|
Title: ME7.5 disassembly help Post by: Colt45 on February 26, 2017, 02:25:44 PM Hi, I'm trying to do my first disassemble of an ME7.5, I've tried a few different things (andy plugin, etc)
What gave me the most sane looking thing is setting it up as tony said in a post here: make segments like so: 0x0-0x7FFF: Internal ROM on the C167 processor -> loaded IROM bin here 0xE000-0xFFFF: Internal RAM 0x380000-0x38FFFF: External RAM 0x800000-0x8FFFFF: External Flash -> loaded flash bin here. and set dpp defaults to: DPP0: 0x0204 DPP1: 0x0205 DPP2: 0x00E0 DPP3: 0x0003 Then move to start of flash, and then step everything through with the autoIT script afterwards (I couldn't get it to set up the above, I did that by hand instead. maybe version problem). and run clean with the script as well. But theres a lot of really weird stuff, I don't really understand being so new. Some spots that are obviously not instructions (0xff empty fields) are set as such. There are a lot of references to addresses in SFR space that don't seem to exist on a C167CR (eg. FE0Ah). Maybe someone can export a sane ME7.5 .asm from IDA, I can try disassembling the same bin and see if I get similar result? Any suggestions otherwise? file im using is 8E0909518F 0003, but I'm open to trying anything that someone has well disassembled already. big thanks in advance. Title: Re: ME7.5 disassembly help Post by: littco on March 01, 2017, 01:48:50 AM Hi, I'm trying to do my first disassemble of an ME7.5, I've tried a few different things (andy plugin, etc) What gave me the most sane looking thing is setting it up as tony said in a post here: make segments like so: 0x0-0x7FFF: Internal ROM on the C167 processor -> loaded IROM bin here 0xE000-0xFFFF: Internal RAM 0x380000-0x38FFFF: External RAM 0x800000-0x8FFFFF: External Flash -> loaded flash bin here. and set dpp defaults to: DPP0: 0x0204 DPP1: 0x0205 DPP2: 0x00E0 DPP3: 0x0003 Then move to start of flash, and then step everything through with the autoIT script afterwards (I couldn't get it to set up the above, I did that by hand instead. maybe version problem). and run clean with the script as well. But theres a lot of really weird stuff, I don't really understand being so new. Some spots that are obviously not instructions (0xff empty fields) are set as such. There are a lot of references to addresses in SFR space that don't seem to exist on a C167CR (eg. FE0Ah). Maybe someone can export a sane ME7.5 .asm from IDA, I can try disassembling the same bin and see if I get similar result? Any suggestions otherwise? file im using is 8E0909518F 0003, but I'm open to trying anything that someone has well disassembled already. big thanks in advance. The Andy plugin was pretty primitive to be honest, and whilst it works things have moved on. If you look for PRJ's Autoit script it will load the file into IDA for you. Its been a while since I've used it but most of the ME7 stuff ive done used that to load into IDA and never had an issue, otherthan it only seemed to work on the verison of IDApro it was written for, IE if it was written for v6 it didn't work without changes on V6.8... I doubt you'll get anyone to post the .asm for you as it's time most people wont have .. There threads on here on how to setup an me7.5 file in IDA so maybe best just looking through Title: Re: ME7.5 disassembly help Post by: TijnCU on March 01, 2017, 03:44:00 AM Maybe someone can export a sane ME7.5 .asm from IDA, I can try disassembling the same bin and see if I get similar result? Hey man, take a look in this topic: http://nefariousmotorsports.com/forum/index.php?action=;topic=8059.0 Title: Re: ME7.5 disassembly help Post by: Colt45 on March 01, 2017, 06:30:27 PM Thanks for info. Now I'll need to find older IDA so I can load that, and see how it goes :)
|