From 621021d43eb5169a5866adc97297b48c2f67e5f4 Mon Sep 17 00:00:00 2001 From: Liliesh Date: Sun, 3 Nov 2024 08:54:16 +0100 Subject: [PATCH] Did stuff --- .gitignore | 1 + X570PG4/README.md | 16 ++++++++++++++++ X570PG4/docs.adoc | 19 ------------------- X570PG4/download_fw.sh | 5 +++-- X570PG4/extract.sh | 7 +++++++ X570PG4/magic.py | 33 +++++++++++++++++++++++++++++++++ 6 files changed, 60 insertions(+), 21 deletions(-) create mode 100644 X570PG4/README.md delete mode 100644 X570PG4/docs.adoc mode change 100644 => 100755 X570PG4/extract.sh create mode 100644 X570PG4/magic.py diff --git a/.gitignore b/.gitignore index 09181f6..69d3797 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ sections/ *.zip X570PG4*.* +*.extracted/ \ No newline at end of file diff --git a/X570PG4/README.md b/X570PG4/README.md new file mode 100644 index 0000000..1025f3b --- /dev/null +++ b/X570PG4/README.md @@ -0,0 +1,16 @@ +# ASRock X570 Phantom Gaming 4 FW + +## Steps +1. download fw +2. binwalk + +## Mappings +to be done + +Take over from old doc: +- 4456808 = lzma = jpg images / boot splash +- 4591952 = lzma = windows pe binaries - unknown usage +- 4633968 = lzma = win-pe bins, aes-s box + + +Convinent: diff --git a/X570PG4/docs.adoc b/X570PG4/docs.adoc deleted file mode 100644 index 6ec9174..0000000 --- a/X570PG4/docs.adoc +++ /dev/null @@ -1,19 +0,0 @@ -= Reversing of the AsRock X570 Phantom Gaming 4 firmware image - -== Steps -1. download fw -2. binwalk - - -== Mappings -=== 4456808 -Compressed lzma -Contains boot images - -|=== -| Start, Length, Type, Description -| 4456808, 15525, LZMA Archive, Boot splash images -|=== -4456808 = lzma = jpg images -4591952 = lzma = windows pe binaries - unknown usage -4633968 = lzma = win-pe bins, aes-s box diff --git a/X570PG4/download_fw.sh b/X570PG4/download_fw.sh index ae06613..86e126f 100755 --- a/X570PG4/download_fw.sh +++ b/X570PG4/download_fw.sh @@ -1,2 +1,3 @@ -wget "https://download.asrock.com/BIOS/AM4/X570%20Phantom%20Gaming%204(5.60)ROM.zip" -O ASX570FW.zip -7z x ASX570FW.zip +wget "https://download.asrock.com/BIOS/AM4/X570%20Phantom%20Gaming%204(5.60)ROM.zip" -O X570PG4.zip +7z x X570PG4.zip +rm X570PG4.zip \ No newline at end of file diff --git a/X570PG4/extract.sh b/X570PG4/extract.sh old mode 100644 new mode 100755 index 164ac4d..65d3786 --- a/X570PG4/extract.sh +++ b/X570PG4/extract.sh @@ -14,3 +14,10 @@ mkdir sections/4591952 dd if=X570PG45.60 skip=4591952 bs=1 count=41951 of=sections/4591952/image.lzma unlzma sections/4591952/image.lzma dd if=sections/4591952/image skip=204 bs=1 count=2020 of=sections/4591952/204.bin + + +# Section 23732584 +echo "Extracting 23732584" +mkdir sections/23732584 +dd if=X570PG45.60 skip=23732584 bs=1 count=15525 of=sections/23732584/image.lzma +unlzma sections/23732584/image.lzma diff --git a/X570PG4/magic.py b/X570PG4/magic.py new file mode 100644 index 0000000..13a2cf0 --- /dev/null +++ b/X570PG4/magic.py @@ -0,0 +1,33 @@ +import os +import io + +def search_filetype(filePath, magicBytes): + with io.open(filePath, mode="rb") as file: + for line in file: + if magicBytes in line: + offset = file.tell() + print(f"Found at {hex(offset)}!") + +def extract_jpeg(filePath, offset): + image = b'' + with io.open(filePath, mode="rb") as file: + file.seek(offset) + for line in file: + if jpeg_sig not in line: + image += line + + f = open(f"test/{offset}.jpeg", "a") + f.write(image) + f.close() + +xz_sig = b'\x5d\x00\x00' +#tiff_sig = b'\x49\x49\x2A\x00' +#jpeg_sig = b'\xFF\xD8\xFF\xE0' +print("Searching for LZMA..") +search_filetype("X570PG45.60", xz_sig) + +#print("Searching for TIFF...") +#search_filetype("X570PG45.60", tiff_sig) + +#print("Searching for JPEG...") +#search_filetype("X570PG45.60", jpeg_sig) \ No newline at end of file