cpu_rec - a tool for recognizing cpu instructions - General Discussion and Assistance - CHDK Forum supplierdeeply

cpu_rec - a tool for recognizing cpu instructions

  • 1 Replies
  • 1039 Views
*

Offline reyalp

  • ******
  • 13625
cpu_rec - a tool for recognizing cpu instructions
« on: 15 / June / 2019, 17:15:29 »
Advertisements
Possibly useful for identifying some of the unknown blobs https://github.com/airbus-seclab/cpu_rec

Quote
cpu_rec is a tool that recognizes cpu instructions in an arbitrary binary file. It can be used as a standalone tool, or as a plugin for binwalk (https://github.com/devttys0/binwalk).

Haven't tried it yet
Don't forget what the H stands for.

*

Offline reyalp

  • ******
  • 13625
Re: cpu_rec - a tool for recognizing cpu instructions
« Reply #1 on: 15 / January / 2022, 16:26:13 »
I did actually try this a back in 2021, but apparently didn't post my notes ??? Anyway, here they are

It identifies the arm and xtensa firmware. It unsurprisingly did not ID the jpcore or mecha blobs I tried.

Basic usage is just install per the readme and run
./cpu_rec.py PRIMARY.BIN

You can use it directly in Ghidra python like
Code: [Select]
>>> import sys
>>> sys.path.append('c:\\path\to\cpu_rec')
>>> from cpu_rec import which_arch
>>> which_arch(str(bytearray(getBytes(toAddr('fc020000'),0x1000))))
'ARMhf'

The prompt re-appears before it finishes executing, which can take a long time for large address ranges.
Since Ghidra python doesn't include lzma, you need to unzip the corpus files first, like
Code: [Select]
xz -d *.xz

The command line variant tries sliding windows  of various sizes over the whole file, which IDed part of the jpcore blob as 6502 (virtually certain to be wrong).

Don't forget what the H stands for.

 

Related Topics