Wifi Firmware

From PS3 Developer wiki
Revision as of 16:22, 16 August 2018 by Anonymous (Privacy policy) (→‎Other References)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Software

eCos

eCos is used to provide the Playstation's Wi-Fi support. eCos is an open source real-time operating system (RTOS). It is licensed under a modified version of GPL that allows the use of non GPL licensed code to be linked with eCos.

References:

http://www.ecoscentric.com/ecos/
http://ecos.sourceware.org/

Decompressed firmwares

Here are some dumps of decompressed eurus firmwares: https://mega.co.nz/#!3tZ3EZKY!uty6ESEPXC0JA4zEFpT7te6w-MtNB24Ubrjjlea76SA (0.80, 0.96, 4.50)

GoAhead Webserver

Inside the decompressed firmware is an embedded GoAhead webserver (CVE)

GameOS firmware file

Filename: eurus_fw.bin
Location: /dev_flash/sys/internal and inside CoreOS package

example from FW 2.40

Header:

Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F

00000000  01 00 00 00 00 00 F0 D0 B4 05 00 00 E5 63 86 B6  ......ðд...åc†¶
00000010  18 F0 9F E5 18 F0 9F E5 18 F0 9F E5 18 F0 9F E5  .ðŸå.ðŸå.ðŸå.ðŸå
00000020  18 F0 9F E5 00 00 A0 E1 18 F0 9F E5 18 F0 9F E5  .ðŸå.. á.ðŸå.ðŸå
00000030  58 00 F0 D0 40 00 F0 D0 44 00 F0 D0 48 00 F0 D0  X.ðÐ@.ðÐD.ðÐH.ðÐ
00000040  4C 00 F0 D0 00 00 00 00 50 00 F0 D0 54 00 F0 D0  L.ðÐ....P.ðÐT.ðÐ
00000050  FE FF FF EA FE FF FF EA FE FF FF EA FE FF FF EA  þÿÿêþÿÿêþÿÿêþÿÿê

only plain readable part:

Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F

00001B90  00 00 00 00 60 01 00 00 49 6E 76 61 6C 69 64 20  ....`...Invalid 
00001BA0  4F 70 65 72 61 74 69 6F 6E 00 00 00 02 00 00 08  Operation.......
00001BB0  44 69 76 69 64 65 20 42 79 20 5A 65 72 6F 00 00  Divide By Zero..
00001BC0  4F 76 65 72 66 6C 6F 77 00 00 00 00 55 6E 64 65  Overflow....Unde
00001BD0  72 66 6C 6F 77 00 00 00 49 6E 65 78 61 63 74 20  rflow...Inexact 
00001BE0  52 65 73 75 6C 74 00 00 3A 20 48 65 61 70 20 6D  Result..: Heap m
00001BF0  65 6D 6F 72 79 20 63 6F 72 72 75 70 74 65 64 00  emory corrupted.
00001C00  55 6E 6B 6E 6F 77 6E 20 73 69 67 6E 61 6C 00 00  Unknown signal..
00001C10  78 47 00 00 1E FF 2F E1 78 47 00 00 10 40 2D E9  xG...ÿ/áxG...@-é
00001C20  E9 FE FF EB 04 00 80 E2 10 40 BD E8 1E FF 2F E1  éþÿë..€â.@½è.ÿ/á
00001C30  08 B5 00 AB 18 70 03 20 69 46 AB DF 01 B0 08 BC  .µ.«.p. iF«ß.°.¼
00001C40  18 47 00 00 00 C0 9F E5 1C FF 2F E1 21 14 F0 D0  .G...ÀŸå.ÿ/á!.ðÐ
00001C50  78 47 00 00 10 40 2D E9 EF FF FF EB 00 10 A0 E3  xG...@-éïÿÿë.. ã
00001C60  00 10 80 E5 10 40 BD E8 1E FF 2F E1 41 62 6E 6F  ..€å.@½è.ÿ/áAbno
00001C70  72 6D 61 6C 20 74 65 72 6D 69 6E 61 74 69 6F 6E  rmal termination
00001C80  00 00 00 41 72 69 74 68 6D 65 74 69 63 20 65 78  ...Arithmetic ex
00001C90  63 65 70 74 69 6F 6E 3A 20 00 49 6C 6C 65 67 61  ception: .Illega
00001CA0  6C 20 69 6E 73 74 72 75 63 74 69 6F 6E 00 00 00  l instruction...
00001CB0  00 49 6E 74 65 72 72 75 70 74 20 72 65 63 65 69  .Interrupt recei
00001CC0  76 65 64 00 00 00 00 00 49 6C 6C 65 67 61 6C 20  ved.....Illegal 
00001CD0  A3 33 63 EF 01 00 00 00 70 1C F0 D0 B4 05 00 00  £3cï....p.ðд...
00001CE0  05 FC E6 C7 61 64 64 72 65 73 73 00 00 00 00 00  .üæÇaddress.....
00001CF0  00 00 00 54 65 72 6D 69 6E 61 74 69 6F 6E 20 72  ...Termination r
00001D00  65 71 75 65 73 74 00 00 00 00 53 74 61 63 6B 20  equest....Stack 
00001D10  6F 76 65 72 66 6C 6F 77 00 00 00 00 00 00 00 00  overflow........
00001D20  00 52 65 64 69 72 65 63 74 3A 20 63 61 6E 27 74  .Redirect: can't
00001D30  20 6F 70 65 6E 3A 20 00 4F 75 74 20 6F 66 20 68   open: .Out of h
00001D40  65 61 70 20 6D 65 6D 6F 72 79 00 00 00 00 00 55  eap memory.....U
00001D50  73 65 72 2D 64 65 66 69 6E 65 64 20 73 69 67 6E  ser-defined sign
00001D60  61 6C 20 31 00 00 55 73 65 72 2D 64 65 66 69 6E  al 1..User-defin
00001D70  65 64 20 73 69 67 6E 61 6C 20 32 00 00 50 75 72  ed signal 2..Pur
00001D80  65 20 76 69 72 74 75 61 6C 20 66 6E 20 63 61 6C  e virtual fn cal
00001D90  6C 65 64 00 43 2B 2B 20 6C 69 62 72 61 72 79 20  led.C++ library 
00001DA0  65 78 63 65 70 74 69 6F 6E 00 00 00 00 00 00 00  exception.......

Tail:

Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F

000709A0  3E CA D7 EA C7 4C 7A 6B A7 8F 5A E5 7B 91 BB F8  >Ê×êÇLzk§.Zå{‘»ø
000709B0  58 A7 4D AA E6 7C 72 D0 A4 8B C3 26 05 3F C7 EB  X§Mªæ|rФ‹Ã&.?Çë
000709C0  79 BB 09 DE 2E DC E0 A3 8B BC 4D 13 D7 FF 1B 00  y».Þ.Ü࣋¼M.×ÿ..
000709D0  60 40 00 D0 04 00 00 00 EC 47 9E 14 54 8A ED C0  `@.Ð....ìGž.TŠíÀ
000709E0  04 00 00 00 00 00 F0 D0 00 00 00 00 3C 1A ED 79  ......ðÐ....<.íy



Other References

aka: Eurus / Gelic / WLAN / JUPITER-TWO