Difference between revisions of "IDA Pro Setup"

From The iPhone Wiki
Jump to: navigation, search
(How to set up IDA pro to reverse the 3G baseband)
Line 16: Line 16:
 
7. Press OK
 
7. Press OK
 
8. The entry point is the address at 0x20040408
 
8. The entry point is the address at 0x20040408
  +
  +
  +
9. Go to 20100004 and Press "C" to start. ~Deco
  +
10. Read the instructions so you can find other places where you can press "C" to get more code. ~Deco

Revision as of 14:32, 17 August 2008

How to set up IDA pro to reverse the 3G baseband

The X-Gold 608 has a memory map, as seen in it's page.

The Secpack 2.0 takes up the first 0xCF8 of the .fls file.

So to load the 3G .fls file into IDA pro, the file offset is 0xCF8(for the secpack), and the CODE starts at the ROM start address of 0x20040000(since it's the main firmware)

For real noobs:

1. Drag the fls file into IDA
2. Select ARM
3. Change ROM start address to 0x20040000
4. Change Loading address to 0x20040000
5. Change File offset to 0xCF8
6. Copy Loading size into ROM size
7. Press OK
8. The entry point is the address at 0x20040408


9. Go to 20100004 and Press "C" to start. ~Deco

10. Read the instructions so you can find other places where you can press "C" to get more code. ~Deco