Placing breakpoints in the original firmware

When booting, the firmware erases IRAM and RAM.
However, it’s easy to patch the code which erases IRAM. Then, by analyzing the firmware a little further, I noticed a safe location in IRAM to place my own code.

By digging a bit more in the firmware, I found the function that will show a messagebox, and a few other functions related to the UI (displaying bottom buttons, …).

Using medios, I can reload the original firmware, patch it with a breakpoint (currently a very simple 8 bytes branch) and execute my code. Then, inside my code, I can show a message box with any value I want, including register values, memory, … The only problem is that the device will crash after showing the message box because the breakpoint corrupts the stack. But it still enables to see some very interesting things.

This entry was posted in Archos Gmini 402. Bookmark the permalink.

One Response to Placing breakpoints in the original firmware

  1. Syed says:

    Part of the problem is the vocalubary of tasks .Indeed.It gets especially tricky when your product is powerful and flexible and is being sold to address tasks in wildly different markets. The same base task, from the perspective of the product, might have different names and associated vocalubary for the person needing to perform that basic task in an inter-bank clearing house, versus the person needing to do something that incorporates the same basic task, but for US Homeland Security or Israeli MOSAD. One thing that alleviates _some_ of that problem is that companies building such products often sell to their end customers through middle-layer VARs (value-added re-sellers) who often amalgamate and massage documentation from several source companies into the final product or service that they sell to the bankers or to the government spy agencies (or the petroleum industry, or the publishing industry, or the utility companies or ) Indeed, it might be those value-added re-sellers who take on the task of getting translations done. Pity them.

Leave a Reply

Your email address will not be published. Required fields are marked *