Can the OBi1xx be downgraded?
azrobert:
Quote from: WelshPaul on June 26, 2015, 01:27:37 am
I just attempted to downgrade an OBi110 running 2872 and got the dreaded "Firmware downgrading is prohibited " message. So nope you cannot downgrade the firmware if you're running the latest firmware. :(
Not what I wanted to hear. Thank you for the answer.
drgeoff asked:
Quote
Did you just want to know the answer or do you really want to downgrade the firmware on a 110?
I was thinking of upgrading, but don't want to unless I can go back to my current level.
drgeoff:
Quote from: WelshPaul on June 26, 2015, 03:56:48 am
Can you post how to get around the checksum?
Would like to try this myself.
There is no standard way of computing a checksum. Variables include which part (if not all) of the file it is calculated from, its size (usually 8 or 16 bits) and where the expected result is placed.
Simple schemes just XOR every byte or word but others like md5 and sha1 could be used.
Most times the checksum is to provide some protection against the device being flashed with a corrupt file rather than trying to prevent 'hackers' from meddling so the level of obfuscation is frequently low and determined educated guesswork plus trial and error will crack it. Currently, I'm not feeling sufficiently motivated to have a go at it. :(
If you want to try it, here is one approach which might work. Assuming you can find the bytes which hold the version number, are there two which you can swap (replace each with the other) such that the version number will be higher? The file length will be unchanged and an XOR checksum over bytes will be unchanged.
SteveInWA:
This discussion begs the question: why worry? The current firmware has been out for a long enough period of time that any serious bugs would have surfaced and been discussed here. Is there some particular function that you are concerned about?
RFC3261:
Quote from: drgeoff on June 26, 2015, 08:31:01 am
There is no standard way of computing a checksum.
And while I have no idea if this firmware is so validated, SOP by many companies these days is to cryptographically sign the image with their private key (the public key being in the device). That basically eliminates tampering if combined with a validating boot loader (and while even those can be bypassed, it is beyond the casual user).
Navigation
[0] Message Index
[*] Previous page