samueldr
commented
4 years ago People in #23 discussed about that. They may be good people to talk with about that :). (I'm not part of those good people)
Closed soruh closed 4 years ago
samueldr
commented
4 years ago People in #23 discussed about that. They may be good people to talk with about that :). (I'm not part of those good people)
soruh
commented
4 years ago Great, thank you
I don't know if this is the right place to post this or if this has already been figured out so please point me to a more appropriate place if there is one (also for sharing other interesting finds).
I have just started to reverse the drivers (ansi) using
ghidrain my fork and have identified a function and two memory locations that seem to be some kind of protection against custom firmware.The memory locations
INTMEM:20-INTMEM:26are checked for the string "AKIRA" during startup andCODE:3fba-CODE:3fc0are written to those locations during self programming (in the function at CODE:384e).I have just started reversing and am still pretty unsure about what exactly happens where so this is meant as more of FYI for people who want to try flashing custom firmware and don't want to brick their devices.