Products > Test Equipment
DG4000 - a firmware investigation
<< < (70/96) > >>
GonzoTheGreat:

--- Quote from: tv84 on February 13, 2019, 04:23:01 pm ---1. With a special parser that I developed.

--- End quote ---
Would you send me the source code for it?  I'd like to improve it.


--- Quote from: tv84 on February 13, 2019, 04:23:01 pm ---But, with the information that I show in the parsing you could do that easily with any hex editor.

--- End quote ---
Of course
I already figured out the the checksum for each segment is the CRC16 with Poly==0x8408 and Init==0xFFFF.

Do the GEL files for the DG4000 have an encrypted footer like the GEL files for DS1000Z ?



--- Quote from: tv84 on February 13, 2019, 04:23:01 pm ---4. The ones that have executable code can be looked at in IDA.

--- End quote ---
Isn't the code obfuscated?
Anyway, without ubiquitous executable headers (like ELF, PE, etc...), IDA might have a problem recognizing the code.


--- Quote from: tv84 on February 13, 2019, 04:23:01 pm ---5. I can have a look that. But, isn't there any PCB photos that let you identify the ICs involved?

--- End quote ---
Not that, I know of.
Even if there were photos detailed enough to read the markings on the chips, I would expect them to be house numbers.

I have the time and burning desire to patch some bugs and strings in the CPU's code.
FPGA code is beyond my abilities, but the function calls to it are not.

smithnerd:

--- Quote from: GonzoTheGreat on February 13, 2019, 01:02:33 pm ---
What CPU does the DG4000 firmware run on ?


--- End quote ---

The firmware has '(DSP)' in the filename rather than '(ARM)', which probably means it will be an Analog Devices Blackfin part, like the DS2000 uses.
RoGeorge:
For FPGA/DSP/DAC, a nice teardown with lots of info about the inside of DG4000, by mikeselectricstuff



https://www.eevblog.com/forum/testgear/rigol-dg4062-functionarbitary-waveform-generator-teardown/
GonzoTheGreat:

--- Quote from: smithnerd on February 13, 2019, 05:25:15 pm ---The firmware has '(DSP)' in the filename rather than '(ARM)', which probably means it will be an Analog Devices Blackfin part, like the DS2000 uses.

--- End quote ---
Shit!
IDA 7 does not support this Analog Devices BlackFin ADSP-BF526 processor and a 3rd party BlackFin plugin is 8 years old :(
tv84:

--- Quote from: GonzoTheGreat on February 13, 2019, 05:54:24 pm ---
--- Quote from: smithnerd on February 13, 2019, 05:25:15 pm ---The firmware has '(DSP)' in the filename rather than '(ARM)', which probably means it will be an Analog Devices Blackfin part, like the DS2000 uses.

--- End quote ---
Shit!
IDA 7 does not support this Analog Devices BlackFin ADSP-BF526 processor and a 3rd party BlackFin plugin is 8 years old :(

--- End quote ---

The 3rd party plugin should help, despite it's age.

If you have any particular block you are sure you would like to analyse, I can dump it for you in a way you don't need to rely on the plugin.
Navigation
Message Index
Next page
Previous page
There was an error while thanking
Thanking...

Go to full version
Powered by SMFPacks Advanced Attachments Uploader Mod