router-tools icon indicating copy to clipboard operation
router-tools copied to clipboard

Published 20 hours ago verified publisher icon dev-zzo

Signature mismatch error

Open drsn00ker opened this issue 1 year ago • 3 comments

Looking at some slightly newer Zyxel firmware (related to keenetic modems)

https://drive.google.com/file/d/1j7BayPwmNZekHgzMzCBhBUNW0VV1E-Ek/view

I'm getting a signature mismatch error, rather than extracting the RasCode. (binwalk and unblob also cannot extract it) Would you mind having a look?

drsn00ker avatar Jul 14 '23 19:07 drsn00ker

Did not look too deep into it. But looks like cutting off the first 0x10000 bytes might help?

dev-zzo avatar Jul 14 '23 19:07 dev-zzo

Excellent plan. It gets further, but hangs up on IP6spec again with a signature mismatch, before it can get to the RasCode file I want to look at. Sounds like the spacing of this bin is different from normal.

drsn00ker avatar Jul 14 '23 20:07 drsn00ker

Apologies for continuing to butcher your code.... I changed line 260 of zynos.py to if mme.name=="RasCode":

Now it skips over the signature mismatch for Ip6Spec and extracts the RasCode for me. Of course you cannot repack the firmware. But I'm only after reverse engineering the RasCode. Now to find the keygen in the 6000 nameless decompiled functions...

drsn00ker avatar Jul 17 '23 17:07 drsn00ker