User Tools

Site Tools


Poray OEM Firmware Deobfuscation

Usually stock firmware for Poray devices (as can be obtained from their webpage) is obfuscated with a simple XOR obfuscation.

Furthermore the upgrade mechanism incorporated into the stock firmware expects firmware files to be checksummed.


To deobfuscate stock firmware images you can use a special tool that has been developed for the OpenWrt project. The tool is called mkporayfw and can be found in the tools/firmware-utils directory of the OpenWrt tree.


The rootfs of the stock images can be unpacked with binwalk after having been deobfuscated.

To do this please use this command:

binwalk -e --matryoshka input.bin



toh/poray/poray.oem.firmware.deobfuscation.txt · Last modified: 2013/08/05 10:39 by lorema