re-encript rbi file

[adriano65]

Hi Pedro, i am studying a Thomson Modem TG799vn v2 and i would like to change the flash address where firmware will be loaded. I used an hex editor to change address in binary file, but the CFE fails after tftp loaded new firmware. Watching into your blparser.py it seems that i have to crypt the header again. Can you please point me in right direction? I use C language and python is quite uncomfortable to me.. Many thanks in advance

[pedro-n-rocha]

hi Adriano,

there is no way to crypt it back withou the private key.. sorry ...

[adriano65]

Thank you very much for answer :-) I just connected jtag. Next way will be easycwmp. Have nice day!

[adriano65]

Hi Pedro, sorry to bother again. I found and tested private key with openssl I modified your blparser to load private key in enc object enc = RSA.importKey(privk) At that point the encoded message in decrypted change.!!

decrypted = enc.encrypt(binascii.unhexlify((hcrypt)),None)[0] print 'decrypted : ' hexdump.hexdump(decrypted)

and i cant recover correct the hash hmac = binascii.hexlify( decrypted[p:len(decrypted)])

Do you have any suggestion ? Thank you very much :-)

[adriano65]

Sorry, my mistake. The private key is not correct :-(