chunghuihuang / firmware-mod-kit

Automatically exported from code.google.com/p/firmware-mod-kit
0 stars 0 forks source link

Support for Sony Blu-Ray Player BDP-185 #43

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. ./extract_firmware.sh MSB09.bin MSB09 (./extract-ng fails)
2.
3.

What is the expected output? What do you see instead?
Looks like it's going to extract the firmware, then fails

What version of the product are you using? On what operating system?
Linux cascomp 3.0.6-gentoo #3 SMP Wed Nov 23 21:23:21 CST 2011 x86_64 AMD 
Phenom(tm) 9850 Quad-Core Processor AuthenticAMD GNU/Linux

Please provide any additional information below.

./extract_firmware.sh MSB09-FW.BIN MSB09

 Firmware Mod Kit (extract) v0.73 beta, (c)2010-2011 Jeremy Collake, - Newer NG edition by Craig Heffner
 Checking for updates ...
  You have the latest version of this kit.
 LINUX system detected. Compatibility ok.
 Testing file system of MSB09 ...
 WARNING: You must be 'root' when extracting and building some images.
          This is because some images need to create devices in your fs.
          For DD-WRT, do NOT extract or build as root, use standard user.
 Building tools ...
 Build seems successful.
 Preparing working directory ...
 Removing any previous files ...
 Creating directories ...
 Extracting firmware
! untrx failed, trying splitter3
 Not recognized by splitter3
 Attempting raw linux style firmware package (i.e. TEW-632BRP) ...
 Extracting MSB09-FW.BIN to MSB09 ...
 Error: filesystem not extracted properly.
  firmware image format not compatible?

Firmware address:

http://esupport.sony.com/US/perl/model-home.pl?mdl=BDPS185&template_id=1&region_
id=1&tab=download#/downloadTab

Original issue reported on code.google.com by jeremy.r...@gmail.com on 29 Nov 2011 at 8:24

GoogleCodeExporter commented 9 years ago
Oh yeah, I also get the same thing under root.

Original comment by jeremy.r...@gmail.com on 29 Nov 2011 at 8:26

GoogleCodeExporter commented 9 years ago
Note that we have a new Jeremy, so do not get him confused as me.

1. Try the newer -ng scripts, not the old ones.

Original comment by jeremy.collake@gmail.com on 29 Nov 2011 at 9:01

GoogleCodeExporter commented 9 years ago
Yeah, I had tried the -ng(new generation) scripts first, but had better luck 
with the older one. I did get 55M.img with the old script

Original comment by jeremy.r...@gmail.com on 30 Nov 2011 at 12:15

GoogleCodeExporter commented 9 years ago
This device is not supported, and likely never will be. Examining the .bin file 
extracted from the ISO image, I see no known or common file types (either with 
binwalk or manual examination) nor any readable strings.

Given that this is a blu-ray player, I would expect the firmware to be at least 
obfuscated, and more likely encrypted. Manufacturers have to protect the crypto 
keys used to decrypt the content on DVDs and BR disks, so they have probably 
taken steps to stop people from just opening up the firmware and grabbing that 
data.

To get anywhere with the firmware you'll probably need to get access to the 
hardware, and FMK can obviously not help you there. If you do get more 
information that allows extraction of the firmware then maybe we can add it in, 
but it would probably be better off putting that functionality in a separate 
utility.

Original comment by heffne...@gmail.com on 1 Dec 2011 at 1:32

GoogleCodeExporter commented 9 years ago
Yeah, that's what I was expecting. I've already scanned for any open ports on 
it. Could there be any other information I can provide by opening it up?

Original comment by jeremy.r...@gmail.com on 1 Dec 2011 at 2:11

GoogleCodeExporter commented 9 years ago
If you open it up you may be able to get access to a debug interface such as a 
serial port or JTAG. The firmware image looks rather large so I'm not sure if 
they're using a NAND flash chip for storage or what, but if you have the right 
equipment you could probably dump the firmware directly off the flash chip.

Original comment by heffne...@gmail.com on 1 Dec 2011 at 1:04

GoogleCodeExporter commented 9 years ago
Once my niece is asleep; I will open it up. hehe. I'll take some pictures also.

Original comment by jeremy.r...@gmail.com on 1 Dec 2011 at 4:52

GoogleCodeExporter commented 9 years ago
Perhaps if you expressed your end goal we might be able to tell you if it is 
even plausible. Even if you manage to take apart the firmware, you may not be 
able to flash a new firmware image onto the device because they are surely 
digitally signed. There are ways around that at times, but none very easy, and 
actually rather difficult.

Original comment by jeremy.collake@gmail.com on 1 Dec 2011 at 7:41

GoogleCodeExporter commented 9 years ago
Just to see what all we're able to do. It has java installed also. I thought 
maybe I could program some other apps for it.

Original comment by jeremy.r...@gmail.com on 1 Dec 2011 at 8:54

GoogleCodeExporter commented 9 years ago
DMCA laws prohibit reverse engineering for purposes other than achieving 
interoperability, education/research, and a few other exceptions. Make sure you 
have researched that bill and are adhering to it. Reverse engineering for the 
purpose of, say, violation of BluRay DRM, is illegal.

Original comment by jeremy.collake@gmail.com on 1 Dec 2011 at 9:12

GoogleCodeExporter commented 9 years ago
Could care less about the blueray. 

Original comment by jeremy.r...@gmail.com on 1 Dec 2011 at 9:18

GoogleCodeExporter commented 9 years ago
Update image is scrambled, but contents are fairly similar to other Mediatek 
MT8530/MT8550 based players. Lemme know if you are interested in descrambling 
it for "educational purporses".

Original comment by gst...@gmail.com on 8 Jan 2012 at 4:45

GoogleCodeExporter commented 9 years ago
i got one of these the other day. 
i'm reversing it for interoperability with my wireless router ;)
the ethernet cord is blocking access to my couch.
http://forums.hackaday.com/viewtopic.php?f=8&t=2117

Original comment by kfaz...@gmail.com on 7 Mar 2012 at 7:31

GoogleCodeExporter commented 9 years ago
As a pseudo-non-lawyer, when commenting on the reason behind reverse 
engineering something, don't put that reason in quotation marks, as if it's a 
joke. With the laws in this country, and most of the world, this is serious 
stuff.

Original comment by jeremy.collake@gmail.com on 7 Mar 2012 at 7:42

GoogleCodeExporter commented 9 years ago
hi,
I have a same problem with bdp-s370 firmware (Msb03-fw.id.txt), but I found
a little progi bdpcrypt.exe and work fine , decrypt encrypt to.
I would like mix the s370 and s380 extracted firmware, because the s380 can
support NTFS usb devices.Link here: Bdcrypt_Gui.rar : 
http://www.mediafire.com/?7bch5tay8fh0d6o

BR, Keni

Original comment by htcmagic...@googlemail.com on 11 Mar 2012 at 5:02

Attachments: