---- START NEW MESSAGE --- Received: from cherry.ease.lsoft.com [209.119.0.109] by dpmail10.doteasy.com with ESMTP (SMTPD32-8.05) id A0FF14A601F4; Wed, 28 Jan 2004 16:17:03 -0800 Received: from PEAR.EASE.LSOFT.COM (209.119.0.19) by cherry.ease.lsoft.com (LSMTP for Digital Unix v1.1b) with SMTP id <4.00CC1B55@cherry.ease.lsoft.com>; Wed, 28 Jan 2004 19:16:53 -0500 Received: from MITVMA.MIT.EDU by MITVMA.MIT.EDU (LISTSERV-TCP/IP release 1.8e) with spool id 0548 for PICLIST@MITVMA.MIT.EDU; Wed, 28 Jan 2004 19:16:47 -0500 Received: from MITVMA (NJE origin SMTP@MITVMA) by MITVMA.MIT.EDU (LMail V1.2d/1.8d) with BSMTP id 9540; Wed, 28 Jan 2004 19:14:50 -0500 Received: from nwkea-mail-1.sun.com [192.18.42.13] by mitvma.mit.edu (IBM VM SMTP Level 430) via TCP with ESMTP ; Wed, 28 Jan 2004 19:14:49 EST X-Comment: mitvma.mit.edu: Mail was sent by nwkea-mail-1.sun.com Received: from jurassic.eng.sun.com ([129.146.88.31]) by nwkea-mail-1.sun.com (8.12.10/8.12.9) with ESMTP id i0T0Epj4006234 for ; Wed, 28 Jan 2004 16:14:51 -0800 (PST) Received: from Sun.Com (viper.SFBay.Sun.COM [129.146.88.132]) by jurassic.eng.sun.com (8.12.11+Sun/8.12.11) with ESMTP id i0T0Epfw422313 for ; Wed, 28 Jan 2004 16:14:51 -0800 (PST) User-Agent: Mozilla/5.0 (X11; U; SunOS sun4u; en-US; rv:1.6) Gecko/20040116 X-Accept-Language: en-us, en MIME-Version: 1.0 References: <2193429B07D9914D97216EBBAA6AB8BD1A04D3@whitlam.corp.gli.com.au> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Message-ID: <4018507B.9090108@Sun.Com> Date: Wed, 28 Jan 2004 16:14:51 -0800 Reply-To: pic microcontroller discussion list Sender: pic microcontroller discussion list From: John Plocher Organization: Systems Architecture Council Subject: Re: [PIC:] Disassemblers To: PICLIST@MITVMA.MIT.EDU In-Reply-To: <2193429B07D9914D97216EBBAA6AB8BD1A04D3@whitlam.corp.gli.com.au> Precedence: list X-RCPT-TO: Status: U X-UIDL: 371856174 Liam O'Hagan wrote: > Now I have to go through and find whatever is hidden in the code, without > the source, and without knowing specific details of how the person is > getting this money :( fun times ahead! Assuming you have both the "original" and the "buggered" bits, you should be able to semi-mechanically identify the differences, or at least the "mostly common" sections. On the assumption that the buggered chip "works" in the field for the rest of the users, most of the original routines must still be there in some form, simply because the original work it was designed to do still needs to be done. Doing this at a course level (ignoring goto/call addresses, absolute values of register locations... - if this were a high level language I'd call it "the parse tree") should let you identify chunks of common code, which you can set aside for the moment while you focus on the stuff that is unique to the original ("missing features") or unique to the buggered version ("backdoor hack"). Once you have a handle on the hack, it should be easy (for Wouter at least :-) to figure out the rest .... I have not done it recently (the search, that is!), but googling for how to identify cheaters on comp sci class projects should find you plenty of ideas, tools and anecdotes. -John -- http://www.piclist.com hint: The list server can filter out subtopics (like ads or off topics) for you. See http://www.piclist.com/#topics .