android
  #1  
Old 05-01-2007, 09:48 PM
zivan56 zivan56 is offline
Member
 
Join Date: May 2006
Location: Vancouver, BC
Posts: 461
Default connect hacking

Since Sandisk released some tools for recovery, I have been trying to figure out what these tools do. Here are some things I have discovered:

There are references to the following files:

DefaultFirmwareImageName: vmlinux.srr.e
This is the linux kernel, which is quite standard in a linux system. The .e extension probably means it is encrypted.

DefaultPlatformImageName: ZAP.tar.gz.e
These are probably the userspace utilities (i.e the user interface)

DefaultFileSystemImageName: initrd.srr.e
This is what is loaded into memory when you press power, it probably has an image which loads the user interface right along with runtimes, without having to load them one by one.

DefaultPlatformSignatureImageName: ZAP.tar.gz.sig
Some signature, perhaps a checksum to make sure the images are not corrupted.


under C:\Program Files\SanDisk\Sansa Connect Device Recovery\cmdline
zsi_fw.exe can be used to read/write the firmware from the device:
ex: zsi_fw -r 512 file.bin
would download 512 bytes from the device when it is plugged in. Likewise, the -w would write it
Also, the recover program refers to:
zsi_fw -w vmlinux initrd
Which is called directly by the recovery program to update firmware.
zsi_fw -r 32
reads the device version

zaprecover.exe is used to load a recover image apparantly.
ex: zaprecover.exe -f recovery.bin would send the image to the player. It accepts encrypted/unencrypted images.

If someone with a connect could run via console:
C:\Program Files\SanDisk\Sansa Connect Device Recovery\cmdline\zsi_fw -r 512 file.bin
and send file.bin, it will help people determine if device firmware can be read directly from the device.

If you have any info about the device, feel free to contribute
__________________
Sandisk Sansa e200 v1 w/Rockbox
Microsoft Zune 30 GB v2.3 Firmware

Last edited by zivan56; 05-01-2007 at 10:31 PM.
Reply With Quote

Advertisement [Remove Advertisement]

  #2  
Old 05-02-2007, 05:03 PM
kennyj kennyj is offline
Member
 
Join Date: Feb 2007
Posts: 303
Default

Well, that's a pretty straightforward confirmation that the Connect uses Linux...

So, anyone sufficiently familiar with the GPL want to get SanDisk to release the changes they've made to the kernel, bootloader, etc? That wouldn't necessarily include details like the file format, the hardware design, etc. but would provide a starting point for hacking efforts.
Reply With Quote

  #3  
Old 05-02-2007, 08:22 PM
zivan56 zivan56 is offline
Member
 
Join Date: May 2006
Location: Vancouver, BC
Posts: 461
Default

Well they must release the modified code, otherwise their license to use Linux is terminated and they cannot legally distribute the connect.
However, I believe that this responsibility falls to Zing, as they made 95% of the device (Sandisk apparently only branded the device)
__________________
Sandisk Sansa e200 v1 w/Rockbox
Microsoft Zune 30 GB v2.3 Firmware
Reply With Quote

  #4  
Old 05-03-2007, 12:34 PM
kennyj kennyj is offline
Member
 
Join Date: Feb 2007
Posts: 303
Default

They must, but that doesn't mean that they will do so quickly & voluntarily.

Remember the Linksys WRT54G? They eventually released most of the source (save for some components that they could not release under license but that themselves were not utilizing GPL code anyway) but it took a fair amount of arm-twisting on the part of the community.

SanDisk tends to release minimal information concerning their software and specs (seen any changelogs?) so I'm not holding my breath. I've no experience dealing with Zing, so they're a wildcard here.

Of course, they don't necessarily have to release everything needed to fully compile the source. They only need to release the sources of the GPL components including changes they made to said components. The rest can be kept as secret or as open as they like. That said, much can be learned by looking at even a part of the codebase they're using, so getting a source release of even limited size would be helpful for hacking the Connect.
Reply With Quote

  #5  
Old 05-03-2007, 10:49 PM
zivan56 zivan56 is offline
Member
 
Join Date: May 2006
Location: Vancouver, BC
Posts: 461
Default

^^ Well they must at least release the modification made to the kernel in order to boot it. This is the most important thing IMO, as someone could figure out the rest or use binary drivers if need be.
__________________
Sandisk Sansa e200 v1 w/Rockbox
Microsoft Zune 30 GB v2.3 Firmware
Reply With Quote

  #6  
Old 05-21-2007, 08:27 PM
apreble apreble is offline
Junior Member
 
Join Date: May 2007
Posts: 1
Default

I don't have too much experience hacking, but this device would be much more fun if it could surf the web, or maybe even upload pictures to a blog from a MicroSD card. I just bought a connect, but I'm not sure if I'll hang on to it if I can't get it to do anything more exciting than connect to Yahoo Music .

Let me know if there's anything I could do to help the cause...
Andrew
Reply With Quote

  #7  
Old 06-30-2007, 10:41 AM
Ace12's Avatar
Ace12 Ace12 is offline
Junior Member
 
Join Date: Jun 2007
Posts: 44
Default

Well if you get an internet browser, you would you would want them to come up with an entirely new interface for text input. Would you really want to use the scroll wheel to select every character for this message... that would take forever.
__________________
Ace12

"Where there is data, it shall be manipulated."
Reply With Quote

  #8  
Old 07-13-2007, 05:25 PM
jamma's Avatar
jamma jamma is offline
Junior Member
 
Join Date: Jul 2007
Location: In a broken down tractor
Posts: 20
Default

I was wondering if there's any homebrew in near sight.
I know there's a healthy amount for the e200 series and I want to get some use out of this Connect for once. :|
Reply With Quote

  #9  
Old 07-14-2007, 12:26 PM
chrisjs162216 chrisjs162216 is offline
Ultra Senior Member
 
Join Date: Oct 2006
Location: Somewhere
Posts: 1,515
Default

Kind of an old thread...

The odds of a homebrew aren't too likely right now. You'd need the signature for the bootloader to accept the firmware, plus a way to make it download that firmware, since it doesn't need to connect to a computer, and the only way we got Rockbox working on the e200 (non-R) series is because of a bug in the bootloader that allowed us to sign a dummy signature for Rockbox.
Reply With Quote

  #10  
Old 01-15-2008, 09:08 AM
dsojourner dsojourner is offline
Junior Member
 
Join Date: Dec 2007
Posts: 3
Default Zing released GPL software mods

Hi Doug, Here are the links to the source code for the GPL code used in the Sansa Connect software. These are current. http://www.zing.net/osl/sansa/busybox.tar.gz http://www.zing.net/osl/sansa/gpg.tar.gz http://www.zing.net/osl/sansa/linux.tar.gz http://www.zing.net/osl/sansa/mono.tar.gz http://www.zing.net/osl/sansa/resample.tar.gz http://www.zing.net/osl/sansa/uClibc.tar.gz Sincerely, Marta Cervantes Dell-ZING marta_cervantes@dell.com
Reply With Quote

  #11  
Old 01-15-2008, 02:58 PM
obo obo is offline
Junior Member
 
Join Date: Jan 2008
Posts: 2
Default

I hadn't seen this thread before, but in the last few weeks I've been collecting a bit of information about the Connect - http://www.rockbox.org/twiki/bin/view/Main/SansaConnect
Reply With Quote

  #12  
Old 01-19-2008, 09:26 AM
PromisedPlanet's Avatar
PromisedPlanet PromisedPlanet is offline
Member
 
Join Date: Jun 2007
Posts: 234
Default

Get the Connect to stream Shoutcast, and you guys will be Godz!
Reply With Quote

  #13  
Old 01-19-2008, 12:17 PM
mtz2000 mtz2000 is offline
Junior Member
 
Join Date: Jan 2008
Posts: 3
Default

Hi Guys, just got a Sansa connect too and would absolutely like to help liberating it.

Did i understand it right that all the sources on the zing website won't help us - because we dont know a working bootloader-signature?

Has anyone done a wireless portscan on it already? Maybe some open SSH-Ports?
Reply With Quote

  #14  
Old 01-19-2008, 04:24 PM
mtz2000 mtz2000 is offline
Junior Member
 
Join Date: Jan 2008
Posts: 3
Default

One addition: Read in another thread (http://www.anythingbutipod.com/forum...ad.php?t=20873) that it is actually possible to flash the firmware from a pc - using the recovery tool.

@dsojourner: What's Dells position concerning our quest to completely release the connect-sourcecode - so that we can improve it ourselves?

Thanks, mtz2000
Reply With Quote

  #15  
Old 01-22-2008, 02:23 PM
dsojourner dsojourner is offline
Junior Member
 
Join Date: Dec 2007
Posts: 3
Default

I got a very brief reply -- pretty much just "here are the links". They didn't say so, but I get the impression it's not something they want us doing -- otherwise we'd know how to sign files for the boot loader.

It's just that they understand GPL2, and aren't fighting about sharing their patches.

Quote:
Originally Posted by mtz2000 View Post
One addition: Read in another thread (http://www.anythingbutipod.com/forum...ad.php?t=20873) that it is actually possible to flash the firmware from a pc - using the recovery tool.

@dsojourner: What's Dells position concerning our quest to completely release the connect-sourcecode - so that we can improve it ourselves?

Thanks, mtz2000
Reply With Quote

  #16  
Old 04-16-2008, 02:56 AM
SansaKiller SansaKiller is offline
Junior Member
 
Join Date: Apr 2008
Posts: 1
Default Sansa Connect Secrets revieled

Ok guys, I have the Connect, and for any of you who know about networking may have heard about NMAP, (Network Mapper).

Upon connecting the Sansa to my ntwrk, NMAP scan does show that it is based on Linux Debian kernal. Port open on device 3389.

Want more information?


http://daniel.haxx.se/sansa/ <--- Commonly known

but try this

http://daniel.haxx.se/sansa/connect/


Try decompiling the firmware on a Linux OS and see what you can find out


Your Friendly Neighborhood Sansa Killer
"If they make it, I will break it"
Reply With Quote

  #17  
Old 01-16-2009, 11:53 PM
joselec joselec is offline
Junior Member
 
Join Date: Jan 2009
Posts: 1
Default Device Recovery?

Esteemed friends, I have a Sansa Connect 4G, he is blocked and I entered it in the mode of restoration, when I connect his cable show recovering's message, Please Wait, take down the Recover Sansa Device, but when I run this soft at the end I receive a message to get connected to Internet, I must reduce some more, the joselec would thank his help, many thanks
Reply With Quote

Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT -5. The time now is 09:49 PM.