I am not sure if this is the right place, mostly because I dont know how someone else would categorize this info. Mods exist for a reason, today that reason might be to move this to the correct place :)
According to google some is new info some is old.
I dumped /dev/block/mmcblk0p7 which appears to be the baseband firmware. It is not compressed or encrypted but rather appears to be a filesystem of some sort.
I have identified that they are using RTOS.com's threadX and traceX.
I identified a zip file which indicates the authors used IBM Rational ClearCase
I identified another zip file which is a process trace, attached here for convenience.
There is a file that appears to be a DES encrypted with mcrypt 2.2 (not compatible with 2.4). 56 bit key so it should not take terribly long to brute force. As I still do not have a firm grasp on the structure of the 32M disk dump I do not know where the key might be. I also do not have an idle system with sufficient capacity to deal with this in a timely fashion. Anyone got some FPGAs from the old bitcoin days? :)
There are probably some additional things I will eventually find. I have to go away for a few days so I wont be able to work on this until I return. I am going to look through threadX to see if that sheds light on the file format (they have a free demo download). The only other thing I can think of off the top of my head is that maybe the chip itself expects a specific filesystem.
Maybe this post will spur some people to start looking into it more (or publish what they have if they have looked into it).
According to google some is new info some is old.
I dumped /dev/block/mmcblk0p7 which appears to be the baseband firmware. It is not compressed or encrypted but rather appears to be a filesystem of some sort.
I have identified that they are using RTOS.com's threadX and traceX.
I identified a zip file which indicates the authors used IBM Rational ClearCase
I identified another zip file which is a process trace, attached here for convenience.
There is a file that appears to be a DES encrypted with mcrypt 2.2 (not compatible with 2.4). 56 bit key so it should not take terribly long to brute force. As I still do not have a firm grasp on the structure of the 32M disk dump I do not know where the key might be. I also do not have an idle system with sufficient capacity to deal with this in a timely fashion. Anyone got some FPGAs from the old bitcoin days? :)
There are probably some additional things I will eventually find. I have to go away for a few days so I wont be able to work on this until I return. I am going to look through threadX to see if that sheds light on the file format (they have a free demo download). The only other thing I can think of off the top of my head is that maybe the chip itself expects a specific filesystem.
Maybe this post will spur some people to start looking into it more (or publish what they have if they have looked into it).