View Single Post
  #3  
Old 05-04-2011, 09:28 PM
chrgu000 chrgu000 is offline
Junior Member
 
Join Date: May 2011
Posts: 2
Default

Quote:
Originally Posted by kao View Post
Kao,

Thanks for your reply, I have successfully extract the uImage to a piggy file. Following is the procedure:
1. Use the script (http://buffalo.nas-central.org/wiki/...act_an_uImage), which will extract uImage to zImage;
2. Use following command:arm_v5t_le-objdump -EL -b binary -D -m armv5t zImage | grep 8b1f, this will find the offset of real kernel code in zImage, e.g. skip the self decompress code.
3. Use dd if=zImage of=piggy.gz bs=1 skip="offset found in setp 2" | gunzip piggy.gz. After this command, we will get a piggy file, which contains pure kernel code, but this is only a binary format, not a ELF format, so IDA can not diassemble it.
=============================

So, my question is: when I get this piggy file, how can I diassemble it, and find the "interesting code " in this file?

Any suggestion?

Thanks
Reply With Quote