0

I'm new to reverse engineering and embedded micro-controllers in general and I want to find useful information about my MCU's firmware:

This is a Chinese manufacturer

Datasheet Excerpt

My questions are the following:

  • What is the format of the hex inside the MCU?
  • How to identify the target device using this information?
  • Identifying the process
  • Identifying the set architecture
  • What other information do I need to be able to access the firmware?
  • The main board drives 2 water sensor and a LCD. The default maximum temperature set by the manufacturer is 70 degree celcius. I just want change this default maximum to temperature to 69. Can this be done?

Here is a link to the xml file: https://sendeyo.com/en/4f7d3f81ff

tum_
  • 632
  • 1
  • 7
  • 16
Peter Wilner
  • 9
  • 3
  • 2
    Google search by chip model gives: [ES7P2023FHSH](http://www.oneyac.net/product/15737566.html), manufacturer EasySoft. Some 8-bit MCU. You can hardly do much without the datasheet. The datasheet can (typically) be either purchased or downloaded from the manufacturer. – tum_ Dec 17 '19 at 10:33
  • They use a silicon labs C8051F340 MCU to talk to their PCB's MCU. Does this mean that their MCU needs to have the same features as the one in silicon labs ? – Peter Wilner Dec 18 '19 at 00:55
  • @tum_ I'm doing it now – Peter Wilner Dec 18 '19 at 06:10
  • https://sendeyo.com/en/4f7d3f81ff – Peter Wilner Dec 18 '19 at 06:29
  • @tum_ Does a hex disassembler do anything to help ? like if for example you wanted to tweak some parameters yourself instead of going to the manufacturer ? The hardware programmer's MCU is from silicon labs . can I use the same hardware programmer to flash the firmware? – Peter Wilner Dec 18 '19 at 07:11
  • To be able to tweak some parameters such as changing the default temperature threshold ( This was set by the manufacturer ) by myself without going to the manufacturer . I think there is 2 way to do accomplish this task 1. Reverse engineering 2.writing the code from scratch which is assembly in this case – Peter Wilner Dec 18 '19 at 07:44
  • haha, No. The main board drives 2 water sensor and a LCD. The default maximum temperature set by the manufacturer is 70 degree celcius. I just want change this default maximum to temperature to 69. Can this be done? – Peter Wilner Dec 18 '19 at 08:08
  • can you use radare2 to reverse engineer it ? I have also uploaded the summary of the datasheet. Isn't Intel 8051 – Peter Wilner Dec 19 '19 at 02:35
  • I have the full datasheet now – Peter Wilner Dec 19 '19 at 07:10
  • you are being downvoted already for non-compliance with the SO rules. You are expected to show all your previous research, give all the relevant details in your question body and ask 'specific' questions. Instead, you are misusing the resource by generating the chat in comments and giving out a single bit of info at a time. I have removed my comments. Have you read the [Help](https://stackoverflow.com/help) page? – tum_ Dec 19 '19 at 07:23

1 Answers1

0

Your "VP002.XML" shows the chip model as ES7P2023FHSH, the Google search gives the info under the link: 8-bit MCU, manufacturer Easysoft.

The format in the 'programData' section looks like the Intel HEX format.

Given this, you can extract the actual content (strip the "intel HEX" headers) and try to disassemble (this could be the 8051 ISA or something from the PIC family of MCUs - but this is actually the key thing for you to find out). That is, of course, if the code had not been encrypted/obfuscated prior to being wrapped into the "intel Hex".

Unless you can read the Chinese already you can use any OCR+Translate app for your other images. I've heard 'Google Camera' for Android can do this, never tried myself.

Once you're positive that you know the ISA you can disassemble the code. There are plenty of tools around for popular ISAs (8051, PIC are very popular), but this can also be done manually with pencil and paper if necessary.

tum_
  • 632
  • 1
  • 7
  • 16