Hey all,
I'll soon complete the forum and post the link here.
Kodak HD on vimeo is good but we need a full forum for just firmware hacking.
I'll need some help from you guys.
Just comment and let me know what sections can we have in our forum.
Gr8 to see your enthusiasm for zi8 firmware hacking :-)
Saturday, July 31, 2010
Sunday, July 25, 2010
I m Back !!!
Sorry was bit busy with my life but I m now back with the project.
I'll need some help from all the readers too from their field of expertise.
I'll now keep you all regularly updated about the project.
And "NO" this project is not dead its alive and still going.
Thanks all for your support :-)
I'll need some help from all the readers too from their field of expertise.
I'll now keep you all regularly updated about the project.
And "NO" this project is not dead its alive and still going.
Thanks all for your support :-)
Wednesday, April 28, 2010
Project will be in "pause" mode for some days
I am out of town for some days till then I'll not be able to do any advances in the HackMyZi8 project. Will update all later.
Thanks
Thanks
Sunday, April 25, 2010
Confirmation of PrKERNELv4 in Kodak Zi8
I am confirming here the presence of PrKERNELv4 core in Kodak Zi8. I analyzed the firmware and found the core with all PrKERNELv4 functions and files inside the firmware.
Also PrKERNELv4 is ARM based in Kodak Zi8 so for the decompilation of firmware files we need to select "ARM" in IDA Pro for correct code display.
ARM assembly codes syntax are a little different from normal assembly codes we come across, so I think it'll take some time in making the exact modded firmware.
I also found out in developer mode that the ROM file size in the firmware is 2 MB, so for ROM analysis we need to check the 2 MB code in IDA Pro, still need to work out in finding the ROM start address.
Lastly, the firmware file is most probably a combination of different files such as
1. The boot ROM
2. The data files
3. PrKERNELv4 kernel
4. Null padding
Still searching for vector table that defines the different files in the firmware block.
Will update more later.
Also PrKERNELv4 is ARM based in Kodak Zi8 so for the decompilation of firmware files we need to select "ARM" in IDA Pro for correct code display.
ARM assembly codes syntax are a little different from normal assembly codes we come across, so I think it'll take some time in making the exact modded firmware.
I also found out in developer mode that the ROM file size in the firmware is 2 MB, so for ROM analysis we need to check the 2 MB code in IDA Pro, still need to work out in finding the ROM start address.
Lastly, the firmware file is most probably a combination of different files such as
1. The boot ROM
2. The data files
3. PrKERNELv4 kernel
4. Null padding
Still searching for vector table that defines the different files in the firmware block.
Will update more later.
Zi8 CMOS Chip
Hi again,
i found the CMOS chip the Zi8 is probably using:Aptina MT9M002 MT9M002 data sheet (it's the same as the Zi6 :O) Aptina MT9P401 (MT9P401 data sheet)
i found the CMOS chip the Zi8 is probably using:
- Thanks, Chuck ;)
Added a new member to the HackMyZi8 project
I have added a new member Leo Scherer to the HackMyZi8 project. Now our team can look forward for more speedy advances for the firmware hack.
Will update everyone on all the new advances we come across.
Will update everyone on all the new advances we come across.
Analyzing firmware file with IDA Pro
Currently I am analyzing and decompiling the code inside firmware file of Kodak Zi8. The decompilation is still buggy due to some things still unknown to me.
1. The processor used in Kodak Zi8 and the SOC(System On Chip) is based on what platform.
2. The ROM start address.
When I'll sort out these two things I can pretty much decode the whole firmware and can make changes after that in no time.
Just need to relearn my assembly codes to edit the firmware.
If anyone knows some info about the above given things do comment.
1. The processor used in Kodak Zi8 and the SOC(System On Chip) is based on what platform.
2. The ROM start address.
When I'll sort out these two things I can pretty much decode the whole firmware and can make changes after that in no time.
Just need to relearn my assembly codes to edit the firmware.
If anyone knows some info about the above given things do comment.
Trying to look behind the curtain..
Hi there,
I've been "surfing" in the hexcode of the Zi8_106.fw and also opened the case of my Zi8. What I'm pretty sure of at this point is:
The Kodak Zi8 uses:
- PrKernel (perhaps a hint: http://bit.ly/9zKcPi)
- an Ambarella chip (& codec/software -> Ambarella AVC/AAC encoder)
- a (probably 128MB) NAND flash
(- ACD Systems Digital Imaging software)
perhaps there is also an ARM CPU @ 200Mhz used (ARMv5TEJ) but I'm not so sure about it..
Moreover I found hints to some files probably included in the firmware; there were some *.jpg (kodak0.jpg - kodak9.jpg), some *.pcm (poweron_12k.pcm, videostart_12k.pcm, videostop_12k.pcm, shutter_12k.pcm, poweroff_12k.pcm) and many *.bin files (fonts.bin, bitmaps.bin, etc. ). So the firmware is compressed in some way for sure!
I also found the segment where the firmware update seems to happen:
Download 1 firmware programming file..firmware prowngram is loadedeDownload 2 kernel files...wnPrkernel is loadedcode is4 loadedmemdle is loadedaddefault_bin is loaded
(All the stuff I mention here can be text searched in the firmware with a hexeditor by everyone, of course! No magic ;))
Finally, here are the photos of the opened Zi8; I'm afraid they won't be of too much use since I couldn't manage to get shots of the actual chips :/
All the best,
Leo
Saturday, April 24, 2010
Update for firmware file
I tried to identify the compression used in "Zi8_106.fw" file but its some weird type of file that I am still not able to extract properly.
Two probable types are:-
1. MacBinary 2 file
2. Applesoft BASIC program data
Whatever this file is its related to Macs and Apples.
If anyone know how to strip MacBinary header and extract data from the file then do comment.
Two probable types are:-
1. MacBinary 2 file
2. Applesoft BASIC program data
Whatever this file is its related to Macs and Apples.
If anyone know how to strip MacBinary header and extract data from the file then do comment.
Friday, April 23, 2010
Zi8 firmware files dissection
I analyzed the contents of two files present in firmware update and found out that the file "Zi8_586.img" of the Zi8 firmware contains the whole partition of Zi8 which holds Arcsoft Media Impression.
So, we're left with the file "Zi8_106.fw" that contains the firmware files of Zi8.
Still finding some clues to decrypt the file.
One more thing is that the Kodak Zi8 may be based on platformOViA (www2.renesas.com/platformovia/en/index.html) as it contains many routines and functions from the system.
Will update with more later.
So, we're left with the file "Zi8_106.fw" that contains the firmware files of Zi8.
Still finding some clues to decrypt the file.
One more thing is that the Kodak Zi8 may be based on platformOViA (www2.renesas.com/platformovia/en/index.html) as it contains many routines and functions from the system.
Will update with more later.
Kodak Zi8 Developer Mode
From vimeo kodakhd group I came to know about the developer mode in the Kodak Zi8.
To enter the developer mode you just have to press buttons "Trash" - "Camera" - "On/Off" when turning on the Zi8.
This mode gives some on screen tests for calibration, defective pixel testing, other calibrations as well as the lens test. You can also reset your device to factory settings and format from the on screen menus.
One thing to note here is that "FW Version" cites a SDK_VERSION:3.5.1001 which may be the SDK used by Kodak to upgrade/setup the firmware.
To enter the developer mode you just have to press buttons "Trash" - "Camera" - "On/Off" when turning on the Zi8.
This mode gives some on screen tests for calibration, defective pixel testing, other calibrations as well as the lens test. You can also reset your device to factory settings and format from the on screen menus.
One thing to note here is that "FW Version" cites a SDK_VERSION:3.5.1001 which may be the SDK used by Kodak to upgrade/setup the firmware.
First post on the blog
Recently i bought a Kodak Zi8 and thought of adding some functionality that Kodak is not giving the much capable hardware. It's giving limited functionality and capping other features through the firmware.
Subscribe to:
Posts (Atom)