompiled as expected? — Reply to this email directly, view it on GitHub , or unsubscribe . You are receiving this because you were mentioned. Message ID: @ github . com>

dark-lbp commented 1 year ago

hmm, looks like the symbol table is correct. image

But disassembled codes at functions looks weird.

dark-lbp commented 1 year ago

This firmware might compiled with optimization option enabled, you can setup the cpu type to ARM:LE:32:v8T(ARM V8 little endian with thumb enabled) and run VxHunter again.

image
Ya-Mir commented 1 year ago

Thanks for very cool support. Do you have any ideas how to extract other files from the firmware?