Looks like that version 1.17 as distributed by OTE has disabled the telnet functionality. The modifications are committed and pushed in the repository so you are ready to roll. If the need arises I will add a way to set them from the command line too – but it looks that some disassembly is required first. magic_device with value 0x100 // this is probably the header size.With these changes in place there are two variables left in the header section that we don’t know how they are used. Despite the classy name, looks like it is used only for printing and the firmware does not actually run any checks against it. While I was at it I also added a command line argument for the field called firmware_version. Now when running tcrevenge in check mode it reads: Manual check (all tests have been done with model 3) Model: 3 6035 122 74 fo122 79. Thanks to the efforts of user stav it was possible to identify the problem and add a command line option in tcrevenge to manually set the model number. Newest firmware do not allow older firmware to be uploaded so this was a major problem. Initial tests have been done with firmware 1.07 (model number: 3 6035 122 74) while the 1.17 firmware has model number: 3 6035 122 89. Tcrevenge was not working with the latest firmware because the version number of the firmware (called surprisingly model number in tcrevenge) was hard coded. This is the fourth article in a series of articles documenting the reverse engineering of the TrendChip firmware image and the disassembly of its CRC checksum algorithm.Ī small update for the newer firmware (1.17 as distributed by OTE).
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |