cpu_rec - a tool for recognizing cpu instructions - General Discussion and Assistance - CHDK Forum

# cpu_rec - a tool for recognizing cpu instructions

• 1 Replies
• 1273 Views

#### reyalp

• 13826
##### cpu_rec - a tool for recognizing cpu instructions
« on: 15 / June / 2019, 17:15:29 »
Possibly useful for identifying some of the unknown blobs https://github.com/airbus-seclab/cpu_rec

Quote
cpu_rec is a tool that recognizes cpu instructions in an arbitrary binary file. It can be used as a standalone tool, or as a plugin for binwalk (https://github.com/devttys0/binwalk).

Haven't tried it yet
Don't forget what the H stands for.

#### reyalp

• 13826
##### Re: cpu_rec - a tool for recognizing cpu instructions
« Reply #1 on: 15 / January / 2022, 16:26:13 »
I did actually try this a back in 2021, but apparently didn't post my notes Anyway, here they are

It identifies the arm and xtensa firmware. It unsurprisingly did not ID the jpcore or mecha blobs I tried.

Basic usage is just install per the readme and run
./cpu_rec.py PRIMARY.BIN

You can use it directly in Ghidra python like
Code: [Select]
>>> import sys>>> sys.path.append('c:\\path\to\cpu_rec')>>> from cpu_rec import which_arch>>> which_arch(str(bytearray(getBytes(toAddr('fc020000'),0x1000))))'ARMhf'The prompt re-appears before it finishes executing, which can take a long time for large address ranges.
Since Ghidra python doesn't include lzma, you need to unzip the corpus files first, like
Code: [Select]
xz -d *.xz
The command line variant tries sliding windows  of various sizes over the whole file, which IDed part of the jpcore blob as 6502 (virtually certain to be wrong).

Don't forget what the H stands for.