`dump_pocketbook_update.py` and `pocketbook_update.ksy` fail on recent PocketBook firmware (fixed by PR #4 )

[danielweck]

Working

• sw_20190521_U840_5.20.706_user.zip and sw_20161017_840_U_5.15_172_5.12_all_in_one_qt5_gdb_pn_user.zip
• Download URLs:
  • https://download.pocketbook-int.com/fw/Yitoa/840/user/20190521/sw_20190521_U840_5.20.706_user.zip
  • https://download.pocketbook-int.com/fw/Yitoa/840/user/20161017/sw_20161017_840_U_5.15_172_5.12_all_in_one_qt5_gdb_pn_user.zip
• Source: https://www.pocketbook-int.com/int/support/pocketbook-inkpad

INFO:

Update magic: b'PocketBookUpdate'
Update Model: PocketBook840
Update revision: U840.5.20.7
Update md5 hash: b'54eeb5c38e2c596d8fcf66ad81db1466'
Update signature: b'443134e0cad904ff1bf456c21ef9d9c5859209a4a826fea7362b5cca9194ff92cba5e1cab48e7a7eca6d6bc7c84f14adf79c86b300d1831afb765bdfddd779f100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000'
Partition table:
    offset 0x0 size 0x400 type PartTypeEnum.a_img 
    offset 0x10000 size 0xbab52 type PartTypeEnum.swupdate_tar_gz 
    offset 0xd0000 size 0x400964 type PartTypeEnum.kernel_img 
    offset 0x4e0000 size 0x360000 type PartTypeEnum.updatefs_cramfs 
    offset 0x840000 size 0x1f2d4 type PartTypeEnum.elf_megadog_img 
    offset 0x860000 size 0x1725000 type PartTypeEnum.rootfs_img 
    offset 0x1f90000 size 0xcbb8800 type PartTypeEnum.ebrmain_img 
    offset 0xeb50000 size 0x9d552 type PartTypeEnum.elf_megadog_img 
    offset 0xebf0000 size 0x5c08000 type PartTypeEnum.dragon_tar 
    offset 0x14800000 size 0x1e5829 type PartTypeEnum.elf_megadog_img 
    offset 0x0 size 0x0 type PartTypeEnum.empty 
Checking hashes
Header hash: b'54eeb5c38e2c596d8fcf66ad81db1466'
Calc   hash: 54eeb5c38e2c596d8fcf66ad81db1466

and

Update magic: b'PocketBookUpdate'
Update Model: PocketBook840
Update revision: U840.5.15.1
Update md5 hash: b'0650832e2c9ff96a6cb14cdf445d92da'
Update signature: b'016a08261d6230a8fd5e1303f503afc927a73bbe529e2878ef8d4bcae95f69c84a5e54e097c2de506c8123d16436c8c8e611190f7d9c9ece98882c6b29d1d9b200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000'
Partition table:
    offset 0x0 size 0x400 type PartTypeEnum.a_img 
    offset 0x10000 size 0xa016a type PartTypeEnum.swupdate_tar_gz 
    offset 0xc0000 size 0x231 type PartTypeEnum.elf_megadog_img 
    offset 0xd0000 size 0x3fe924 type PartTypeEnum.kernel_img 
    offset 0x4d0000 size 0x306000 type PartTypeEnum.updatefs_cramfs 
    offset 0x7e0000 size 0x11082 type PartTypeEnum.elf_megadog_img 
    offset 0x800000 size 0xf8e000 type PartTypeEnum.rootfs_img 
    offset 0x1790000 size 0xdce0800 type PartTypeEnum.ebrmain_img 
    offset 0xf480000 size 0x49ed000 type PartTypeEnum.dragon_tar 
    offset 0x13e70000 size 0x26a44f type PartTypeEnum.elf_megadog_img 
    offset 0x0 size 0x0 type PartTypeEnum.empty 
Checking hashes
Header hash: b'0650832e2c9ff96a6cb14cdf445d92da'
Calc   hash: 0650832e2c9ff96a6cb14cdf445d92da

DUMP:

Dumping section of type PartTypeEnum.a_img size 0x400 offset 0
Dumping section of type PartTypeEnum.swupdate_tar_gz size 0xa016a offset 10000
Dumping section of type PartTypeEnum.elf_megadog_img size 0x231 offset c0000
Dumping section of type PartTypeEnum.kernel_img size 0x3fe924 offset d0000
Dumping section of type PartTypeEnum.updatefs_cramfs size 0x306000 offset 4d0000
Dumping section of type PartTypeEnum.elf_megadog_img size 0x11082 offset 7e0000
Dumping section of type PartTypeEnum.rootfs_img size 0xf8e000 offset 800000
Dumping section of type PartTypeEnum.ebrmain_img size 0xdce0800 offset 1790000
Dumping section of type PartTypeEnum.dragon_tar size 0x49ed000 offset f480000
Dumping section of type PartTypeEnum.elf_megadog_img size 0x26a44f offset 13e70000

and

Dumping section of type PartTypeEnum.a_img size 0x400 offset 0
Dumping section of type PartTypeEnum.swupdate_tar_gz size 0xbab52 offset 10000
Dumping section of type PartTypeEnum.kernel_img size 0x400964 offset d0000
Dumping section of type PartTypeEnum.updatefs_cramfs size 0x360000 offset 4e0000
Dumping section of type PartTypeEnum.elf_megadog_img size 0x1f2d4 offset 840000
Dumping section of type PartTypeEnum.rootfs_img size 0x1725000 offset 860000
Dumping section of type PartTypeEnum.ebrmain_img size 0xcbb8800 offset 1f90000
Dumping section of type PartTypeEnum.elf_megadog_img size 0x9d552 offset eb50000
Dumping section of type PartTypeEnum.dragon_tar size 0x5c08000 offset ebf0000
Dumping section of type PartTypeEnum.elf_megadog_img size 0x1e5829 offset 14800000

Failing

• sw_20201127_U740_6.1.1229_user.zip and sw_20211018_U740_6.5.765_user.zip
• Download URLs:
  • https://download.pocketbook-int.com/fw/Yitoa/740/user/20201127/sw_20201127_U740_6.1.1229_user.zip
  • https://download.pocketbook-int.com/fw/Yitoa/740/user/20211018/sw_20211018_U740_6.5.765_user.zip
• Source: https://www.pocketbook-int.com/int/support/pocketbook-inkpad-3

Traceback (most recent call last):
  File "dump_pocketbook_update.py", line 137, in <module>
    main()
  File "dump_pocketbook_update.py", line 133, in main
    actions[args.action](args.update)
  File "dump_pocketbook_update.py", line 29, in show_info
    mupdate = swupdate.Swupdate.from_file(fname)
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/kaitaistruct.py", line 35, in from_file
    return cls(KaitaiStream(f))
  File "/PATH/TO/stuffz/swupdate.py", line 36, in __init__
    self._read()
  File "/PATH/TO/stuffz/swupdate.py", line 41, in _read
    self.header = Swupdate.Header(_io__raw_header, self, self._root)
  File "/PATH/TO/stuffz/swupdate.py", line 52, in __init__
    self._read()
  File "/PATH/TO/stuffz/swupdate.py", line 68, in _read
    if _.part_type.value == 0:
AttributeError: 'int' object has no attribute 'value'

[danielweck]

Note that the non-working ones are not gzipped, whereas the older working ones require gunzip --decompress --suffix=.BIN SWUPDATE.BIN && mv SWUPDATE SWUPDATE.BIN beforehand.

Original documentation: https://www.synacktiv.com/en/publications/e-ink-maiden-bring-your-reader-to-the-reverser.html

[danielweck]

@KOLANICH I successfully tested your PR :) https://github.com/Synacktiv-contrib/stuffz/pull/4 ( https://github.com/KOLANICH/Synacktiv_stuffz/tree/pocketbook_fixes )

---

• sw_20211018_U740_6.5.765_user.zip (see info in my original post above):

INFO:

Update magic: b'PocketBookUpdate'
Update Model: PocketBook740
Update revision: U740.6.5.76
Update md5 hash: b'c836f5b648c6838d35739a56a1bf9b97'
Update signature: b'0272e73427a3a7e406f425017f230924b3637386db0672b744b552629cb142a1d458ee8138ef0605ad2811be79bb6c48a6677ae29433a99c68f014e0dc647e6100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000'
Partition table:
    offset 0x0 size 0x3ff type PartTypeEnum.a_img 
    offset 0x10000 size 0xc169e type PartTypeEnum.swupdate_tar_gz 
    offset 0xe0000 size 0x63ea type PartTypeEnum.elf_megadog_img 
    offset 0xf0000 size 0xa8000 type PartTypeEnum.uboot_loader 
    offset 0x1a0000 size 0x354678 type PartTypeEnum.kernel_img 
    offset 0x500000 size 0x420000 type PartTypeEnum.updatefs_cramfs 
    offset 0x920000 size 0xa8000 type PartTypeEnum.uboot_loader_too 
    offset 0x9d0000 size 0x124b9 type PartTypeEnum.elf_megadog_img 
    offset 0x9f0000 size 0x57e7f3 type PartTypeEnum.rootfs_img 
    offset 0xf70000 size 0xdd27aab type PartTypeEnum.ebrmain_img 
    offset 0xeca0000 size 0xf408c type PartTypeEnum.elf_megadog_img 
    offset 0xeda0000 size 0x516a800 type PartTypeEnum.dragon_tar 
    offset 0x13f10000 size 0x1ebeb8 type PartTypeEnum.elf_megadog_img 
    offset 0x0 size 0x0 type PartTypeEnum.empty 
Checking hashes
Header hash: b'c836f5b648c6838d35739a56a1bf9b97'
Calc   hash: c836f5b648c6838d35739a56a1bf9b97

DUMP:

Dumping section of type PartTypeEnum.a_img size 0x3ff offset 0
Dumping section of type PartTypeEnum.swupdate_tar_gz size 0xc169e offset 10000
Dumping section of type PartTypeEnum.elf_megadog_img size 0x63ea offset e0000
Dumping section of type PartTypeEnum.uboot_loader size 0xa8000 offset f0000
Dumping section of type PartTypeEnum.kernel_img size 0x354678 offset 1a0000
Dumping section of type PartTypeEnum.updatefs_cramfs size 0x420000 offset 500000
Dumping section of type PartTypeEnum.uboot_loader_too size 0xa8000 offset 920000
Dumping section of type PartTypeEnum.elf_megadog_img size 0x124b9 offset 9d0000
Dumping section of type PartTypeEnum.rootfs_img size 0x57e7f3 offset 9f0000
Dumping section of type PartTypeEnum.ebrmain_img size 0xdd27aab offset f70000
Dumping section of type PartTypeEnum.elf_megadog_img size 0xf408c offset eca0000
Dumping section of type PartTypeEnum.dragon_tar size 0x516a800 offset eda0000
Dumping section of type PartTypeEnum.elf_megadog_img size 0x1ebeb8 offset 13f10000

---

• sw_20201127_U740_6.1.1229_user.zip (see info in my original post above):

INFO:

Update magic: b'PocketBookUpdate'
Update Model: PocketBook740
Update revision: U740.6.1.12
Update md5 hash: b'327cdfb9afd57b013e7f2906f3e73948'
Update signature: b'9e8865c17e9dc1c4ab9874fa7a6b97323bdffb4888af09784febc153a16f77de4b355639ce828f7881063a3665db19d198dfcada41d34beb1cbf8917b3c546ce00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000'
Partition table:
    offset 0x0 size 0x3ff type PartTypeEnum.a_img 
    offset 0x10000 size 0xc0eae type PartTypeEnum.swupdate_tar_gz 
    offset 0xe0000 size 0x6459 type PartTypeEnum.elf_megadog_img 
    offset 0xf0000 size 0xa4000 type PartTypeEnum.uboot_loader 
    offset 0x1a0000 size 0x353438 type PartTypeEnum.kernel_img 
    offset 0x500000 size 0x41d000 type PartTypeEnum.updatefs_cramfs 
    offset 0x920000 size 0xa4000 type PartTypeEnum.uboot_loader_too 
    offset 0x9d0000 size 0x1f18f type PartTypeEnum.elf_megadog_img 
    offset 0x9f0000 size 0x57d26a type PartTypeEnum.rootfs_img 
    offset 0xf70000 size 0xb80f678 type PartTypeEnum.ebrmain_img 
    offset 0xc780000 size 0xf3728 type PartTypeEnum.elf_megadog_img 
    offset 0xc880000 size 0x4da8000 type PartTypeEnum.dragon_tar 
    offset 0x11630000 size 0x1ebd6d type PartTypeEnum.elf_megadog_img 
    offset 0x0 size 0x0 type PartTypeEnum.empty 
Checking hashes
Header hash: b'327cdfb9afd57b013e7f2906f3e73948'
Calc   hash: 327cdfb9afd57b013e7f2906f3e73948

DUMP:

Dumping section of type PartTypeEnum.a_img size 0x3ff offset 0
Dumping section of type PartTypeEnum.swupdate_tar_gz size 0xc0eae offset 10000
Dumping section of type PartTypeEnum.elf_megadog_img size 0x6459 offset e0000
Dumping section of type PartTypeEnum.uboot_loader size 0xa4000 offset f0000
Dumping section of type PartTypeEnum.kernel_img size 0x353438 offset 1a0000
Dumping section of type PartTypeEnum.updatefs_cramfs size 0x41d000 offset 500000
Dumping section of type PartTypeEnum.uboot_loader_too size 0xa4000 offset 920000
Dumping section of type PartTypeEnum.elf_megadog_img size 0x1f18f offset 9d0000
Dumping section of type PartTypeEnum.rootfs_img size 0x57d26a offset 9f0000
Dumping section of type PartTypeEnum.ebrmain_img size 0xb80f678 offset f70000
Dumping section of type PartTypeEnum.elf_megadog_img size 0xf3728 offset c780000
Dumping section of type PartTypeEnum.dragon_tar size 0x4da8000 offset c880000
Dumping section of type PartTypeEnum.elf_megadog_img size 0x1ebd6d offset 11630000