Sunday, April 25, 2010

Confirmation of PrKERNELv4 in Kodak Zi8

I am confirming here the presence of PrKERNELv4 core in Kodak Zi8. I analyzed the firmware and found the core with all PrKERNELv4 functions and files inside the firmware.

Also PrKERNELv4 is ARM based in Kodak Zi8 so for the decompilation of firmware files we need to select "ARM" in IDA Pro for correct code display.

ARM assembly codes syntax are a little different from normal assembly codes we come across, so I think it'll take some time in making the exact modded firmware.

I also found out in developer mode that the ROM file size in the firmware is 2 MB, so for ROM analysis we need to check the 2 MB code in IDA Pro, still need to work out in finding the ROM start address.

Lastly, the firmware file is most probably a combination of different files such as
1. The boot ROM
2. The data files
3. PrKERNELv4 kernel
4. Null padding

Still searching for vector table that defines the different files in the firmware block.

Will update more later.

5 comments:

  1. "Still searching for vector table that defines the different files in the firmware block."
    - In 0x479100 there's some kind of list of the different files. Is that it?

    ReplyDelete
  2. using the command string to inspect the .fw file you can find a lot of useful informations like error messages that sugests the use of gzip to compresse the kernel image etc. This may give you some new leads on what you're looking for.

    ReplyDelete
  3. How is this project coming along? I have 3 zi8's and would like to shoot in a less compressed format.

    ReplyDelete
  4. You'd make a lot of new friends if you could get a manual exposure feature rocking on the zi8! :-)

    ReplyDelete
  5. Hi, I think the "firmware" on this camera will be very similar to GoPro's HD cameras. It's based on the same SDK from Aptina.

    If you find the uart ports on the board you'll probably find you get a shell to play with. Also if you do a firmware update with watching the shell it'll give you the sizes of the various images in the firmware file.

    It'll be tricky to do much without getting hold of the Aptina SDK and toolchain. Think of it as a stripped down linux like OS running a bunch of different daemons that look after stuff like the SD card, button presses etc.

    See http://chdk.setepontos.com/index.php?topic=5890 for some discussion of the GoPro HD internals

    ReplyDelete