基於 Wyplayer/韌體的多媒體中心
韌體檔案允許使用者更新這些多媒體磁碟。它們由每個多媒體磁碟製造商分發,並且似乎在不同的(品牌)裝置之間**不可互換/相容**。
- 瞭解 .wup 檔案結構(已完成)
- 瞭解 .wup 檔案各部分格式(XML 和核心,軟體尚未)
- 瞭解 .wup 檔案各部分功能(待定)
- 使用其他裝置的韌體更新裝置(待定)
- 生成我們自己的“核心”並安裝到裝置中(待定)
- 生成我們自己的“軟體”並安裝到裝置中(待定)
- 瞭解每個裝置的 update.wup 中軟體部分使用的加密金鑰(待定)
- 獲取裝置訪問許可權,以便在工作時獲取更多資訊(待定)
示例
<root>
<specVersion>
<major>1</major>
<minor>1</minor>
</specVersion>
<update>
<version>001.002.00014.0000007929</version>
<displayName>Grab'n'GO Wireless Media Titan</displayName>
<description>-----</description>
<target>WBD000930AA</target>
<targetList>
<target>WBD000930AB</target>
</targetList>
<level>0</level>
<provider>-----</provider>
<generationDatetime>2009-02-09T10:22:13+0100Z</generationDatetime>
<uri>announce</uri>
<signature/>
<partList>
<part>
<id>1</id>
<displayName>Kernel</displayName>
<version>2.6.17.14.617</version>
<type>kernel</type>
<uri>kernel</uri>
<compression>none</compression>
<parent>1</parent>
<generationDatetime>2009-02-09T10:22:09+0100Z</generationDatetime>
<uncompressedSize>1962745</uncompressedSize>
<signature>ddbeb13f573a12c880b1d971ff25949b</signature>
</part>
<part>
<id>2</id>
<displayName>Software</displayName>
<version>001.002.00014.0000007929</version>
<type>core</type>
<uri>core</uri>
<compression>none</compression>
<parent>2</parent>
<generationDatetime>2009-02-09T10:22:09+0100Z</generationDatetime>
<uncompressedSize>121692160</uncompressedSize>
<signature>1afb31cdc482ce22c1ae0406ee55161f</signature>
</part>
</partList>
</update>
</root>
根據 file 命令的輸出(在基於 *nix 的系統中可用),核心檔案類似於
System:$ file kernel2.6.17.14.617_1.2.14.7929.bin
kernel2.6.17.14.617_1.2.14.7929.bin: u-boot/PPCBoot image
在 wyplay 提供的原始碼中,存在一個 uboot-
- 檢視 uboot-
主資料夾中找到的 Makefile,可以找到針對不同 wyplay 板的不同(入口)。我們正在嘗試為 wymdbox_config(wyplayer 多媒體盒)配置和編譯,我們理解這與這些多媒體磁碟對應。 - 由於缺少 SH4 編譯器(¿?)導致 Make 失敗。這似乎是多媒體磁碟的處理器架構。(規格:http://lars.nocrew.org/computers/processors/SuperH/sh4cpu_sh1.pdf)。
- 已為該架構的交叉編譯編譯了工具鏈:http://wiki.debian.org/SH4/CrossToolchain
- u-boot 已為 wymdbox 編譯。
- 顯然,韌體核心檔案包含 u-boot 和核心。
此檔案的頭部魔數 (0x270519) 表明它是 u-boot 型別。透過分析檔案的其餘部分,您發現在偏移量 352 處有一個 gzip 檔案(至少在目前審查的檔案中),可以使用命令提取
dd if=kernel.bin bs=352 skip=1 | gzip -d > kernel.uncompressed
透過分析這個解壓縮的檔案,我們發現在裡面(至少在大多數韌體中)有兩個其他壓縮檔案。其中一個似乎是核心配置檔案,另一個是編譯期間所需的 initramfs.cpio(如果設定了所需引數)。
建立了一個新的指令碼,用於在其他檔案中查詢和解壓縮 gzip 檔案。作為輸入,需要您要查詢 gzip 檔案的檔案/檔案(作為輸入,您可以使用類似 kernel1.2* 的內容)。
#!/bin/bash
# search_gzip
# Copyright (C) 2008, 2009, 2010
# Free Software Foundation, Inc.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# Original Author: Orensbruli (Esteban Martinena Guerrero)
# Current Version: 0.1
PATTERN=1f8b0800
P_LEFT=`echo $PATTERN | cut -b1`
P_RIGHT=`echo $PATTERN | cut -b2-`
for FILE in $@
do
loop=1
OFFSET=$(expr `xxd -p $FILE | tr -d '\n' | sed -e "s/$P_LEFT\($P_RIGHT\)/p\1/g" | cut -d'p' -f1-$loop | wc -c` / 2)
LAST_OFFSET="_"
OUT_DIR=uncompressed
if [ ! -d $OUT_DIR ]
then
mkdir $OUT_DIR
fi
echo "Looking inside file $FILE..."
while [ ! $OFFSET == $LAST_OFFSET ]
do
dd if=$FILE bs=1 skip=$OFFSET 2>/dev/null | gzip -dc 2>/dev/null > $OUT_DIR/$FILE\_$loop\_$OFFSET.uncomp
if [ $? -eq 1 ]
then
echo "False gzip in $OFFSET."
rm $OUT_DIR/$FILE\_$loop\_$OFFSET.uncomp
else
echo "Generating gzip file: $OUT_DIR/$FILE\\_$loop\\_$OFFSET.uncomp"
fi
loop=$(expr $loop + 1)
LAST_OFFSET=$OFFSET
OFFSET=$(expr `xxd -p $FILE | tr -d '\n' | sed -e 's/1f8b/pqrs/g' | cut -d'p' -f1-$loop | wc -c` / 2)
done
echo "End of search"
done
在這種情況下,可以用來從核心檔案中獲取 gzip 檔案,或者用來獲取從核心中提取的解壓縮檔案中的 gzip 檔案。為了闡明所有這些內容,檔案層次結構如下所示
update.wup(使用提取指令碼)
- 頭部(在最後 4 個位元組中包含核心檔案大小)
- 核心(使用 gzip 提取指令碼)
- kernel.uncomp(使用 gzip 提取指令碼)
- 配置(核心編譯的配置檔案)
- initramfs.cpio(編譯所需的檔案)
- kernel.uncomp(使用 gzip 提取指令碼)
- 中間(在最後 4 個位元組中包含軟體檔案大小)
- 軟體
- 頁尾
- infoxml(關於 update.wup 檔案和裝置的 xml 資訊)
注意:有一個名為 Tribbox 的專案。一個與我們具有類似規格的多媒體中心(至少處理器相同),其中包含有關掛載作業系統等的資訊。可能有用:http://www.tribbox.com/
迄今為止,我們尚不完全瞭解軟體系統的格式,但知道“file”命令對此檔案輸出“data”。猜測它是一個 squahfs 檔案系統,此外還使用 aes-cbc-plain 編碼和 128 位金鑰進行加密。影像可能由核心 Linux 的 dm-crypt 介面解密。
透過結合所有發現,建立了一個指令碼,該指令碼從從韌體檔案 (提取指令碼) (wup) 中獲得的軟體檔案和其他包含可能密碼列表的檔案中,嘗試解密並瞭解底層檔案系統。已知問題
- 我們不確定使用的加密系統,因此我們正在盲目嘗試。
- 該指令碼為我們提供了許多誤報結果,因為系統始終被解密。決定是否成功的是 file 的輸出,我們應該期望類似於 squashfs 檔案系統或類似的東西。
下面,只是一個在 Linux 檔案系統和完整分割槽中作為解密示例的教學程式碼。我們對使用不承擔任何責任。建議在使用前進行審查。
#! /bin/bash
# soft_decrypt
# Copyright (C) 2008, 2009, 20010
# Free Software Foundation, Inc.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# Original Author: Orensbruli (Esteban Martinena Guerrero)
# Current Version: 0.1
#Verifying syntax of script call
if [ $# -lt 2 ]
then
echo -e "Wrong call."
echo -e "ej: $0 <software_file wup> <password_list_file>"
exit
fi
SOFTWARE_FILE=$1
PASSWORDS_FILE=$2
#Setting up device /dev/loop0 to select software file
losetup /dev/loop0 $SOFTWARE_FILE
#For each password
for passwd in `cat $PASSWORDS_FILE`
do
#echo "Trying password $passwd..."
#Mapping device /dev/loop0 with encrypted password as aes-cbc-plain 128 bits e /dev/mapper/decrypted
echo $passwd | cryptsetup -c aes-cbc-plain -s 128 -b `blockdev --getsize /dev/loop0` create decrypted /dev/loop0 2>/dev/null
#Sometimes problems because it keep going on mapping the one before, and tries to "un-map" and map again
if [ ! $? -eq 0 ]
then
dmsetup remove decripted
#echo -e "\tTrying again password $passwd..."
echo $passwd | cryptsetup -c aes-cbc-plain -s 128 -b `blockdev --getsize /dev/loop0` create decripted /dev/loop0
fi
#Small sample file is created with the beginning of the decrypted partition
dd if=/dev/mapper/decrypted of=sample.img count=100 bs=1 2> /dev/null
#Verifying file type. If successful, we should expect squashfs filesystem or something like that
TYPE=`file sample.img | grep -v "sample.img: data"`
if [ $? -eq 0 ]
then
echo "Decrypted as \"$TYPE\" with password $passwd"
fi
#Trying to despam (?) /dev/loop0 de /dev/mapper/decrypted
cryptsetup remove decrypted 2> /dev/null
dmsetup remove decrypted 2> /dev/null
#Wait 1 sec
sleep 1
done
#Delete association between software_file and /dev/loop0
losetup -d /dev/loop0
此 bash/shell 指令碼允許從一個韌體更新檔案 (.wup) 中獲取相應的核心、軟體和 XML 資訊檔案。它是完全 GPL 的,我們對它的使用不承擔任何責任。任何對功能或效果感興趣的人員都必須對其進行分析。當然,任何改進、建議或貢獻都將受到讚賞。
迄今為止,我們從 .wup 更新檔案中獲得了六個檔案。主要檔案是核心和軟體,infoxml 的興趣有限,其他檔案(header_bytes、middle_bytes 和 footer_bytes)是在檔案不同部分中沒有標識的位元組。這樣做是為了結合所有檔案,我們可以獲得一個新的原始檔案,而不會丟失資訊。
header_bytes # kernel # middle_bytes # software # footer_bytes # infoxml
此指令碼已在 MediaTitan、ZoltarTv 和 Wyplayer 的最新更新檔案中成功測試。
#! /bin/bash
# wup_extract
# Copyright (C) 2008, 2009, 20010
# Free Software Foundation, Inc.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# Original Author: Orensbruli (Esteban Martinena Guerrero)
# Current Version: 0.2
#File needed as input parameter
if [ $# -lt 1 ]
then
echo -e "Wrong call."
echo -e "ej: $0 <update_file.wup>"
exit
fi
FILE=$1
#Obtaining XML info and storing in file
echo -e "Analyzing file $FILE."
FILE_SIZE=`du -b $FILE | cut -f1`
LINEAS=`wc -l $FILE | cut -d' ' -f1`
ROOT_BEGIN=`grep -a -n -u "root" $FILE | head -n1 | cut -d':' -f1`
echo -e "\t$LINEAS total lines. Root section begins at line $ROOT_BEGIN."
TAIL=`expr $LINEAS - $ROOT_BEGIN + 1`
tail -n $TAIL $FILE > $FILE.xml
VERSION=`cat $FILE.xml | grep version | head -n1 | cut -d'>' -f 2 | cut -d'<' -f1 | sed -e 's/^0*//' | sed -e 's/\.0*/./g'`
XML_FILE=infoxml\_$VERSION.xml
mv $FILE.xml $XML_FILE
echo -e "\tXML info obtained from firmware version $VERSION: $XML_FILE"
#Kernel information
KERNEL_VERSION=`cat $XML_FILE | grep -A 9 "<id>1" | grep version | head -n1 | cut -d'>' -f 2 | cut -d'<' -f1`
KERNEL_SIZE=`cat $XML_FILE | grep -A 9 "<id>1" | grep uncompressedSize | head -n1 | cut -d'>' -f 2 | cut -d'<' -f1`
KERNEL_FILE=kernel$KERNEL_VERSION\_$VERSION.bin
KERNEL_SIGNATURE=`cat $XML_FILE | grep -A 9 "<id>1" | grep signature | head -n1 | cut -d'>' -f 2 | cut -d'<' -f1`
#Software file information
SOFTWARE_FILE=software_$VERSION.bin
SOFTWARE_SIZE=`cat $XML_FILE | grep -A 9 "<id>2" | grep uncompressedSize | head -n1 | cut -d'>' -f 2 | cut -d'<' -f1`
SOFTWARE_SIGNATURE=`cat $XML_FILE | grep -A 9 "<id>2" | grep signature | head -n1 | cut -d'>' -f 2 | cut -d'<' -f1`
echo -e "\tKernel section in the XML. Version:$KERNEL_VERSION, Size: $KERNEL_SIZE, Checksum: $KERNEL_SIGNATURE."
echo -e "\tSoftware section in the XML. Size: $SOFTWARE_SIZE, Checksum: $SOFTWARE_SIGNATURE."
echo -e "Looking for kernel and software files offset..."
for KERNEL_OFFSET in `seq 1 200`
do
dd if=$FILE of=$KERNEL_FILE bs=1 count=200 skip=$KERNEL_OFFSET 2> /dev/null
file $KERNEL_FILE | grep "u-boot/PPCBoot image" > /dev/null
if [ $? -eq 0 ]
then
break
else
echo -e "\t$KERNEL_OFFSET"
fi
done
HEADER_BYTES=$KERNEL_OFFSET
HEADER_BYTES_FILE=header_bytes_$VERSION.bin
MIDDLE_BYTES=10
MIDDLE_BYTES_FILE=middle_bytes_$VERSION.bin
SOFTWARE_OFFSET=`expr $HEADER_BYTES + $KERNEL_SIZE + 10`
FOOTER_BYTES=`expr $(expr $(du -b $FILE | cut -f1)) - $(expr $HEADER_BYTES + $KERNEL_SIZE + $MIDDLE_BYTES + $SOFTWARE_SIZE) - $(expr $(du -b $XML_FILE | cut -f1))`
FOOTER_BYTES_FILE=footer_bytes_$VERSION.bin
echo -e "\tKernel found between bytes $KERNEL_OFFSET and $( expr $KERNEL_OFFSET + $KERNEL_SIZE )."
echo -e "\tSoftware found between bytes $SOFTWARE_OFFSET and $( expr $SOFTWARE_OFFSET + $SOFTWARE_SIZE )."
echo -e "Extracting header bytes..."
dd if=$FILE of=$HEADER_BYTES_FILE bs=1 count=$HEADER_BYTES 2> /dev/null
echo -e "\tHeader file ($HEADER_BYTES_FILE) extracted."
echo -e "Extracting kernel file..."
touch $SOFTWARE_FILE
dd if=$FILE of=$KERNEL_FILE bs=1 count=$KERNEL_SIZE skip=$KERNEL_OFFSET 2> /dev/null&
DIFF=`expr $KERNEL_SIZE - $( du -b $KERNEL_FILE | cut -f1 )`
while [ ! $DIFF -eq 0 ]
do
echo -e "\t $DIFF bytes pending for extract"
sleep 5
DIFF=`expr $KERNEL_SIZE - $( du -b $KERNEL_FILE | cut -f1 )`
done
KERNEL_FILE_TYPE=`file $KERNEL_FILE`
MD5SUM=`md5sum $KERNEL_FILE | cut -d' ' -f1`
if [ $MD5SUM == $KERNEL_SIGNATURE ]
then
echo -e "\tKernel file ($KERNEL_FILE) extracted successfully"
else
echo -e "ERROR: Kernel file ($KERNEL_FILE) failed"
fi
echo -e "Extracting middle bytes..."
dd if=$FILE of=$MIDDLE_BYTES_FILE bs=1 count=$MIDDLE_BYTES skip=`expr $HEADER_BYTES + $KERNEL_SIZE` 2> /dev/null
echo -e "\tMiddle bytes file ($MIDDLE_BYTES_FILE) extracted."
echo -e "Extracting software file..."
touch $SOFTWARE_FILE
dd if=$FILE of=$SOFTWARE_FILE bs=1 count=$SOFTWARE_SIZE skip=$SOFTWARE_OFFSET 2> /dev/null&
DIFF=`expr $SOFTWARE_SIZE - $( du -b $SOFTWARE_FILE | cut -f1)`
while [ ! $DIFF -eq 0 ]
do
echo -e "\t $DIFF bytes pending for extract"
sleep 5
DIFF=`expr $SOFTWARE_SIZE - $( du -b $SOFTWARE_FILE | cut -f1)`
done
SOFTWARE_FILE_TYPE=`file $SOFTWARE_FILE`
MD5SUM=`md5sum $SOFTWARE_FILE | cut -d' ' -f1`
if [ $MD5SUM == $SOFTWARE_SIGNATURE ]
then
echo -e "\tSoftware file ($SOFTWARE_FILE) extracted successfully"
else
echo -e "ERROR: Software file ($SOFTWARE_FILE) failed"
fi
echo -e "Extracting footer bytes..."
dd if=$FILE of=$FOOTER_BYTES_FILE bs=1 count=$FOOTER_BYTES skip=`expr $HEADER_BYTES + $KERNEL_SIZE + $MIDDLE_BYTES + $SOFTWARE_SIZE` 2> /dev/null
echo -e "\tFooter bytes file ($FOOTER_BYTES_FILE) extracted."
kill `pidof dd` 2> /dev/null
發現的問題之一是,一個裝置不能使用不同的裝置(品牌)韌體檔案進行更新。原因似乎是每個裝置都有一個識別符號,此外,韌體檔案的“軟體”部分對於每個裝置的加密方式都不同。
如果只是這樣,理論上可以為裝置建立具有修改核心部分的韌體,即使這樣,更新也允許。更新檔案中包含的每個6個部分,都會構建一個新的部分,作為一些不同韌體檔案的混合。
為了測試混合兩個韌體檔案內容的概念,已經建立了一個指令碼,能夠從兩個不同的檔案中生成一個新的 .wup 檔案。指令碼反彙編這兩個原始檔案(僅當反彙編後的部分在資料夾中不可用時),並提供許多可能的組合。這對於驗證這些組合中是否有任何組合允許我們更新裝置很有用。作為一般規則,從指令碼提供的所有選項中,我們感興趣的是那些混合了來自不同裝置的一個部分和我們裝置其餘部分的選項。更具體地說,是那個採用另一個裝置的核心以及我們自己裝置的其餘部分的選項。生成的的檔案尚未經過測試,因此我們建議在使用它們時謹慎行事。
重要:要執行此指令碼,您需要更改變數 EXTRACT_PROGRAM 的值,並設定到提取指令碼的路徑。
操作很簡單
wup_mix <update_file1> <update_file2>
#! /bin/bash
# wup_mix
# Copyright (C) 2008, 2009, 20010
# Free Software Foundation, Inc.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# Original Author: Orensbruli (Esteban Martinena Guerrero)
# Current Version: 0.1
#PATH to extraction script
EXTRACT_PROGRAM=<PATH_TO_EXTRACTION_SCRIPT>/extract_xml
if [ ! -f $EXTRACT_PROGRAM ]
then
echo "You must set variable EXTRACT_PROGRAM to extraction script path"
fi
#File is needed as input parameter
if [ $# -lt 2 ]
then
echo -e "Wrong call."
echo -e "ej: $0 <update_file_1.wup> <update_file_2.wup>"
exit
fi
UPDATE_FILE1=$1
UPDATE_FILE2=$2
if [ $UPDATE_FILE1 == $UPDATE_FILE2 ]
then
echo "Files can not have same name even in different folders."
echo "Try to rename one of them (ej. mv update.wup update1.wup)."
exit
fi
echo -e "Checking if mixture of files is possible."
UPDATE_FILE1_SIZE=`du -b $UPDATE_FILE1 | cut -f1`
LINEAS1=`wc -l $UPDATE_FILE1 | cut -d' ' -f1`
ROOT_BEGIN1=`grep -a -n -u "root" $UPDATE_FILE1 | head -n1 | cut -d':' -f1`
TAIL1=`expr $LINEAS1 - $ROOT_BEGIN1 + 1`
tail -n $TAIL1 $UPDATE_FILE1 > $UPDATE_FILE1.xml
VERSION1=`cat $UPDATE_FILE1.xml | grep version | head -n1 | cut -d'>' -f 2 | cut -d'<' -f1 | sed -e 's/^0*//' | sed -e 's/\.0*/./g'`
UPDATE_FILE2_SIZE=`du -b $UPDATE_FILE2 | cut -f1`
LINEAS2=`wc -l $UPDATE_FILE2 | cut -d' ' -f1`
ROOT_BEGIN2=`grep -a -n -u "root" $UPDATE_FILE2 | head -n1 | cut -d':' -f1`
TAIL2=`expr $LINEAS2 - $ROOT_BEGIN2 + 1`
tail -n $TAIL2 $UPDATE_FILE2 > $UPDATE_FILE2.xml
VERSION2=`cat $UPDATE_FILE2.xml | grep version | head -n1 | cut -d'>' -f 2 | cut -d'<' -f1 | sed -e 's/^0*//' | sed -e 's/\.0*/./g'`
DATE_KERNEL1=`cat $UPDATE_FILE1.xml | grep -i generationDatetime | tail -n2 | head -n1 | cut -d'>' -f 2 | cut -d'<' -f1`
DATE_KERNEL2=`cat $UPDATE_FILE2.xml | grep -i generationDatetime | tail -n2 | head -n1 | cut -d'>' -f 2 | cut -d'<' -f1`
DATE_SOFTWARE1=`cat $UPDATE_FILE1.xml | grep -i generationDatetime | tail -n1 | cut -d'>' -f 2 | cut -d'<' -f1`
DATE_SOFTWARE2=`cat $UPDATE_FILE2.xml | grep -i generationDatetime | tail -n1 | cut -d'>' -f 2 | cut -d'<' -f1`
SIGNATURE_KERNEL1=`cat $UPDATE_FILE1.xml | grep -i signature | tail -n2 | head -n1 | cut -d'>' -f 2 | cut -d'<' -f1`
SIGNATURE_KERNEL2=`cat $UPDATE_FILE2.xml | grep -i signature | tail -n2 | head -n1 | cut -d'>' -f 2 | cut -d'<' -f1`
SIGNATURE_SOFTWARE1=`cat $UPDATE_FILE1.xml | grep -i signature | tail -n1 | cut -d'>' -f 2 | cut -d'<' -f1`
SIGNATURE_SOFTWARE2=`cat $UPDATE_FILE2.xml | grep -i signature | tail -n1 | cut -d'>' -f 2 | cut -d'<' -f1`
SIZE_KERNEL1=`cat $UPDATE_FILE1.xml | grep -i uncompressedSize | tail -n2 | head -n1 | cut -d'>' -f 2 | cut -d'<' -f1`
SIZE_KERNEL2=`cat $UPDATE_FILE2.xml | grep -i uncompressedSize | tail -n2 | head -n1 | cut -d'>' -f 2 | cut -d'<' -f1`
SIZE_SOFTWARE1=`cat $UPDATE_FILE1.xml | grep -i uncompressedSize | tail -n1 | cut -d'>' -f 2 | cut -d'<' -f1`
SIZE_SOFTWARE2=`cat $UPDATE_FILE2.xml | grep -i uncompressedSize | tail -n1 | cut -d'>' -f 2 | cut -d'<' -f1`
NAME1=`cat $UPDATE_FILE1.xml | grep -i displayName | head -n1| cut -d'>' -f 2 | cut -d'<' -f1`
NAME2=`cat $UPDATE_FILE2.xml | grep -i displayName | head -n1| cut -d'>' -f 2 | cut -d'<' -f1`
if [ $VERSION1 == $VERSION2 ]
then
echo "Both update files are of same version. Must be from two different versions to be mixed."
rm $UPDATE_FILE1.xml
rm $UPDATE_FILE2.xml
exit
else
echo "Ok."
fi
rm $UPDATE_FILE1.xml
rm $UPDATE_FILE2.xml
bash $EXTRACT_PROGRAM $UPDATE_FILE1
bash $EXTRACT_PROGRAM $UPDATE_FILE2
echo "Type number of operation to do:"
select OPCION in cabecera$NAME1$VERSION1+resto$NAME2$VERSION2 kernel$NAME1$VERSION1+resto$NAME2$VERSION2 middle$NAME1$VERSION1+resto$NAME2$VERSION2 software$NAME1$VERSION1+resto$NAME2$VERSION2 footer$NAME1$VERSION1+resto$NAME2$VERSION2 xml$NAME1$VERSION1+resto$NAME2$VERSION2 cabecera$NAME2$VERSION2+resto$NAME1$VERSION1 kernel$NAME2$VERSION2+resto$NAME1$VERSION1 middle$NAME2$VERSION2+resto$NAME1$VERSION1 software$NAME2$VERSION2+resto$NAME1$VERSION1 footer$NAME2$VERSION2+resto$NAME1$VERSION1 xml$NAME2$VERSION2+resto$NAME1$VERSION1
do
NEW_NAME=$OPCION.wup
case $OPCION in
cabecera$NAME1$VERSION1+Resto$NAME2$VERSION2)
PARTS[0]=`ls -1 header_bytes*$VERSION1.bin | head -n1`
PARTS[1]=`ls -1 kernel*$VERSION2.bin | head -n1`
PARTS[2]=`ls -1 middle_bytes*$VERSION2.bin | head -n1`
PARTS[3]=`ls -1 software*$VERSION2.bin | head -n1`
PARTS[4]=`ls -1 footer_bytes*$VERSION2.bin | head -n1`
PARTS[5]=`ls -1 infoxml*$VERSION2.xml | head -n1`
;;
cabecera$NAME2$VERSION2+resto$NAME1$VERSION1)
PARTS[0]=`ls -1 header_bytes*$VERSION2.bin | head -n1`
PARTS[1]=`ls -1 kernel*$VERSION1.bin | head -n1`
PARTS[2]=`ls -1 middle_bytes*$VERSION1.bin | head -n1`
PARTS[3]=`ls -1 software*$VERSION1.bin | head -n1`
PARTS[4]=`ls -1 footer_bytes*$VERSION1.bin | head -n1`
PARTS[5]=`ls -1 infoxml*$VERSION1.xml | head -n1`
;;
kernel$NAME1$VERSION1+resto$NAME2$VERSION2)
PARTS[0]=`ls -1 header_bytes*$VERSION2.bin | head -n1`
PARTS[1]=`ls -1 kernel*$VERSION1.bin | head -n1`
PARTS[2]=`ls -1 middle_bytes*$VERSION2.bin | head -n1`
PARTS[3]=`ls -1 software*$VERSION2.bin | head -n1`
PARTS[4]=`ls -1 footer_bytes*$VERSION2.bin | head -n1`
PARTS[5]=`ls -1 infoxml*$VERSION2.xml | head -n1`
cp ${PARTS[5]} ${PARTS[5]}.aux
PARTS[5]=${PARTS[5]}.aux
sed -i -e "s/$SIZE_KERNEL2/$SIZE_KERNEL1/g" -e "s/$SIGNATURE_KERNEL2/$SIGNATURE_KERNEL1/g" -e "s/$DATE_KERNEL2/$DATE_KERNEL1/g" ${PARTS[5]}
;;
kernel$NAME2$VERSION2+resto$NAME1$VERSION1)
PARTS[0]=`ls -1 header_bytes*$VERSION1.bin | head -n1`
PARTS[1]=`ls -1 kernel*$VERSION2.bin | head -n1`
PARTS[2]=`ls -1 middle_bytes*$VERSION1.bin | head -n1`
PARTS[3]=`ls -1 software*$VERSION1.bin | head -n1`
PARTS[4]=`ls -1 footer_bytes*$VERSION1.bin | head -n1`
PARTS[5]=`ls -1 infoxml*$VERSION1.xml | head -n1`
cp ${PARTS[5]} ${PARTS[5]}.aux
PARTS[5]=${PARTS[5]}.aux
sed -i -e "s/$SIZE_KERNEL1/$SIZE_KERNEL2/g" -e "s/$SIGNATURE_KERNEL1/$SIGNATURE_KERNEL2/g" -e "s/$DATE_KERNEL1/$DATE_KERNEL2/g" ${PARTS[5]}
;;
middle$NAME1$VERSION1+resto$NAME2$VERSION2)
PARTS[0]=`ls -1 header_bytes*$VERSION2.bin | head -n1`
PARTS[1]=`ls -1 kernel*$VERSION2.bin | head -n1`
PARTS[2]=`ls -1 middle_bytes*$VERSION1.bin | head -n1`
PARTS[3]=`ls -1 software*$VERSION2.bin | head -n1`
PARTS[4]=`ls -1 footer_bytes*$VERSION2.bin | head -n1`
PARTS[5]=`ls -1 infoxml*$VERSION2.xml | head -n1`
;;
middle$NAME2$VERSION2+resto$NAME1$VERSION1)
PARTS[0]=`ls -1 header_bytes*$VERSION1.bin | head -n1`
PARTS[1]=`ls -1 kernel*$VERSION1.bin | head -n1`
PARTS[2]=`ls -1 middle_bytes*$VERSION2.bin | head -n1`
PARTS[3]=`ls -1 software*$VERSION1.bin | head -n1`
PARTS[4]=`ls -1 footer_bytes*$VERSION1.bin | head -n1`
PARTS[5]=`ls -1 infoxml*$VERSION1.xml | head -n1`
;;
software$NAME1$VERSION1+resto$NAME2$VERSION2)
PARTS[0]=`ls -1 header_bytes*$VERSION2.bin | head -n1`
PARTS[1]=`ls -1 kernel*$VERSION2.bin | head -n1`
PARTS[2]=`ls -1 middle_bytes*$VERSION2.bin | head -n1`
PARTS[3]=`ls -1 software*$VERSION1.bin | head -n1`
PARTS[4]=`ls -1 footer_bytes*$VERSION2.bin | head -n1`
PARTS[5]=`ls -1 infoxml*$VERSION2.xml | head -n1`
cp ${PARTS[5]} ${PARTS[5]}.aux
PARTS[5]=${PARTS[5]}.aux
sed -i -e "s/$SIZE_SOFTWARE2/$SIZE_SOFTWARE1/g" -e "s/$SIGNATURE_SOFTWARE2/$SIGNATURE_SOFTWARE1/g" -e "s/$DATE_SOFTWARE2/$DATE_SOFTWARE1/g" ${PARTS[5]}
;;
software$NAME2$VERSION2+resto$NAME1$VERSION1)
PARTS[0]=`ls -1 header_bytes*$VERSION1.bin | head -n1`
PARTS[1]=`ls -1 kernel*$VERSION1.bin | head -n1`
PARTS[2]=`ls -1 middle_bytes*$VERSION1.bin | head -n1`
PARTS[3]=`ls -1 software*$VERSION2.bin | head -n1`
PARTS[4]=`ls -1 footer_bytes*$VERSION1.bin | head -n1`
PARTS[5]=`ls -1 infoxml*$VERSION1.xml | head -n1`
cp ${PARTS[5]} ${PARTS[5]}.aux
PARTS[5]=${PARTS[5]}.aux
sed -i -e "s/$SIZE_SOFTWARE1/$SIZE_SOFTWARE2/g" -e "s/$SIGNATURE_SOFTWARE1/$SIGNATURE_SOFTWARE2/g" -e "s/$DATE_SOFTWARE1/$DATE_SOFTWARE2/g" ${PARTS[5]}
;;
footer$NAME1$VERSION1+resto$NAME2$VERSION2)
PARTS[0]=`ls -1 header_bytes*$VERSION2.bin | head -n1`
PARTS[1]=`ls -1 kernel*$VERSION2.bin | head -n1`
PARTS[2]=`ls -1 middle_bytes*$VERSION2.bin | head -n1`
PARTS[3]=`ls -1 software*$VERSION2.bin | head -n1`
PARTS[4]=`ls -1 footer_bytes*$VERSION1.bin | head -n1`
PARTS[5]=`ls -1 infoxml*$VERSION2.xml | head -n1`
;;
footer$NAME2$VERSION2+resto$NAME1$VERSION1)
PARTS[0]=`ls -1 header_bytes*$VERSION1.bin | head -n1`
PARTS[1]=`ls -1 kernel*$VERSION1.bin | head -n1`
PARTS[2]=`ls -1 middle_bytes*$VERSION1.bin | head -n1`
PARTS[3]=`ls -1 software*$VERSION1.bin | head -n1`
PARTS[4]=`ls -1 footer_bytes*$VERSION2.bin | head -n1`
PARTS[5]=`ls -1 infoxml*$VERSION1.xml | head -n1`
;;
xml$NAME1$VERSION1+resto$NAME2$VERSION2)
PARTS[0]=`ls -1 header_bytes*$VERSION2.bin | head -n1`
PARTS[1]=`ls -1 kernel*$VERSION2.bin | head -n1`
PARTS[2]=`ls -1 middle_bytes*$VERSION2.bin | head -n1`
PARTS[3]=`ls -1 software*$VERSION2.bin | head -n1`
PARTS[4]=`ls -1 footer_bytes*$VERSION2.bin | head -n1`
PARTS[5]=`ls -1 infoxml*$VERSION1.xml | head -n1`
;;
xml$NAME2$VERSION2+resto$NAME1$VERSION1)
PARTS[0]=`ls -1 header_bytes*$VERSION1.bin | head -n1`
PARTS[1]=`ls -1 kernel*$VERSION1.bin | head -n1`
PARTS[2]=`ls -1 middle_bytes*$VERSION1.bin | head -n1`
PARTS[3]=`ls -1 software*$VERSION1.bin | head -n1`
PARTS[4]=`ls -1 footer_bytes*$VERSION1.bin | head -n1`
PARTS[5]=`ls -1 infoxml*$VERSION2.xml | head -n1`
;;
*)
continue
;;
esac
echo "Creating mixed file..."
touch $NEW_NAME
for part in $( seq 0 `expr ${#PARTS[*]} - 1` )
do
echo -e "\tAdding ${PARTS[$part]} to new file $NEW_NAME..."
dd if=${PARTS[$part]} of=$NEW_NAME bs=1 seek=`du -b $NEW_NAME | cut -f1` 2>/dev/null
done
echo "Done."
break
done
用於從 386 32 位交叉編譯的 SH4 工具鏈。下載並在 opt 中解壓縮:http://www.megaupload.com/?d=HSV19P40
用於從 386 32 位交叉編譯的 SH4 工具鏈。下載並在 opt 中解壓縮:http://www.megaupload.com/?d=HSV19P40
為了獲得對裝置的 telnet 訪問許可權,必須修改硬碟驅動器上的一個檔案。為此,您需要從裝置中取出硬碟驅動器並將其插入 PC 以獲取訪問許可權。任何 Linux 發行版都允許訪問硬碟驅動器並修改該檔案,即使是 Ubuntu Live CD 或任何其他發行版。
要修改的檔案位於分割槽 1 (JFS) 中。要掛載它,請執行以下命令
(注意:sda 必須更改為適合您的分割槽資料,並且所有命令都必須以 root 身份執行,即在命令前新增“sudo”)
$ mkdir /mnt/sda1 $ jfs_fsck /dev/sda1 $ mount /dev/sda1 /mnt/sda1
掛載後,我們必須透過在檔案末尾新增以下行來編輯“local_conf.py”檔案
import os
os.system('telnetd -l /bin/ash')
現在我們解除安裝分割槽 (umount /mnt/sda1) 並將硬碟驅動器重新插入裝置。
從現在開始,我們應該可以訪問裝置的 telnet:(如果它已連線到網路,很明顯)
$ telnet device_ip Wybox Release Branch 1.3.15 (Future is Now!) / $
迄今為止,我們已在以下版本上成功測試了此過程
Works Don't works Media Titan: 7983 and previous 7989 Zoltar TV: 7891 and previous 7909 Wyplayer: 8399? 8418 Mediatec: ? ?
- 2009 年 9 月:http://www.zoltartv.com/firmware/Sep-17-2009/update.zip
- 2009 年 6 月:http://www.zoltartv.com/firmware/Junio-16-2009/update.zip
- 2009 年 5 月:http://www.zoltartv.com/firmware/Mayo-27-2009/update.zip
- 2009 年 2 月:http://www.zoltartv.com/firmware/Febrero-02-2009/update.zip
CMT2D (non Wi-Fi):
http://download.conceptronic.net/GrabnGo/CMT2D_CMT2DW/CMT2D_FW_UPD_v1.3.15.7989_(1.3R6).zip
http://download.conceptronic.net/GrabnGo/CMT2D_CMT2DW/CMT2D_FW_UPD_v1.3.15.7984_(1.3R5).zip
http://download.conceptronic.net/GrabnGo/CMT2D_CMT2DW/CMT2D_FW_UPD_v1.3.15.7983_(1.3R4).zip
http://download.conceptronic.net/GrabnGo/CMT2D_CMT2DW/CMT2D_FW_UPD_v1.3.15.7963_BETA.zip
http://download.conceptronic.net/GrabnGo/CMT2D_CMT2DW/CMT2D_FW_UPD_v1.2.14.7929.ZIP
http://download.conceptronic.net/GrabnGo/CMT2D_CMT2DW/CMT2D_FW_UPD_v1.2.14.7926.zip
http://download.conceptronic.net/GrabnGo/CMT2D_CMT2DW/CMT2D_FW_UPD_v1.1.13.7870.ZIP
http://download.conceptronic.net/GrabnGo/CMT2D_CMT2DW/CMT2D_FW_v1.1.13.7860.ZIP
CMT2DW (Wi-Fi):
http://download.conceptronic.net/GrabnGo/CMT2D_CMT2DW/CMT2DW_FW_UPD_v1.3.15.7989_(1.3R6).zip
http://download.conceptronic.net/GrabnGo/CMT2D_CMT2DW/CMT2DW_FW_UPD_v1.3.15.7983_(1.3R4).zip
http://download.conceptronic.net/GrabnGo/CMT2D_CMT2DW/CMT2DW_FW_UPD_v1.3.15.7963_BETA.zip
http://download.conceptronic.net/GrabnGo/CMT2D_CMT2DW/CMT2DW_FW_UPD_v1.2.14.7929.ZIP
http://download.conceptronic.net/GrabnGo/CMT2D_CMT2DW/CMT2DW_FW_UPD_v1.2.14.7926.zip
http://download.conceptronic.net/GrabnGo/CMT2D_CMT2DW/CMT2DW_FW_UPD_v1.1.13.7870.ZIP
http://download.conceptronic.net/GrabnGo/CMT2D_CMT2DW/CMT2DW_FW_v1.1.13.7860.ZIP
- 2009 年 8 月:http://www.wyplayer.com/downloads/Wyplayer/1.3.16.8498_04.08.09/version-1.3.16.8498_1.3.16.8498_040809.zip
- 2009 年 6 月:http://www.wyplayer.com/downloads/Wyplayer/1.3.15.8418_11.06.09/version-1.3.15.8418_1.3.15.8418_110609.zip
- 2009 年 5 月:http://www.wyplayer.com/downloads/Wyplayer/1.3.15.8399_13.05.09/version-1.3.15.8399_1.3.15.8399_130509.zip
- 2009 年 4 月:http://www.wyplayer.com/downloads/Wyplayer/1.3.15.8379_20.04.09/version-1.3.15.8379_1.3.15.8379_200409.wup