hacking Canon EOS 1000D - page 7 - DSLR Hack development - CHDK Forum

hacking Canon EOS 1000D

  • 101 Replies
  • 126469 Views
Re: hacking Canon EOS 1000D
« Reply #60 on: 14 / February / 2010, 06:12:16 »
Advertisements
@raptorx30 : GREAT!!!! Gratiz has posted few information about the 1000d. the firmware is very similar to the one of the 450d. maybe you can "just" rewrite the 450d fw.

Re: hacking Canon EOS 1000D
« Reply #61 on: 03 / March / 2010, 14:52:14 »
I have some knowledge in C, i'll do my best to support this camera

Wow that's great news, give me some hope for CHDK on our DSLRs one day!

Re: hacking Canon EOS 1000D
« Reply #62 on: 20 / March / 2010, 15:01:26 »
@raptorx30 .... anything new about your project?

Re: hacking Canon EOS 1000D
« Reply #63 on: 11 / May / 2010, 03:33:30 »
hello. i might have found something new: http://www.woodmann.com/forum/archive/index.php/t-7663.html

On this page people is talking about how to disassemble a firmware coming from a vxworks router, one of them writes:
Quote
I tried once to crack some vxwoks firmware. Inside the original file was another zlib compressed file that needed to be extracted. I used simple python script to extract data and continue analysis. Could find script if interested.
Did you set correct processor for your binary?

another userwho is struggling to get the same result asks:
Quote
if you could share that script, please send it across . it will be useful in few cases if you are reversing Linux kernel binary also. please share that !!

and the creator of the first message sent him this script:
Code: [Select]

from sys import *

from struct import *

from zlib import *



def main():

    print "\nextract and decompress zlib"

    if len(argv) is not 3:

        print """

Usage:

  <argv1> source file

  <argv2> dest file

    """

        exit()

    else:

        print """

Using:

  Source: %s

  Dest: %s

     """ % (argv[1],argv[2])

    try:

        in_fd=open(argv[1],"rb"

    except:

        print "[-]Could't open file %s" % argv[1]

        exit()



    try:

        out_fd=open(argv[2],"wb"

    except:

        print "[-]Could't open file %s" % argv[2]

        exit()



    buff=in_fd.read()

    print 'Length', hex(len(buff))



    for i in range(len(buff)):

        try:

            decomS = decompress(buff[i:])

        except:

#            print '.'

            continue



    print "Got it ", i, hex(i)

    out_fd.write(decomS)

    print "[+]Done writing to '%s'" % argv[2]



if __name__=="__main__":

    main()

the zilb compression library (http://www.zlib.net/) could have compressed our firmware... what do you think about this?

during the following days i'm going to try another idea: formatting an sd card, putting on it the firmware with other files then deleting them all and formatting then trying to find the files that was saved there with a file recovery software: do you think this would help splitting the original firmware from the empty bits???


Re: hacking Canon EOS 1000D
« Reply #64 on: 17 / May / 2010, 04:55:25 »
I have been a user of CHDK for S3. I finally upgraded to 1000D(FW v1.0.6). I am a programmer with c/c++ knowledge, and I am willing to get my hands deep on enabling spot metering and ISO3200 on my DSLR. I may have time implementing the features, but please don't rush me.

Could someone tell me how should I get started?

Re: hacking Canon EOS 1000D
« Reply #65 on: 19 / June / 2010, 19:57:27 »
I added some LED addresses to the wiki page http://chdk.wikia.com/wiki/1000D#LED_addresses, just in case you want to blink out a firmware dump yourself. I'm currently working on a new dump, but it's quite difficult to make it work.
The 1000D I bought last week has firmware version "1.0.7"... It seems this version has not been released on Canon's website yet.
I wrote a PM to Gratiz, but I think he's still busy with his studies.

Re: hacking Canon EOS 1000D
« Reply #66 on: 25 / June / 2010, 10:11:02 »
I just finished creating a firmware dump of 1.0.7: http://www.MegaShare.com/2260320
Now the next thing would be to make "EnableBootDisk" work, I think it's located at "ROM:FFD21248" and referenced from "ROM:FFD211DC". Then we can take a look at the beta source code of the 400D port...

Re: hacking Canon EOS 1000D
« Reply #67 on: 26 / June / 2010, 05:19:36 »
Wow, great work, thanks for your efforts.

Please keep the project going.

Something like Magic Lantern, "DSLR-CHDK" or enabling the features of the 450d + high ISO and 5x bracketing would be awesome.
« Last Edit: 26 / June / 2010, 05:23:01 by bastisk8 »


Re: hacking Canon EOS 1000D
« Reply #68 on: 02 / July / 2010, 21:13:46 »
Wow that's great news, give me some hope for CHDK on our DSLRs one day!

Re: hacking Canon EOS 1000D
« Reply #69 on: 04 / July / 2010, 17:07:50 »
@engelmarkus : sounds german, right?

really great work!

spot methering and 3fps in raw would be some awesome.....you are my hope!

 

Related Topics