SamyGO

http://www.multiupload.com/V5ESL00M34

extract to /dtv/usb/sda1/
chmod 777 samsung_hash


1st option check firmware hash :
./samsung_hash

2nd option create hash for a file u wish :
./samsung_hash your_file


Denny

and... does it write correct firmware hashes to bml3 ?
Are you ready to decrypt->encrypt->flash firmware to TV and do not brick it? ...

basicly juuso /mtd_exe /mtd_appdata may be changed, it is just need after flashing to store correct hash in "/dev/bml0/9" btw in "/dev/bml0/10", depends whitch parition is active.

the time u have for to do this as i checked hw engine is around 5-10 minutes.

about , write to hash, i realy dont know how to write data to flash my linux is just for such things to do okey, but more i can not do at the moment
i also realy dont have idea whitch parition is for what , am just doing such things that i released and not released yet


firmware crypt/decrypt are at the moment not importiant for me but as i have see , it is also gone partly over HW engine(key decryption), i am now on hashing of Internet@TV applications to discover out.


Denny

card2000: It would be great if you post a source code of this program.

Regarding flashing a modified version... I have found these strings in exeDSP from BD-C6900 blu-ray player: So, it seems fsrrestore is a program which writes data to flash. There might be a similar lines in your exeDSP. If you have Linux, download exeDSP to your computer and run You will see a lot of text, some will be senseless. Within less program press /, enter word Image and press "Enter". Probably it will find the lines above.

there is no fsrrestore command in exeDSP t-valdeuc firmware

timoo wrote:there is no fsrrestore command in exeDSP t-valdeuc firmware

Yes, but there might be something similar. You will need to look for lines which may be related to the firmware flashing. Try to look for lines which contain bml. Besides exeDSP, some flash related stuff can be inside shell scripts.

do yo think something like this > fsrbootwriter /dev/bml0/c %s dd if=%s of=/dev/bml0/1 ?

timoo wrote:do yo think something like this > fsrbootwriter /dev/bml0/c %s dd if=%s of=/dev/bml0/1 ?

It could be... At least fsrbootwriter also exists in my blu-ray player. It seems to be a program for flashing specifically bootloader only. The command dd is a tool to copy data from one file or device to another. if means Input File, of means Output File. There might be some additional options for dd like bs=%d, ibs=%d, obs=%d or count=%d, etc. They can be concatenated to the original string in some other parts of the code.

Nevertheless, don't try these in your TV or player without good knowledge and understanding of what are you doing. It would be nice if someone could find a way to restore the firmware in case if the device is bricked. As far as I know, there is no such a tool yet.

mirsev wrote:

timoo wrote:do yo think something like this > fsrbootwriter /dev/bml0/c %s dd if=%s of=/dev/bml0/1 ?

Nevertheless, don't try these in your TV or player without good knowledge and understanding of what are you doing. It would be nice if someone could find a way to restore the firmware in case if the device is bricked. As far as I know, there is no such a tool yet.

i have no problem understand how update process is done by dissassembling my exeDSP with ida pro and debuggingg with gdb

timoo, when i start gdb server, after tv goes to breakpoint gdbserver get sig signal and restart the tv. i wanted also to trace there some stuff but no luck yet.

denny