Amiko HD8150 Emulation in windows (Qemu)

S

Screamfox

Registered
Messages
6
I have some questions well today I tried to emulate with (Qemu) a STB firmware (.abs extension file) in Qemu. So I tried to unpack the .abs file I got many files.

Example for: Amiko HD8150 2.4.43 emu Firmware.

Software used: Ali Main Code Decrypter 8.9

Files unpacked:

bootloader
MemCfg
maincode(AV)
seecode
default_lang
cipluskey
countryband
logo_user
logo_menu
logo_radio
logo_boot
patch
defaultdb(PRC)
userdb(64+64)
Software used: binwalk

TERMINAL OUTPUT:

# binwalk -e AMIKO_HD8150_2.4.43_emu.abs

Code: 
DECIMAL       HEXADECIMAL     DESCRIPTION

--------------------------------------------------------------------------------
196736        0x30080         LZMA compressed data, properties: 0x6C, dictionary size: 8388608 bytes, uncompressed size: 11883876 bytes
3866752       0x3B0080        LZMA compressed data, properties: 0x6C, dictionary size: 8388608 bytes, uncompressed size: 3255512 bytes
5636224       0x560080        LZMA compressed data, properties: 0x6C, dictionary size: 8388608 bytes, uncompressed size: 87904 bytes
Files unpacked:

30080
3B0080
560080
When I open the 30080 file with hexdump I can see this at the end:

Code: 
# hexdump -C 

part of file 


00b51a30  00 00 00 00 4c 69 62 63  6f 72 65 20 76 65 72 73  |....Libcore vers|
00b51a40  69 6f 6e 20 31 33 2e 31  36 2e 30 40 53 44 4b 34  |ion 13.16.0@SDK4|
00b51a50  2e 30 66 61 2e 31 33 2e  31 36 5f 32 30 31 36 31  |.0fa.13.16_20161|
00b51a60  30 31 39 28 67 63 63 20  76 65 72 73 69 6f 6e 20  |019(gcc version |
00b51a70  33 2e 34 2e 34 20 6d 69  70 73 73 64 65 2d 36 2e  |3.4.4 mipssde-6.|
00b51a80  30 36 2e 30 31 2d 32 30  30 37 30 34 32 30 29 28  |06.01-20070420)(|
00b51a90  41 64 6d 69 6e 69 73 74  72 61 74 6f 72 40 20 46  |Administrator@ F|
00b51aa0  72 69 2c 20 4a 75 6c 20  32 38 2c 20 32 30 31 37  |ri, Jul 28, 2017|
00b51ab0  20 31 32 3a 35 33 3a 32  38 20 41 4d 29 0a 00 00  | 12:53:28 AM)...|
00b51ac0  44 4d 58 5f 53 33 36 30  31 5f 30 00 00 a1 03 18  |DMX_S3601_0.....|
When I use readelf it says this file isn't an ELF file.

So I tried to open the bin 30080 in the qemu (Win64) but it doesn't start the emulation.

Code: 
 C:\Program Files\qemu>qemu-system-mips.exe -machine mips -cpu mips32r6-generic -drive file=C:\30080.bin,index=0,media=disk,format=raw

qemu-system-mips.exe: warning: could not load MIPS bios 'mips_bios.bin'
So I think something is wrong. Well I know the kernel is missing but how can I know the correct kernel for this firmware. Has someone tried to open (emulate) a STB firmware in Qemu before? Do you think I need to create an image with bin files or emulate as rs232 flash ?

Sorry for all this questions I never used Qemu before.
 
S

Screamfox

Registered
Messages
6
dekolte said:
Called here
Click to expand...

Do you have some idea ?

I have in mind to change/edit the code of all firmware's to upgrade the Cccamd version to latest 2.3.2.

and after emule the abs in Qemu to check if everything is OK.

So can you give me some help about this, i see you made some firmware's customization like in Amiko HD8150 galaxy.

and at the same time i would like to know what is the diference betwen Amiko hd 8150 and galaxy ? can i flash a Amiko hd 8150 with you galaxy firmware ?

Regards
 
S

Screamfox

Registered
Messages
6
This is a little more complicated than looks like, but not impossible, on web you can find a lot of thins done by me this can you improve you time , and on pastbin you can find people have completely decoded the maincode file, just search by keywords ;)
 
S

Screamfox

Registered
Messages
6
in most cases abs are designed for ALI processor, and ALI is based in MIPS architecture but unfortunately is only based not the same architecture, you can find on Google many schema for ALI processors like the model ALI M3602
 
You must log in or register to reply here.
Top