radio_tool icon indicating copy to clipboard operation
radio_tool copied to clipboard

Published 20 hours ago verified publisher icon v0l

Dump firmware

Open suhajda3 opened this issue 3 years ago • 21 comments

Hello,

Is it possible to dump the whole firmware? I have two UV-15R and accidentally bricked one of them with a wrong firmware. I would like to download the original firmware from the good one and upload it to the bricked one.

Thanks!

suhajda3 avatar Jul 22 '22 08:07 suhajda3

Are you able to start the radio in programming mode?

v0l avatar Jul 23 '22 17:07 v0l

Yes, I can start programming mode on both radios.

suhajda3 avatar Jul 24 '22 18:07 suhajda3

I think you can just flash the firmware on again by downloading it online? There shouldnt be a need to copy the firmware from one radio to the other

v0l avatar Jul 24 '22 21:07 v0l

I couldn't find the firmware online, that is why I would like to dump it from the good one.

suhajda3 avatar Jul 25 '22 07:07 suhajda3

There is no support currently to dump the firmware only the bootloader

v0l avatar Jul 25 '22 07:07 v0l

Yes, I can run it on a Mac. Do you have any plans to support firmware dump as well?

suhajda3 avatar Jul 25 '22 07:07 suhajda3

I dont have a lot of spare time but i can try to see if it works in the next few days, ill update here if it worked

v0l avatar Jul 25 '22 08:07 v0l

I dont recall does this look like vector table? image

edit: no this is the start of the bootloader

v0l avatar Aug 18 '22 22:08 v0l

Ok it looks like it does just dump the decrypted firmware.. need to finish this off

v0l avatar Aug 18 '22 23:08 v0l

What's needed to finish this issue? Maybe I can help with it. I have exactly the same problem as @suhajda3 - I've installed P15UV GMRS firmware on UV-15R radio and want to go back.

kosciej avatar Aug 19 '22 00:08 kosciej

Test this branch and see if works for your radio, it might not even work as some bootloaders dont allow reading at all.

https://github.com/v0l/radio_tool/tree/try-dump-firmware

radio_tool -d 0 --dump-firmware -o test.bin

This branch will only dump a small section of data so its not complete yet, we would also need to re-wrap the firmware if its dumped as decrypted

v0l avatar Aug 19 '22 09:08 v0l

Thanks.

I get this error when running the command:

error parsing options: Argument ‘-o’ failed to parse

suhajda3 avatar Sep 16 '22 08:09 suhajda3

Try with --dump-firmware at the end

v0l avatar Sep 16 '22 09:09 v0l

./radio_tool -d 0 -o test.bin --dump-firmware error parsing options: Option ‘dump-firmware’ is missing an argument

suhajda3 avatar Sep 16 '22 10:09 suhajda3

Ok add a random value --dump-firmware true

v0l avatar Sep 16 '22 10:09 v0l

./radio_tool -d 0 -o test.bin --dump-firmware true error parsing options: Argument ‘true’ failed to parse

suhajda3 avatar Sep 16 '22 11:09 suhajda3

Looks like its supposed to be a number, try with a number

v0l avatar Sep 16 '22 15:09 v0l

./radio_tool -d 0 -o test.bin --dump-firmware 1 Segmentation fault: 11

suhajda3 avatar Sep 16 '22 17:09 suhajda3

Maybe try a larger number 0x1000

v0l avatar Sep 16 '22 20:09 v0l

Join Discord to discuss more

v0l avatar Sep 19 '22 20:09 v0l

Cross-referencing https://github.com/CtrlC-Root/gm30/issues/1 in case it could help.

drzraf avatar Apr 27 '23 04:04 drzraf