Poray OEM Firmware Deobfuscation

Usually stock firmware for Poray devices (as can be obtained from their webpage) is obfuscated with a simple XOR obfuscation.

Furthermore the upgrade mechanism incorporated into the stock firmware expects firmware files to be checksummed.

Deobfuscating

To deobfuscate stock firmware images you can use a special tool that has been developed for the OpenWrt project. The tool is called mkporayfw and can be found in the tools/firmware-utils directory of the OpenWrt tree.

Unpacking

The rootfs of the stock images can be unpacked with binwalk after having been deobfuscated.

To do this please use this command:

binwalk -e --matryoshka input.bin

Checksumming

#TODO#

Back to top

toh/poray/poray.oem.firmware.deobfuscation.txt · Last modified: 2013/08/05 10:39 by lorema