Thursday, March 3, 2011

Aluratek AIREC01F #9

So according to episode 6 we have Blowfish tables from 0x0008bc90 to 0x0008ccd8 + 1024 - 1 = 0x0008ccd7 (included).

After that, from 0x0008ccd8 to 0x0008dc8f we have repeated 0xFF bytes.

And before that, we have our strange 32 byte signature found in episode 7 from 0x0008bc70 to 0x0008bc8f.

(And even before, there's a lot of repeated 0xFF bytes also.)

We can notice something:

$ echo $((0x8dc8f - 0x8bc90 + 1))

There is some padding to 8192 bytes (2^13) with 0xFF.

We also have our strange 32 byte signature at 0x00087c50, and then repeated 0xFF from 0x00087c70 to 0x0008bc6f (included).

$ echo $((0x8bc6f - 0x87c70 + 1))

There is also some padding to 16384 bytes (2^14) with 0xFF.

No comments:

Post a Comment