"Unsigned flash" related discussion

[Feezex]

Im about to retrofit my monochrome ic204 to color one.
So it can be a good spot to learn more about it, edit some menu, icons etc.
Since @jglim done it before and @VladLupashevskyi made interesting things with IC.
My question is:

1. I need to get mcu dump to get the const verification value or it can possibly be read by can?
2. @jglim can you explain icons decrypt, i need a hint because i cant find any in files you been using due experiment.
3. I want to make my own localization due this small project, so to get full menu tree or localization indexes - internal slash may be needed.
4. i tried this d70f3421 with vvdi prog, got identification only, mcu is locked. So i need here another programmer such as orange5 with v850 licence. Which one you been using?

[jglim]

Take note that the mcu that I worked on was µPD70F3426 (note the last digit, yours is 1), there might be subtle differences:

For (1) and (4), if your objective is to modify the firmware, I believe there's an easier way that does not care about the verification checkpoints. If you can unlock the device through seed key to enable uds memory reads, you should also be able to dump the entire firmware. This dump only needs to be done once, after which you can then freely modify it and write it back using your programmer. The mcu is locked by default, but you can erase and write the dumped firmware back, and leave the protection off this time.

It might be worth noting that there is a risk of bricking the mcu if there are extra config/parameters (e.g. fuses, clock source) that were not properly migrated. I ignored this while using an orange5, which was risky, but was lucky that the reflash was successful.

As far as I remember, there are no checksums that prevent a modified firmware from booting, as long as the verification constants are present.

Also, since you have taken off the protection after writing back the dump, you now have the capability to read back the flash. You should then be able to compare the dumps of a working flash, and a bad flash to identify the addresses and values of the verification checkpoints. In my case, I found those using ghidra, but I believe that comparing 2 flash dumps will be a lot faster.

(3) I don't quite understand the question.

(2) is fairly straightforward for monochrome devices. The images are uncompressed binary bitmaps, so each byte contains 8 pixels, either on or off. The images should be visible when you fiddle with the length and alignment:

---

Back then, I also experimented with replacing the amg logo with bmw m-sport logo, but I never got to see it in action as I could not find out how to send the steering wheel button messages to the cluster. Would have been fun to see that in action

[VladLupashevskyi]

Oh, images are done the same way as on ki211.

There is also must be a structure with width in bits and height in bytes for each image.

[VladLupashevskyi]

What helped me to find them is to open dump in hex editor and enable binary view, then by changing width of window you can notice them rather easy

[Feezex]

2049022702/2049022802 the files you been using, im trying to locate any image here.
Can you show any in hex so i can have start point, of what to search.
if i understand correctly it must be like :

[jglim]

$ md5sum 2049022802_001.cff
1eb6c9a9e8114a58696224adbb1cbab3  2049022802_001.cff

0x5A1DB:

00 00 00 00 00 00 80 E0 F0 F0 F0 F0 F0 F0 F0 F0 70 10 80 E0 F0 F0 F0 70 10 80 E0 F0 F0 70 10 80 E0 F0 70 10 80 E0 70 10 80 E0 F0 F0 70 30 30 30 30 30 30 30 30 30 70 F0 F0 E0 80 00 00 00 00 00 F0 F0 F0 F0 F0 E0 C0 C0 80 00 00 00 00 00 80 C0 C0 E0 F0 F0 F0 F0 F0 00 00 F0 F0 F0 F0 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 00 00 00 
00 00 00 20 38 3E 3F 3F 3F 3F 3F 3F 3F 1F 07 21 38 3E 3F 3F 1F 07 21 38 3E 3F 1F 07 21 38 3E 1F 07 21 38 1E 07 21 38 3E 3F 1F 0F 0F 0E 0E 0E 0E 0E 0E 0E 0E 0E 0E 0E 0F 0F 1F 3F 3E 38 20 00 00 3F 3F 3F 3F 00 01 01 03 03 07 07 06 07 07 03 03 01 00 00 3F 3F 3F 3F 00 00 3F 3F 3F 3F 30 30 30 30 33 33 33 33 33 33 33 33 33 3F 3F 3F 3F 00 00 00

-----------------------------------------------------------------------------------------------------------------
1                                                                                                                 
2                                                                                                                 
3                                                                                                                 
4                                                                                                                 
5        ██████████  █████  ████  ███  ██  ███████████████       █████             █████  █████████████████████   
6       ██████████  █████  ████  ███  ██  █████████████████      ██████           ██████  █████████████████████   
7       ██████████  █████  ████  ███  ██  ████         ████      ████████       ████████  ████                    
8      ██████████  █████  ████  ███  ██  ████           ████     █████████     █████████  ████                    
-----------------------------------------------------------------------------------------------------------------
1      ██████████  █████  ████  ███  ██  ████           ████     ████ ██████ █████  ████  ████    █████████████   
2     ██████████  █████  ████  ███  ██  █████████████████████    ████   █████████   ████  ████    █████████████   
3     ██████████  █████  ████  ███  ██  █████████████████████    ████     █████     ████  ████             ████   
4    ██████████  █████  ████  ███  ██  ███████████████████████   ████               ████  ████             ████   
5    ██████████  █████  ████  ███  ██  ████               ████   ████               ████  █████████████████████   
6   ██████████  █████  ████  ███  ██  ████                 ████  ████               ████  █████████████████████   
7                                                                                                                 
8                                                                                                                 
-----------------------------------------------------------------------------------------------------------------

[Feezex]

recommend an editor plz
@jglim you havent mentioned image flipped 90^ clockwise, pff it almost blow my mind, but that can help in future.
Wonder how color ones are made, as rgb? there must be 3 color layers?

[Feezex]

Seed level 0D doesnt allow to read those sectors, so i was able to read memory 0x0 to 0x10B18 , 66,7kb only.
Question about verification checkpoints. Are they stored in cff's?
I guess flash routine (cbf,cff or conrol unit side )decode checkpoint values from cff's CCC block, compares whem with data written. So thats another task from another thread.,
Basically to modify cff , CCC block must be fixed with new checksums + main cff Cks.
Seems only cff knews exact way to extract those values. We can try move to some smr-d , since it can be decoded, and flash process can be revealed. For ODX only control units CFF's are also avaliable, so here we can get the pack of data : CCC decode sequence & data to verify it works properly.
Such function will make huge advantage to UnlockECU, so anyone will be able to modify cff and write it withought external programmer. Here i will mention that actions like that requires full understanding of risk, its unsafe and can destroy control unit, but that must be written with red in header of new UnlockECU tab =)
@jglim you used script to write back verification keys after flash and before 31 01 ff 01 (RT_Check_Routine_Start_Signature_Check), but you got them from mcu full read, unfortunately i can't read mcu for now.
Playing with color cffs doesnt gave any result yet, cant detect bitmaps and dont understand how they are implemented.

[Feezex]

this looks very similar to @jglim case but not the same.
@jglim can you share your mcu dump so i can learn more about it.

[jglim]

This is the base image for the mcu, I have removed the firmware content by filling the firmware segments defined by the CFF with 0xFF

You will need to obtain the CFF for 2049022702 and 2049022802 as those files belong to MB and I can't upload them here.
Write the segments from those CFFs into this base image. When the segments are restored, you will have the equivalent of the full mcu dump.

template_2049022702_2049022802.zip

$ md5sum *
f062539835ee81cd7854d101e985b7c0  2049022702_001.cff
1eb6c9a9e8114a58696224adbb1cbab3  2049022802_001.cff
9b96bbabde1bbd495701d2a65d4c8f20  complete_dump.bin
6992c0ffad502bd06a9b81a20014e111  template_2049022702_2049022802.bin

[Feezex]

so if the color cluster have 5 cff's, i need to merge all data by offsets to single file - thus how i can get comlete dump

[jglim]

can you share your mcu dump so i can learn more about it.

My earlier post is specific to my mono 204 mcu only, those files are used to assemble the dump for the UPD70F3426GJ mcu.

I don't know about color 204 clusters. I assume there is still a NEC mcu as usual, as well as a second coprocessor to drive the color screen (toshiba capricorn?). Might explain why there are 5 CFFs, but I do not know how they are delivered, maybe both mcus sit on the same bus?

[jglim]

I don't think there's an editor for monochrome bitmaps for this use case. It should be easier to diy by converting the bytes into pixels and dumping them into a file where you can resize the window to find patterns.

No idea about rgb, depends on display type and image modes. Typical embedded displays tends to be rgb565 or argb4444, better screens use rgb888/argb8888. Like the monochrome, you'll need to find the patterns and work from there.

Checkpoints are not stored in CFF. The flash is transferred without any changes, and the checkpoints are written when the signature check 31 01 FF 01 is called. I've written about the 204 flash messages here earlier: jglim/UnlockECU#25 (comment)

The flash routine is fairly straightforward and doesn't handle any of the security aspects. It is designed to be untrusted with the assumption that the end users (e.g. us) are capable of emulating or tampering with the messages. The actual check is done on the ECU.

MB holds a private key which is never shared, and the corresponding public key is embedded in the ECU. When MB pushes out a firmware, the private key is used to create a signature of the firmware, and is sent to the ECU with 31 01 FF 01. The ECU then hashes the received firmware, then verifies that (1) the signature can be decrypted by the public key, and (2) the signature output is identical to the previously calculated hash.

The v2 branch has preliminary and very dodgy flash support that works for my 204. It doesn't use a separate flash script, instead it uses the original script that was embedded in the CBF. If you want to figure out how the flashing logic works, you might want to look around there.

[Feezex]

Got a ori o5, and it cannot bypass mcu protection.
@jglim how did you read yours, which license been using?
Or which security level allows to read flash fully?

[jglim]

If I recall correctly, I used both level 9 and 13. Level 13 seems to be used for write access so you can try with 9 first.

My device was also initially protected and had to be erased to remove the lock. Since the full firmware was already dumped earlier over UDS, I could then flash it back onto the device via the o5.

[Feezex]

Ok i sorted this things out. My mistake was to read len 0x10000, as i saw that there was no data, but hasnt pay attention that there was no refuse message. So all 256kb done by obd.

[Feezex]

uPD70F3421
Flash size: 256 KB

Security flag information:

BOOT SEC: OFF
READ SEC: OFF
WRITE SEC: OFF
BLOCK SEC: OFF
ERASE SEC: OFF
And dash is feeling good after write back dump
It was test run on GB version test unit

[Feezex]

Interesting thing that 3426 is a 2Mb len, so 0 to 0x1FFFFF. Both of cff files are written to mcu and fits with offsetts.
In my case 3421 is 256kb (0 to 3FFFF).
Ressource2 starts from BC000000.
All data from 5 cff's are stored outside of mcu flash. And its ~40Mb.
That makes sense for security purpose, mcu flashed by factory, locked so noone cant reach seed or another routines.
All things that stored in cff's - graphic mcu (Toshiba TX4964FG-120) or external flash content.
And it doesnt fits here also: TX4964FG-120: 64-bit RISC TX49/L4, 120 MHz, SDRAM 4 MB.
So next is Spansion S29GL512N10TFA02 , 512 Megabit (64Mb), 3V Page Mode Flash Memory featuring 110 nm MirrorBit™ Process Technology

[Feezex]

*256kb mcu took 1 hour to read by obd.
Ext flash - 64Mb, so it will take 10 days for it)) better to read it outside of board.
0D level allows to read, write isnt possible

[jglim]

For mono 204:

Programming session allows limited write for mcu internal flash. I believe a minimal firmware is running from the RAM (required for self reprogramming) during this state. and there is no support for the external eeprom.

Extended session, 0D allows read+write to the external eeprom, and read only for the internal flash. The firmware is running off the internal flash, so it cannot be written to.

External programmer can always read+write to external eeprom. For the main mcu, once the protections are off, you can also read+write. I believe the checkpoints can be found by dumping and diffing the firmware; for the first flash, use a clean unmodified CFF, and for the second, skip the signature check. From my experience, as long as the 5A 5A 5A 5A are present, the device will run fine even if there are modifications.

Which hardware and CFF files are you using? Since you have a full dump now you can try using https://binvis.io/ to look for patterns in the memory

[Feezex]

@jglim for monochrome - i have same 5a.. keys, if i want modify flash - each time i must write changes with O5 withought changing keys? Seems there no way to write changes directly after seed, even with mcu protection off.

For color one. Heres my build:
d70F3421 (256kb, not used by can, possibly controllling leds, and needles) + Toshiba TX4964FG (2 CAN channels rx tx , display, 4 MB) + eeprom 25128 (16KB) + flash S29GL512N10TFA02 (64Mb)
SW: 2049021203 - interesting cff, possible to flash with monaco only, vediamo cant find flash key, meaning etc. , partially contain Toshiba code;
2129021705;
2049028102;
2049028302;
2049028502.
3421full.zip
Spent much time trying to identificate any images.
I used different tools such as Binocle and 7yuv (activate by modify main exe 0x8E6, 0x8E7 - 8AC3 to B001)- this one can display data as RGB565 RGB88 and others.
2129021705_001\Ressource2_BC000000 , Got only one that i can recognize clearly.
Looks like Attention assist - cup.

Seems to be - distronic symbol:

tried to cut out cup, i find each line starts and ends with alot of garbage which makes image to slip in lines, and thus why hard to identify methods used here. All known here variants in 7yuv cant stabilize any image.

Heres is sample image

[jglim]

Yeah the easiest way would be to make changes to your working, bootable dump, then write it back directly with O5.

When UDS write memory by address is available, the cluster is booting from internal flash. The internal flash cannot be modified when it is also concurrently in use by the firmware. I believe that the firmware only executes from RAM in bootmode (allowing self-reprogramming), but the UDS write is not implemented in that mode.

Protection off only lets you dump the flash anytime, this allows you to compare a good, signed flash, as well as a bad flash to identify where the 5A values are.

I looked very briefly at Ressource2_BC000000 but I could not recognize or identify any known color modes. I found it interesting that the bytes at the tail end were consistently increasing in value. Those values appear to be aligned in 4 bytes, and there is always an FF (alpha? assuming full alpha, ARGB or RGBA? The color values did not make sense to me)

[Feezex]

play with with width, as long as you resize dump - different images appears

[Feezex]

what going to happen if i fill with FF all 7 5A keys?

[jglim]

The default erased flash state should be FF. The 5A values are only added directly by the ECU when the signature check is successful.

Depending on what you remove, there will be different side effects. For example on the mono 204, if the data block does not have a proper signature, it will show the "Reprogramming not correct!" screen. If the application block isn't signed, the screen will be uninitialized, and the device will start in bootmode, and will be accessible on the canbus.

[Feezex]

Color cluster in my case include 1276 pictograms.

Small investigation on tx mcu usage:

1. Renault Grand Scenic III 2012 : tx4964fg + S29GL064N901F103
2. Mercedes-Benz CLA AMG I (C117, X117) 2013-2016 : tx4964fg + S29GL512S11TFA02
3. 204, 207, 212, 218 (my case)
4. W166, W176, W246 2012+
5. Audi Q3 p\n 8U0920990A : CPU 70F3426, GPU TX4964FG-120, Flash S29GL064N90TFA03, LCD LT035CA23300 (99% same as w212)
   Frf file points to same offset for toshiba mcu as in w212 starts at C0000000
6. Passat B7 S29GL128N90TFAR2 (3D) p\n 3AA920880G
7. Passat CC
8. VW Tiguan Magotan CC B7L
9. Porsche Macan