If I change any character in the firmware file and try to flash it, it will failed. But it will successfully flashed if I changed the string with the same number of character if it's not a function.
After further searching, I found out about the checksum and that in order to flash the custom firmware, you need to calculate it and modify it in the firmware.
This is the firmware:
https://www.mediafire.com/file/ok2c0qodao5fld1/Nokia_215_4G_readed_test.pac/file
I use HxD to read the file.
If I search for checksum, I got some results ->
Also, I searched for sha ->
So here, I tried to change == with != and also I changed it to 1 == 1 but, It always failed to flash
I am lost. I don't know what to search for or from where to start.
I hope that someone could help me out!
Note: I can provide access to my PC to try the flash tool (nokia tool v0.060 using easybox) and maybe debugging in the phone.
Related
I'm quite new to the world of the IOT (protocols). I want to update some devices remotely (they will be installed about 8000km away from my working place). I have found out that LWM2M would fit to my scope.
Because the internet connection there is not stable and the bandwidth is low, I have decided to also install a Raspberry Pi to collect the data of the sensors and to install a Leshan server to trigger the updates.
I have tested the devices and I can register them to the Leshan server on the Pi, read some data, and reboot the devices. The problem is, I don't know where to save my binary file for the update, so that the device can download them.
I tried following steps:
Save the file on [leshan-dir]/update.bin.
Write the "Package URI": coap://[raspi-IP]:5683/update.bin
After that, the backgroud color of the button "Write" changes to green.
Execute the update
The response of the server is 404 [Not Found].
I have looked for any API to find out where I can save the .bin file, but without success. And because nobody seems to have had a similar error, I start thinking I have missed some points.
Where do I have to save the files on the Raspbery Pi, so that I can perform an update?
I found a solution for the problem I exposed above.
I use from the californium-project the demo-app cf-simplefile-server (Ref. https://github.com/eclipse/californium/tree/2.0.x/demo-apps/cf-simplefile-server)
Note: You have to checkout to the git-branch 2.0.x to use it.
To run the leshan server and the file-server on the same machine I had to change the port of one of the server using the file Californium.properties.
I decide to change the ones of the file-server to 5685 and 5686
When both server runs I can insert in Package URI something like:
coap://[[ip_of_the_pi]]:5685/data/[[name_of_the_firmware_file]]
Probably there are better solution for it, but for a coap/lwm2m beginner like it works very well.
Note: If you have bigger file to transfer you can also change the property MAX_RESOURCE_BODY_SIZE
I hope this may help somebody.
Regards,
Elvys
When I try to load a big CSV from a zip file, the execution log give me the following error:
----------------------------------------- Error details ------------------------------------------
Component [Clientes:CLIENTES1] finished with status ERROR.
The size of data buffer is only 100663296. Set appropriate parameter in defaultProperties file.
--------------------------------------------------------------------------------------------------
How can I set the appropriate parameter in defaultProperties file?
I tried this link, but my cloudconnect run configurations page is different from the link:
I've created the parameters file and filled the additional parameters with the right values like said the tutorial (code bellow) and the same error appear in the screen.
Name: -config; Value: new_buffer_size.txt
The new_buffer_size.txt content have just this line:DEFAULT_INTERNAL_IO_BUFFER_SIZE = 200000000
How can I solve this problem? I need to solve this before the world explodes.
CloudConnect is designed to develop ETL(s), which can be run on GoodData cloud workers and therefore some lower level settings are surpassed as in this case. The only legitimate way is to modify the ETL the way it can process the data with current settings. Regarding to docs, the referenced article is outdated. GoodData docs team is aware if it and they are preparing docs refactoring.
Note: As you have probably noticed, CloudConnect is being powered by Javlin's Clover ETL, therefore feel free to check their forums, as you would find there how to overcome the issue on lower level (no UI), but it would work only for data processing on the local machine.
I can see my page get crash(see aw, snap page) with 20% proprobility after 10 mins(otherwise it runs well like forever)
so I tried:
1) CPU and memory check with task manager, and see no increasing(so no leakage).
2) enable crush log in the chrome://settings/
result:
2.1) see still nothing in the chrome://crashes page, not even a crush ID (0 crashes).
2.2) see nothing in the folder under path
C:/%User%/AppData/Local/Google/CrashReports (nothing in) nor
C:/%User%/AppData/Local/Google/Chrome/User Data/Crash Reports (folder not exist)
2.3) but indeed see DMP in the:
C:/%User%/AppData/Local/Google/Chrome/User Data/CrashPads/reports
but seems they are not readable, and it also seems not the correct address for crash logs
3) can get chrome log either by command line arguments, or using sawbuck, but found nothing but only 2 errors, one for sawbuck itself, and another saying can't send the report to google.
So the questions are:
1) are those DMP the crash logs(the default Dir for dump file has been changed for chrome v50)
2) how can I abstract information out of the DMP file, if chrome://crashes page shows nothing (for chrome on windows)
p.s. 2 usage pages are found at https://www.chromium.org/developers/decoding-crash-dumps
https://www.chromium.org/developers/crash-reports
but seems it's not for windows without a recompile of chrome's component, is there any 3rd party tools to interpret the DMP file?
env informations:
chrome version: 50.0.2661.02 m
; Host OS: windows 10
The crash dumps (.dmp files) in C:\Users\<user>\AppData\Local\Google\Chrome\User Data\Crashpad\reports can be read by standard Windows debuggers. WinDbg is one tool (provided by Microsoft) for analysing these dumps; it's not going to win any beauty contents, but it's powerful and gets the job done. The recommended way to obtain it is, somewhat bizarrely, the Windows Driver Kit.
You'll need debugging symbols to make sense of the results, and these aren't included in standard builds of Chrome. To get symbols for both Chrome and the Windows runtime, set the following as your Symbols path:
SRV*c:\symbols*https://msdl.microsoft.com/download/symbols;SRV*c:\symbols*https://chromium-browser-symsrv.commondatastorage.googleapis.com
There are numerous resources on using WinDbg on the web; this cheat sheet contains some useful commands to get you started.
During packaging the Windows Store application, I get an unspecified error [APPX1204]:
C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v11.0\AppxPackage\Microsoft.AppXPackage.Targets(1139,9): error APPX1204: Failed to sign 'D:\Projects\VS2012\Stroik\Stroik\AppPackages\Stroik_1.0.0.11_AnyCPU_Test\Stroik_1.0.0.11_AnyCPU.appx'. SignTool Error: An unexpected internal error has occurred.
Build output refers to the part of a file generated by VS2012:
<SignAppxPackage AppxPackageToSign="#(FinalAppxPackageItem)"
CertificateThumbprint="$(PackageCertificateThumbprint)"
CertificateFile="$(PackageCertificateKeyFile)"
HashUri="$(_HashUri)"
EnableSigningChecks="$(EnableSigningChecks)"
>
<Output TaskParameter="ResolvedThumbprint" PropertyName="ResolvedThumbPrint"/>
<Output TaskParameter="AppxPackagePublicKeyFile" PropertyName="AppxPackagePublicKeyFile" />
</SignAppxPackage>
Yesterday packaging proceeded successfully. Today I added aditional logic to my app and changed some data in manifest. Since then I'm reciving presented error. I tried to regenerate Certificate in Packaging menu, delete Store/Temporary Keys (then regenerate), ... much more but nothing helps.
Now I have no idea how to handle it. Furthermore packaging a new project (as it is provided by vs2012) results in the same error.
Have you got any suggestions how to solve it.
If it helps anyone else, I was trying to make the build on a network share (virtualizing windows). Creating it on the Windows partition solved the issue.
I was developing on a Virtual Machine in VirtualBox and tryed to publish to the shared folder.
Change the output folder to a local folder on the virtual maschine solved it.
Granted this is older - see if you can try it with a different live id
You could also try to generate a new app, and diff the manifests between the apps.
Now according to:
http://social.msdn.microsoft.com/Forums/en-US/toolsforwinapps/thread/f25939fb-c48c-4bd0-938e-6a0afbd2dca0/
you may want to sign out, use IE 'in safe private browsing' and create a new one.
Also ensure that IE is set in "Browsing History->Settings" to get a new version of the page every time.
Login with the new one and give it a try.
I'm not sure if this error is related here or not, but it's a starting point based on the prior feedback on the above post.
This japanese site lists the same error code and seems to have the same resolution as well
http://coelacanth.heteml.jp/blog/windows-8signtool-error-an-unexpected-internal-error-has-occurred/
Its worth a shot, but I'll admit on this one not being 100% sure, just trying to help out : )
On Mac Os, I see that all content on my application can be readable (mxml and as files).
Indeed with right clic on application, you can see all application content and so all files.
So It's very dangerous for a company to distribute air application like that.
Is a solution exist to protect those files.
Thanks
It is not possible to protect 100% your code. After all, if the computer can run it, it can be decompiled, regardless of the language. However, you can make it more difficult.
One method is to encrypt the swf as stated in another answer. But all the "attacker" needs to do is find the key and then they can decrypt all your swfs.
Another method is to use obfuscators. Obfuscators don't depend on encryption, nor they prevent decompiling, they just make it harder to understand what gets decompiled.
For example if you had a method called saveInvoice() the obfuscator would rename it to aa1() or something like that, so it would make it diffucult to guess what that function does. It basically turns everything into spaguetti code.
You can use a decompiler to see what can be obtained from a SWF file (which is alot), and play with obfuscators to see if they meet your espectations.
An example of one is http://www.kindi.com/ which I'm not endorsing btw, it just shows up quickly on google.
Although there are loads of decompilers which can read all your code. There is one guy who came up with encryption solution it might worth a try. (It's for Desktop AIR applications)
Have a look at this post: http://forums.adobe.com/message/3510525#3510525
Quoted text (in case of page being erased)
The method I use will allow you encrpyt most of your source code using
a key that is unique to every computer. The initial download of my
software is a simple air app that does not contain the actual program.
It is more like a shell that first retreaves a list of the clients mac
addresses and the user entered activation code that is created at time
of purchase. This is sent to server and logged. The activation code
is saved to a file client side. At the server the mac address and
activation key are used to create the encryption key. The bulk of the
program code is then encrypted using that key, then divided into parts
and sent back to the client. The client puts the parts back together
and saves the encrypted file. At runtime the shell finds the mac
address list and the activation key, then using same method as server
gets the encryption key and decrypts the program file. Run simple
check to make sure it loaded. For encyption i found an aes method that
works in php and javascript.
Next I use this code to load the program
var loader = air.HTMLLoader.createRootWindow(true, options, true, windowBounds);
loader.cacheResponse=false;
loader.placeLoadStringContentInApplicationSandbox=true;
loader.loadString(page);
This method makes it very difficult to copy
to another computer although since I wrote it i know there are some
weeknesses in the security but to make it harder i obv. the shell
code. It at least keeps most from pirating. However there are issues
with this that I have found. First i was using networkInfo to get the
list of mac address but this failed in a test windows XP computer.
When the wireless was off it did not return the MAC. I was not able
to recreate this in VISTA or 7. Not sure if it could happen. Was not
tested on a mac computer. To fix this (at least for windows). I
wrote a simple bat file that gets the MAC list, then converted it to
an exe which is included. This does force you to create native
installers. call the exe with this
var nativeProcessStartupInfo = new air.NativeProcessStartupInfo();
var file = air.File.applicationDirectory.resolvePath("findmac.exe");
nativeProcessStartupInfo.executable = file;
process = new air.NativeProcess();
process.start(nativeProcessStartupInfo);
process.addEventListener(air.ProgressEvent.STANDARD_OUTPUT_DATA, onOutputData);
process.addEventListener(air.ProgressEvent.STANDARD_ERROR_DATA, onErrorData);
process.addEventListener(air.NativeProcessExitEvent.EXIT, onExit);
process.addEventListener(air.IOErrorEvent.STANDARD_OUTPUT_IO_ERROR, onIOError);
process.addEventListener(air.IOErrorEvent.STANDARD_ERROR_IO_ERROR, onIOError);
put the list together in the onOutputData event using array.push and
continue on the onExit event using the findmac.exe will return the
same info every time (that i know of) beware thought that using the
native install will break the standard application update process so
you will have to write your own. My updates are processed the same way
as above. This is contents of the .bat file to get the mac list
#Echo off
SETLOCAL SET MAC = SET Media = Connected
FOR /F "Tokens=1-2 Delims=:" %%a in ('ipconfig /all^| FIND "Physical Address"') do #echo %%b ENDLOCAL
using this method makes it simple to implement at try before you by
method. at runtime if no activation code get try me version from
server instead of full version.