[MLB-WIRELESS] conexant cx82340 chipset; vxworks.z

ibx100 ibx100 at myrealbox.com
Fri Aug 22 09:14:33 EST 2003 

Hello.. List newbie alert (and Pommie too :( )

I just came across a very interesting message on your mailing list from 
member John Dalton: https://wireless.org.au/archives/melbwireless/2003/Mar/12173.html

Way back in March, John discussed the possibility of reverse-engineering 
the vxworks device drivers out of a oonexant-based router running on an 
ARM940T, with a view to porting uClinux to the device.

I am curious to know if things were taken any further?

When I took a look at the vxworks.z kernel image from a similar router,
the image wasn't recognised by any of the Linux decompression tools. 

It seemed that the compression algorithm used was something that
WindRiver Systems, the developers of vxworks, had cooked up in-house, 
based in some fashion on the zlib library. 

However, a guy call Till Straumann who has successfully ported Linux to
an Apple AirPort device (x86 device), has written a little utility to 
brute force the decompression of a zlib compressed binary, and his code 
seems to work with the compressed vxworks.z image from my router.

Till's utility is here.. http://www-hft.ee.tu-berlin.de/~strauman/airport/zscan.c

Having decompressed the image using till's code, I then tried the next 
step in John's 'Way Forward' - disassembling the decompressed vxworks 
image, using a rebuilt version of objdump which supports the ARM 
architecture as a target.

That produced 19MB of ARM assembler, which I don't understand.

Sorry to barge in on your mailing list, but can anyone see anything
useful that could be done from now?...

The OEM vendors of the router are very kindly letting us discuss on 
their forum, how we could go about pulling it to pieces, link below, and 
of particular interest is the re-activation of a command shell, which 
according to the output of the linux strings tool, appears to have been 
compiled in...

http://adsltech.com/forum/forum_posts.asp?TID=187&PN=1

Rgds,
Michael










-- 


To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message

More information about the Melbwireless mailing list