[Koken2003]

Hi. I have a feature phone it5081 and it is a spd chip based device. I want to make some modifications in its firmware so i downloaded its binary firmware which was available on internet. I came to know about some programs like binwalk, firmware mod kit etc used for reverse engineering. But, all the guidelines and discussions available on internet is all about binary firmware of  routers, smart tvs, android phones etc. So, is it possible to extract a feature phone binary firmware somehow?

[X3non]

Hi. I have a feature phone it5081 and it is a spd chip based device. I want to make some modifications in its firmware so i downloaded its binary firmware which was available on internet. I came to know about some programs like binwalk, firmware mod kit etc used for reverse engineering. But, all the guidelines and discussions available on internet is all about binary firmware of  routers, smart tvs, android phones etc. So, is it possible to extract a feature phone binary firmware somehow?

no, not that i'm aware off any methods to achieve this

[SachinBorkar]

Hi. I have a feature phone it5081 and it is a spd chip based device. I want to make some modifications in its firmware so i downloaded its binary firmware which was available on internet. I came to know about some programs like binwalk, firmware mod kit etc used for reverse engineering. But, all the guidelines and discussions available on internet is all about binary firmware of  routers, smart tvs, android phones etc. So, is it possible to extract a feature phone binary firmware somehow?

no, not that i'm aware off any methods to achieve this

Hex @X3non, I know I am late for this thread but i also working for same thing.
I personally myself think that it is possible to modify feature phone firmware.
Most of feature phones based on ARM 9 or ARM Cortex platform, we have to find base address for IDA Pro to reverse engineer it.If you did all still there are CRC32 Checksome which prevent to modify firmware.
We have to disable it.

I also need someone to teamwork for it, if you have time or you did read this message @Koken2003 then contact me.

[X3non]

Hex @X3non, I know I am late for this thread but i also working for same thing.
I personally myself think that it is possible to modify feature phone firmware.
Most of feature phones based on ARM 9 or ARM Cortex platform, we have to find base address for IDA Pro to reverse engineer it.If you did all still there are CRC32 Checksome which prevent to modify firmware.
We have to disable it.

I also need someone to teamwork for it, if you have time or you did read this message @Koken2003 then contact me.

hey, it's been long and good to know you're still here
maybe you could try reaching out to the OP via email if he's still interested

[SachinBorkar]

Hex @X3non, I know I am late for this thread but i also working for same thing.
I personally myself think that it is possible to modify feature phone firmware.
Most of feature phones based on ARM 9 or ARM Cortex platform, we have to find base address for IDA Pro to reverse engineer it.If you did all still there are CRC32 Checksome which prevent to modify firmware.
We have to disable it.

I also need someone to teamwork for it, if you have time or you did read this message @Koken2003 then contact me.

hey, it's been long and good to know you're still here 
maybe you could try reaching out to the OP via email if he's still interested

Hey! nice to meet you again. 
I did mail him we will sort it out if he contacts.

But if someone (in future) found my post here are some points for you to reverse engineering firmware.

1) We don't know base address due to this IDA Pro can't able to detect it correctly also due to symbol table it also doesn't detect it.
Solution: Use Hopper, it detects all symbols if we use base adress as 0x8000000 (IDA not)

2) Binwalk utility shows wrong file signature and can't get any file inside firmware.
Solution: firmware is written in c/c++ language and for detecting and extracting images from firmware use "Ghidra". It shows all images embedded but not show good deasamble code.

3) Use Use google to find same phone via memory chip IE "Spansion"
 Why ? Ans: I found same phone and get firmware which my phone also can run and have new games :-)
Aside you can research and exploit it too.

4) For hardware reverse engineering there are memory I/O addresses ?
Ans: Yes, If you change any byte of that address then hardware get activated ie SIM card via "000001"
/* I cant remeber it corectly but maybe you get it from firmware */

If you still need information on ARM firmware reverse engineering then goto

1) https://www.youtube.com/watch?v=q4CxE5P6RUE&t=483s
2) https://www.youtube.com/watch?v=V6ZySLopflk&t=50s

If you want to contact me in future as I can't always online on this forum and want to contribute in feature phone firmware reverse engineering

Contact Me: Twitter @borkarsachin97

[hernanperez]

good good