[Tool] Ambarella Firmware version detector [1.0]

Tobi@s

Well-Known Member
App Developer
Joined
Nov 12, 2013
Messages
1,376
Reaction score
842
Location
Remote
Country
Germany
Dash Cam
none
Hello :D
I just created a small tool that is able to tell you the version of A2/A7 firmwares by dragging the binary into the application window. Not sure if it is useful - well atleast for me cause I have way to much of them on my disk without version information :D



v1.0 Initial release:
Windows executable: http://dc.p-mc.eu/fwvd/FWVD.exe
OS independent: http://dc.p-mc.eu/fwvd/FWVD.jar

Project page: http://dc.p-mc.eu/?page=tools.fwvd

Required: Java JRE or JDK 1.7

Information: Unfortunately some AVs detect "TrojanDropper.Dorifel" in the exe-file. I think this has something to do with the d'n'd logic I'm using. This application does not contain malicious code!
Virustotal scan: https://www.virustotal.com/de/file/...71ad260e741143eb4c9687f8/analysis/1400013241/

Icon license information: "Icon made by Freepik from Flaticon.com"
 
Last edited:
OP
Tobi@s

Tobi@s

Well-Known Member
App Developer
Joined
Nov 12, 2013
Messages
1,376
Reaction score
842
Location
Remote
Country
Germany
Dash Cam
none
Just updated it, fixed a small encoding bug. If you already downloaded it, please redownload it.
 

batal

New Member
Joined
Mar 23, 2014
Messages
15
Reaction score
6
Country
Russian Federation
Nice job! Any info about locating fw version? Or may be source code)
 
OP
Tobi@s

Tobi@s

Well-Known Member
App Developer
Joined
Nov 12, 2013
Messages
1,376
Reaction score
842
Location
Remote
Country
Germany
Dash Cam
none
I'm using the KMP algorithm to find a specific byte pattern in the firmware. A7 is very easy, just look for { 0x70, 0x78, 0x50, 0x48 } (located in PRI). The following 13 bytes are the raw firmware version string.

A2 is a bit harder because PRI is compressed. I didn't want to write an unpacker so I found another way: The bootloader contains a uname like command which returns something like BLD Built @ 16 Mar 2014 15:12 BST. Just search for this pattern: { 0x66 0x117 0x105 0x108 0x116 0x32 0x64 0x32 } in BST and the following bytes are the date string mentioned before. Just convert them to a firmware Version number and you did it:D

You can obtain the sourcecode with jd-decompiler I guess.
 

batal

New Member
Joined
Mar 23, 2014
Messages
15
Reaction score
6
Country
Russian Federation
A2 is a bit harder because PRI is compressed. I didn't want to write an unpacker so I found another way: The bootloader contains a uname like command which returns something like BLD Built @ 16 Mar 2014 15:12 BST. Just search for this pattern: { 0x66 0x117 0x105 0x108 0x116 0x32 0x64 0x32 } in BST and the following bytes are the date string mentioned before. Just convert them to a firmware Version number and you did it:D
Cool :) Thank you)
 
OP
Tobi@s

Tobi@s

Well-Known Member
App Developer
Joined
Nov 12, 2013
Messages
1,376
Reaction score
842
Location
Remote
Country
Germany
Dash Cam
none
Oops sorry! My reply was wrong. These are the correct patterns:
A7: 0x46 0x57 0x32 0x30 -> Raw String starts -2 from this pattern
A2: 0x42 0x75 0x69 0x6c 0x74 0x20 0x40 Date starts after this pattern
 
Top