DS-Xtreme OpenSource Firmware Project
| |||
|
How Shuny's Downgrader Works
At offset 0x000B79F4 in the DSX updater application file you will find the URL that points to the DSX server. This is where update.txt can be loaded by the updater application.
In the file update.txt there is a URL which tells the DSX updater application file where it can load updater.bin from.
Shuny patched these URL's to point to another server where the older update.txt and update.bin could be found.
Hats of to Shuny for a very clever and inventive piece of work.
Modifying The PC Updater Application To Load Update.txt and Update.bin Off Your PC
Using a hex/binary editor alter the URL found in the PC updater at offset 0x000B79F4
0x0B79F0: 02 29 B9 59 68 74 74 70 3A 2F 2F 75 70 64 61 74 - .)¹Yhttp://updat
0x0B7A00: 65 2E 64 73 2D 78 74 72 65 6D 65 2E 63 6F 6D 2F - e.ds-xtreme.com/
0x0B7A10: 75 70 64 61 74 65 6A 2F 75 70 64 61 74 65 2E 74 - updatej/update.t
0x0B7A20: 78 74 00 00 00 00 00 00 00 00 00 00 00 00 00 00 - xt..............
0x0B7A30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 - ................
0x0B7A40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 - ................
To the following format: file://My Pc Name or My IP/Path to/update.txt (you must terminate the string with zero). Try not to go past the original URL string length as it might cause trouble.
0x0B79F0: 02 29 B9 59 66 69 6C 65 3A 2F 2F 4D 79 50 43 6F - .)¹Yfile://MyPCo
0x0B7A00: 72 49 50 2F 4D 79 50 61 74 68 2F 75 70 64 61 74 - rIP/MyPath/updat
0x0B7A10: 65 2E 74 78 74 00 00 00 00 00 00 00 00 00 00 00 - e.txt...........
0x0B7A20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 - ................
0x0B7A30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 - ................
0x0B7A40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 - ................
file://The Name Or IP Of Your PC/The Path To/update.txt,0 (dont forget to zero terminate the URL string.
Also change the URL found in update.txt with file://The Name Or IP Of Your PC/The Path To/update.bin
Work In Progress Log
5th January 2008:
Initial viewing of the PC Updater tool yields the following information.
1) The updater was coded with Borland Delphi development enviroment in C/C++. 2) The updater contains ZLIB compression librarys (probabily for the firmware). 3) The updater contains Altera Jam FPGA communication librarys (maybe for the JTAG connector on the circuit board). 4) The updater contains Indy Sockets library. 5) The Updater contains Cypress USB communication librarys.
On running the updater, it uses windows sockets api to download update.txt and update.bin from the DSX server. The Indy Sockets api is probabily the wrapper to call the windows sockets api, for platform independancy. Delphi also has wrappers for the application windows. The applications resources can easily be pulled out with XN Resource editor. I've also noticed on some of the disassembly that the updater looks like it can take command line arguments?
7th January 2008:
main page redesigned for clarity.
Firmware and other files moved to a seperate wiki page, and descriptions added for the files.
Link to the initial hardware explorations, files and api's added.
Changed the Mozilla references to the Indy.Sockets librarys.
Some terminology corrected
11th January
corrected the how did Shuny do it (missed the bit about altering update.txt)
added a little tutorial on how to make the updater load locally
Although it pains me so, I removed the DSX comment, by request of throwingwinks :(
ToDo:
I'm currently trying out a few disassemblers on the PC updater application .exe to see which gives me the best results. Get hold of the NDS launcher that was aquired with NO$GB and the wifi homebrew. This could be usefull to This log need moving to the discussion page.