Pages: 1 2 [3] 4 5 ... 11
Author Topic: ASM based map locator platform  (Read 130992 times)
masterj
Hero Member
*****

Karma: +61/-5
Offline Offline

Posts: 1049



WWW
« Reply #30 on: November 01, 2012, 08:01:55 AM »

Current full list of signatures:
CATR
CDKAT
CDSLS
CLRHK
CWDLSAHK
KFLBTS
KFMIOP
KFZW
KFZW2
KRKTE
KRKTE_8
LAMFA
LAMFA_COLAXIS
LAMFA_ROWAXIS
LDRXN
LDRXNZK
LDRXNZK_ROWAXIS
LDRXN_ROWAXIS
MLHFM
MLOFS
SNM16GKUB
SNM16OPUW
SNM16ZUUB
SRL11OPUW
SRL12GKUB
SRL12GKUW
SRL12ZUUB
TVUB
TVUB_AXIS
VARDEF

They are not of course all detected in all files, but it still works for many Smiley

Nice:) Gonna build your latest version... Smiley
Logged

prj
Hero Member
*****

Karma: +903/-420
Offline Offline

Posts: 5789


« Reply #31 on: November 01, 2012, 10:06:31 AM »

You can just pull the XML's and copy paste them into the version that is built.
I have not changed the code really, only added new XML's.
Logged

PM's will not be answered, so don't even try.
Log your car properly.
Bische
Sr. Member
****

Karma: +25/-4
Offline Offline

Posts: 396



WWW
« Reply #32 on: November 01, 2012, 12:14:44 PM »

Thanks for sharing this.

One day I will learn to row around the code as you guys do, and contribute back.

Thing is, I dont know where to start reading or what to start practice with. Do I need to learn how to build stuff and then learn to dissassemble it? I feel I just need to get the ball rolling, I dont want to be spoon feed, I just want to learn..
Logged
prj
Hero Member
*****

Karma: +903/-420
Offline Offline

Posts: 5789


« Reply #33 on: November 01, 2012, 02:35:14 PM »

Get IDA pro and the C166 users manual... and then go from there.
I've been reverse engineering various things for over 10 years now, it's definitely not a quick process to learn this.
Logged

PM's will not be answered, so don't even try.
Log your car properly.
Bische
Sr. Member
****

Karma: +25/-4
Offline Offline

Posts: 396



WWW
« Reply #34 on: November 01, 2012, 08:16:21 PM »

Get IDA pro and the C166 users manual... and then go from there.
I've been reverse engineering various things for over 10 years now, it's definitely not a quick process to learn this.


I have IDApro already. C166 is the name of the processor inside our ECU's right? Smiley

I have figured im not going to learn in a couple of months, but I must start somewhere.

Thanks prj
Logged
masterj
Hero Member
*****

Karma: +61/-5
Offline Offline

Posts: 1049



WWW
« Reply #35 on: November 12, 2012, 04:03:59 PM »

Just wanted to report results on my file Smiley

Those were incorrectly found:
KFZW
LAMFA
LAMFA_COLAXIS
LAMFA_ROWAXIS
VARDEF


My ori bin is here: http://nefariousmotorsports.com/forum/index.php?action=dlattach;topic=1193.0;attach=4329
Logged

amd is the best
Sr. Member
****

Karma: +11/-5
Offline Offline

Posts: 268



« Reply #36 on: November 12, 2012, 05:15:59 PM »

Phenomenal work and rep has been given.

Will test this out tonight with a few files.
Logged

2012 Golf TDI
2001 Audi A4 2.8 30v Supercharged
1991 Audi 200 20v
prj
Hero Member
*****

Karma: +903/-420
Offline Offline

Posts: 5789


« Reply #37 on: November 13, 2012, 03:58:07 AM »

Just wanted to report results on my file Smiley

Those were incorrectly found:
KFZW
LAMFA
LAMFA_COLAXIS
LAMFA_ROWAXIS
VARDEF


My ori bin is here: http://nefariousmotorsports.com/forum/index.php?action=dlattach;topic=1193.0;attach=4329

Yes, sometimes happens on a few files - correct the patterns and post them here.
Sorry, but I want to make it pretty clear, I am not going to go through every file where it does not find something correctly.

The platform is completely open and open source. If you want to fix some .xml, you can do it.
The only bugs I am interested in are bugs in the java code.
Logged

PM's will not be answered, so don't even try.
Log your car properly.
masterj
Hero Member
*****

Karma: +61/-5
Offline Offline

Posts: 1049



WWW
« Reply #38 on: November 13, 2012, 04:37:28 AM »

Yes, sometimes happens on a few files - correct the patterns and post them here.
Sorry, but I want to make it pretty clear, I am not going to go through every file where it does not find something correctly.

The platform is completely open and open source. If you want to fix some .xml, you can do it.
The only bugs I am interested in are bugs in the java code.

Yes, I know the idea of this locator Smiley Just wanted to say that people wouldn't blindly believe every map it finds Smiley Although it is correct for most part...

BTW: I could fix if I knew how to do the asm Smiley all i do is compare binaries between known and unknown in winols
Logged

masterj
Hero Member
*****

Karma: +61/-5
Offline Offline

Posts: 1049



WWW
« Reply #39 on: November 19, 2012, 03:55:06 PM »

Just created my first definition for KAMFZ map. Problem is I can't push it to github. Is it private depository?
Logged

phila_dot
Hero Member
*****

Karma: +170/-11
Offline Offline

Posts: 1709


« Reply #40 on: November 19, 2012, 04:24:30 PM »

Just wanted to report results on my file Smiley

Those were incorrectly found:
KFZW
LAMFA
LAMFA_COLAXIS
LAMFA_ROWAXIS
VARDEF


My ori bin is here: http://nefariousmotorsports.com/forum/index.php?action=dlattach;topic=1193.0;attach=4329

If you get the chance you could compare these in your file against prj's definition and see if you can adapt it to work with your file and still be unique enough.
Logged
nyet
Administrator
Hero Member
*****

Karma: +604/-166
Offline Offline

Posts: 12232


WWW
« Reply #41 on: November 19, 2012, 05:24:39 PM »

Just created my first definition for KAMFZ map. Problem is I can't push it to github. Is it private depository?

just make a clone on github and do a pull request.
Logged

ME7.1 tuning guide (READ FIRST)
ECUx Plot
ME7Sum checksum checker/corrrector for ME7.x

Please do not ask me for tunes. I'm here to help people make their own.

Do not PM me technical questions! Please, ask all questions on the forums! Doing so will ensure the next person with the same issue gets the opportunity to learn from your experience.
masterj
Hero Member
*****

Karma: +61/-5
Offline Offline

Posts: 1049



WWW
« Reply #42 on: November 19, 2012, 07:25:12 PM »

just make a clone on github and do a pull request.

Well I'm not that good with github, just using github for windows gui.

Anyway, here's my own definitions for some of the PROKONAL maps. (Should work with all ME7.5)

Only problematic map is CDBKVP, which sometimes isn't correctly defined, but at the moment I do not know how to fix it
Logged

prj
Hero Member
*****

Karma: +903/-420
Offline Offline

Posts: 5789


« Reply #43 on: November 20, 2012, 02:54:36 AM »

You have masked out too little.
These XML's will probably just work for one binary (yours) and not any other binaries.

The registers do not have to be the same between binaries and so on.

Have you tested this on any other ME7.5 binaries besides your own?
Have you tested with 29F400 ECU's?

P.S.
Your submission is appreciated, I just want to make sure it is useful for things beyond one binary.
Also correct way to submit these is a push request on github. But I can add them manually, just a bit of extra work.
« Last Edit: November 20, 2012, 02:59:07 AM by prj » Logged

PM's will not be answered, so don't even try.
Log your car properly.
masterj
Hero Member
*****

Karma: +61/-5
Offline Offline

Posts: 1049



WWW
« Reply #44 on: November 20, 2012, 05:19:45 AM »

You have masked out too little.
These XML's will probably just work for one binary (yours) and not any other binaries.

The registers do not have to be the same between binaries and so on.

Have you tested this on any other ME7.5 binaries besides your own?
Have you tested with 29F400 ECU's?

P.S.
Your submission is appreciated, I just want to make sure it is useful for things beyond one binary.
Also correct way to submit these is a push request on github. But I can add them manually, just a bit of extra work.

I have tried these on two binaries, both ME7.5 and both 29F800. Also I have tried to mask more things, but found out that for most prokonal maps this is what you have to use to be 100% sure (atleast on said ecus):
E6 F4 ii ii 64 F4 XX 8B D7 40 06 02 C2 F4 MMXX 01 68 41 2D 05 E6 F4 ii ii 74 F4 XX 8B 0D 04

Where ii <- are most important bits, that change accordingly to prokonal map

Of course you could try ii ii XX XX XX XX D7 40 06 02 C2 F4 MMXX XX XX XX XX XX E6 F4 ii ii but for these two ecus they were all the same and for other ecu that i have looked it was completely different pattern

I suspect that we will need to actually define two different versions for each ecu type... Would be good if locator could automatically choose the right one based on ecu where they are different, like CDAGR_f400, CDAGR_f800 if this is really different between these two
« Last Edit: November 20, 2012, 05:23:36 AM by masterj » Logged

Pages: 1 2 [3] 4 5 ... 11
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines Page created in 0.044 seconds with 16 queries. (Pretty URLs adds 0.001s, 0q)