Open nomadbyte opened 1 year ago
Thank you for highlighting those other icons.... I had already found the ones which were used for 'Parameter Labels' (mostly just rendered Text).
80000370 l O .const 00000038 .hidden _PrmPic_DETCT
800003a8 l O .const 00000036 .hidden _PrmPic_Depth
800003e0 l O .const 00000036 .hidden _PrmPic_THRSH
I'm sure you saw my (horrible) Bash/ImageMagick script, which can be adjusted if you really want to see what these icons look like. ;-) https://github.com/mungewell/zoom-zt2/blob/master/extract_device_icon.sh
Given the number of icons it would be nice if this was clean in Python - I mentioned the 'pwntools' project in #52 which can read into the ELF without extra steps... it installs a lot of extra stuff, so I'll see if the elf.py
bit can run as a standalone module.
Pushed a script that can read the ELF file to extract icon, or other images. https://github.com/mungewell/zoom-zt2/blob/master/extract_device_icon.py
For now it looks like pwnlib can only read from a real (on disk) file, so the ELF should be extracted first and the -e
flag used.
https://github.com/Gallopsled/pwntools/issues/2155
$ python3 extract_device_icon.py -e ZNR.ZD2.code
[!] Could not populate PLT: 'int' object has no attribute 'lower'
[*] '/home/simon/zoom-zt2-sdw-github/ZNR.ZD2.code'
Arch: 140-32-little
RELRO: No RELRO
Stack: No canary found
NX: NX enabled
PIE: PIE enabled
Extracting symbol: picTotalDisplay_ZNR
From Address: 0x80000280 to 0x800002DC
$ python3 extract_device_icon.py -t "_PrmPic_DETCT" -s 2 -o PrmPic.png -e ZNR.ZD2.code
[!] Could not populate PLT: 'int' object has no attribute 'lower'
[*] '/home/simon/zoom-zt2-sdw-github/ZNR.ZD2.code'
Arch: 140-32-little
RELRO: No RELRO
Stack: No canary found
NX: NX enabled
PIE: PIE enabled
Extracting symbol: _PrmPic_DETCT
From Address: 0x80000370 to 0x800003A8```
Continued 'messing' and found a better/working solution with 'filebytes'. https://github.com/sashs/filebytes
$ python3 extract_device_icon.py MDL_DOVE.ZD2 ; display icon.png
Target matched: picTotalDisplay_AgModel
Symbol located: 0x800017e8
$ python3 extract_device_icon.py -t "_PrmPic" -s 2 MDL_DOVE.ZD2 ; display icon.png
Target matched: _PrmPic_Treble
Symbol located: 0x80001848
This should probably go into upstream pyelftools
In addition to effect's icon [ref: #52], the ELF part of the ZD2 contains several other icons: {
CategoryIcon_{cat}
andAddDelIcon_{cat}
}References to this data could be seen from the
.const
block for theeffectTypeImageInfo
, same one that describes the effect's on-device icon:reference addresses:
I didn't try to extract the actual images. I assume the reference addresses should translate into offsets into the
.const
or other section of the ELF.This is for
SOFTEC3S.ZD2
(SoftEcho) module, not sure if such layout is applicable for other modules.