Disassemble Sony Ericsson K500 flash file - GSM-Forum

slappy · 02-22-2006, 15:52

Hello.. i'm trying to dissassemble SE K500 flash files for a little research, non commercial. i'm very new to this so need a big help from all of you.
The flash file (bin format) is ripped directly from K500, address is $44000000 until $46000000 (i got this range from somwhere else, please correct me if i'm wrong)
I tried a blind attempt to disassemble it using ida (selected procs is arm and leave other options to its default) but the result is a massive junk, only some interesting strings are returned. i don't event know where is the actual starting address.
Any guide on selecting the right processor, entry point, or anything at all will be highly appreciated.

thanks in advance

Vishay · 02-24-2006, 07:38

useful link: http://www.gsmericsson.narod.ru/

Taskeefoim · 02-26-2006, 14:09

i will happy if u check ufshwk becaze i recently flash a k500 when i click a option
named" Edit FS " i see many function like pic, tone , mp3 every thing that we can see in k500 ...........................
so this thing many question raise: 1 is that when a option is available in software why not in standalone software like samsung x100 firmwire editor
if u have canfusion in "edit fs "reply me i will post pic
keep it man very nice post

i realy appreciat your struggle

slappy · 02-27-2006, 14:25

Thanks for the usefull info. Actually my main goal is to understand how is everything processed inside SE (K500) phone. That way we can manipulate it's behaviour as we please, not just read/write user files from/to it.
I'm also wondering about the datasheet in the above link, it's written that it has 256Mbit available space which means there is a big empty space that we can use (K500 firmware + FS < 50M).

So, do you guys have information about the entry point of SE K500 arm firmware?

Dave.W · 02-27-2006, 18:11

some space in flash drive is used as ROM/RAM etc...

slappy · 02-28-2006, 03:35

@Dave.W
I'm aware of that, but CMIIW, the 'untouchable core system' of it can't be more than 200M. What I mentioned about K500 firmware + FS < 50M is also already over estimated because actually it only about 30M.

Vishay · 02-28-2006, 06:49

Entry point of SE arm firmware is, usually, in beginning of addressing space
(0x44000000), where located interrupt's vectors table, tipically that:
18, F0, 9F, E5, 18, F0, 9F, E5,18, F0, 9F, E5, 18, F0, 9F, E5, .... .

Zaihtam · 03-03-2006, 07:41

big endian or small endian? nokia use big endian.

BR,

IRpaj Zaihtam

ben_whiteus · 03-03-2006, 14:30

Quote:

Originally Posted by Zaihtam

big endian or small endian? nokia use big endian.
BR,
IRpaj Zaihtam

not all nokia phones though. At least DCT4 WD2 uses small endian. Not too sure about others.

02-22-2006, 15:52	#1 (permalink)
slappy Major Poster Join Date: Feb 2006 Posts: 49 Member: 235984 Status: Offline Thanks: 0 Thanked 0 Times in 0 Posts	Disassemble Sony Ericsson K500 flash file Hello.. i'm trying to dissassemble SE K500 flash files for a little research, non commercial. i'm very new to this so need a big help from all of you. The flash file (bin format) is ripped directly from K500, address is $44000000 until $46000000 (i got this range from somwhere else, please correct me if i'm wrong) I tried a blind attempt to disassemble it using ida (selected procs is arm and leave other options to its default) but the result is a massive junk, only some interesting strings are returned. i don't event know where is the actual starting address. Any guide on selecting the right processor, entry point, or anything at all will be highly appreciated. thanks in advance

02-24-2006, 07:38	#2 (permalink)
Vishay Junior Member Join Date: Feb 2004 Posts: 22 Member: 51992 Status: Offline Thanks: 0 Thanked 0 Times in 0 Posts	useful link useful link: http://www.gsmericsson.narod.ru/

02-26-2006, 14:09	#3 (permalink)
Taskeefoim Insane Poster Join Date: Jan 2006 Posts: 87 Member: 226642 Status: Offline Thanks: 0 Thanked 3 Times in 3 Posts	i will happy if u check ufshwk becaze i recently flash a k500 when i click a option named" Edit FS " i see many function like pic, tone , mp3 every thing that we can see in k500 ........................... so this thing many question raise: 1 is that when a option is available in software why not in standalone software like samsung x100 firmwire editor if u have canfusion in "edit fs "reply me i will post pic keep it man very nice post i realy appreciat your struggle Last edited by Taskeefoim; 02-26-2006 at 14:21.

02-28-2006, 06:49	#7 (permalink)
Vishay Junior Member Join Date: Feb 2004 Posts: 22 Member: 51992 Status: Offline Thanks: 0 Thanked 0 Times in 0 Posts	Entry point of SE arm firmware. Entry point of SE arm firmware is, usually, in beginning of addressing space (0x44000000), where located interrupt's vectors table, tipically that: 18, F0, 9F, E5, 18, F0, 9F, E5,18, F0, 9F, E5, 18, F0, 9F, E5, .... .

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

02-27-2006, 14:25	#4 (permalink)
slappy Major Poster Join Date: Feb 2006 Posts: 49 Member: 235984 Status: Offline Thanks: 0 Thanked 0 Times in 0 Posts	Thanks for the usefull info. Actually my main goal is to understand how is everything processed inside SE (K500) phone. That way we can manipulate it's behaviour as we please, not just read/write user files from/to it. I'm also wondering about the datasheet in the above link, it's written that it has 256Mbit available space which means there is a big empty space that we can use (K500 firmware + FS < 50M). So, do you guys have information about the entry point of SE K500 arm firmware?

02-27-2006, 18:11	#5 (permalink)
Dave.W No Life Poster Join Date: Nov 2001 Location: England Age: 30 Posts: 2,849 Member: 7653 Status: Offline Thanks: 337 Thanked 841 Times in 304 Posts	some space in flash drive is used as ROM/RAM etc...

02-28-2006, 03:35	#6 (permalink)
slappy Major Poster Join Date: Feb 2006 Posts: 49 Member: 235984 Status: Offline Thanks: 0 Thanked 0 Times in 0 Posts	@Dave.W I'm aware of that, but CMIIW, the 'untouchable core system' of it can't be more than 200M. What I mentioned about K500 firmware + FS < 50M is also already over estimated because actually it only about 30M.

03-03-2006, 07:41	#8 (permalink)
Zaihtam No Life Poster Join Date: Dec 2004 Location: 0x001FD00 Age: 35 Posts: 1,292 Member: 98572 Status: Offline Thanks: 166 Thanked 37 Times in 25 Posts	big endian or small endian? nokia use big endian. BR, IRpaj Zaihtam

Similar Threads
thread	Thread Starter	Forum	Replies	Last Post
sony ericsson j200i flash file please	green bird	Sony Ericsson	1	12-13-2008 14:21
Sony Ericsson S700 Flash Files?	kasalapi	Twisterflasher	8	06-24-2005 01:53
Sony Ericsson Griffin flash files for Griffin	estadios	Sony Ericsson	8	12-20-2004 12:42
i need Sony Ericsson K700i Flash file	simlockman1	Old Ericsson Phones & Sony Phones	2	06-18-2004 18:27
i need Sony Ericsson K700i Flash file	simlockman1	Wanted Products	0	06-14-2004 23:50