I don't know if this is the right place to post this or if this has already been figured out so please point me to a more appropriate place if there is one (also for sharing other interesting finds).
I have just started to reverse the drivers (ansi) using ghidra in my fork and have identified a function and two memory locations that seem to be some kind of protection against custom firmware.
The memory locations INTMEM:20 - INTMEM:26 are checked for the string "AKIRA" during startup and CODE:3fba - CODE:3fc0 are written to those locations during self programming (in the function at CODE:384e).
I have just started reversing and am still pretty unsure about what exactly happens where so this is meant as more of FYI for people who want to try flashing custom firmware and don't want to brick their devices.
I don't know if this is the right place to post this or if this has already been figured out so please point me to a more appropriate place if there is one (also for sharing other interesting finds).
I have just started to reverse the drivers (ansi) using
ghidra
in my fork and have identified a function and two memory locations that seem to be some kind of protection against custom firmware.The memory locations
INTMEM:20
-INTMEM:26
are checked for the string "AKIRA" during startup andCODE:3fba
-CODE:3fc0
are written to those locations during self programming (in the function at CODE:384e).I have just started reversing and am still pretty unsure about what exactly happens where so this is meant as more of FYI for people who want to try flashing custom firmware and don't want to brick their devices.