Reverse engineering a CSL Dualcom GPRS part 6 – interpreting EEPROM

In the last post we read out the contents of an EEPROM for one of the Dualcom GPRS boards. This is in the native Bus Pirate format:

0x00 0x47 0x00 0x25 0x01 0x25 0x00 0x40 0x32 0x52 0x00 0x41 0x00 0x00 0x00
 0x00 0x33 0x32 0x33 0x35 0x39 0x33 0x30 0x30 0x31 0x31 0x32 0x39 0x32 0x36 0x00
 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
 0x00 0x33 0x32 0x33 0x35 0x39 0x33 0x30 0x30 0x31 0x31 0x32 0x39 0x30 0x36 0x00

and needs translating into a prm file for the Windows utility to read it.

Python comes to the rescue again:

datafile = open('/Users/andrew/data/BP.txt', 'r')
outfile = open('/Users/andrew/data/BP.prm', 'w')

hexValues = []

# Get all of the values into one big list
for row in datafile:
    values = row.split('0x')
    for value in values:
        if len(value) == 3:
            hexValues.append(value.strip())

# First row is different - handle this
first = True

# We want to flip values around
for i in range(0, len(hexValues)-1, 2):
    if first:
        # The first row is a special case
        outfile.write('H,' + hexValues[i+1] + ',' + hexValues[i] + '\n')
        first = False
    else:
        outfile.write(hexValues[i+1] + '\n')
        outfile.write(hexValues[i] + '\n')

# The fluff at the end of the file copidd from Sample.prm - hope no checksums!
footerfile = open('/Users/andrew/data/footer.txt', 'r')

for row in footerfile:
    outfile.write(row)

outfile .close()

We now have BP.prm. Let’s try opening that in the Windows utility:
Real EEPROM data

Excellent! It works fine. A very old version of the firmware – 1.25!

Then if we whack this through the Python utility that converts it into strings, we get very similar output to before:
Screen Shot 2014-03-31 at 15.40.11

Leave a Reply

Your email will not be published. Name and Email fields are required.

This site uses Akismet to reduce spam. Learn how your comment data is processed.