I'm not sure if you want to understand the theory behind the hack, or just figure out a way to make this work. In case of the former:
The CFC file contains the feature limitations (resolution, noise, some menu enablements). But the file is signed so it can't be modified (unlike earlier version's CFC files which just had a CRC).
common_dll.dll contains the code to validate the signature. However, common_dll.dll is hash-checked at boot, and the software doesn't autostart if the hash doesn't match. So removing the signature check from common_dll.dll must be done without affecting the computed SHA digest.
Is that possible?
In theory, this would require a hash collision between the original common_dll.dll and the patched common_dll.dll. But in practice, FLIR can't code and messed up their hash; it uses signed chars when shifting the input bytes to words. This means that under certain circumstances, the sign bit (which is repeated on right-shifts for signed chars) is masking the data, which allows this data to be modified without the hash being affected. By "cleverly" (meaning: took ~10 minutes) searching a location which a.) removes the CFC signature check and b.) doesn't affect the common_dll.dll hash, it was possible to modify the firmware to enable higher resolution etc.
In your case, the hack version doesn't understand the firmware version on the device. Which version do you have installed on the cam?
Home
Help
Search
Login
Register
