netkas.org forum
October 14, 2019, 12:39:35 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Information for registering users http://forum.netkas.org/index.php/topic,2246.0.html
 
   Home   Help Search Login Register  
Pages: [1]
  Print  
Author Topic: Need tuto for patching binary file  (Read 12999 times)
fantomas1
Not Newbie
*
Offline Offline

Posts: 44



« on: February 18, 2012, 06:03:29 PM »

Hi   Smiley

firstly, i would like to thank you netkas for all what you done for mac/hac community, specially for HD 48xx  graphics cards !

with the Mountain Lion DP1 release exiting, the temptation is big to do some tests !  Cheesy

I dont know if you have some times to do something for those graphics cards, but it could be possible to give a tuto to how patching the binary file from ATIRadeonX2000.kext/Mac/ATIRadeonX2000

I have a HD 4830 and it works fine with your qe_ci patch, but on 10.8, it's a little instable !  My card is recognized great but it's seems dont have qe/ci allowed.




But this card works fine on 10.6.8 and 10.7.3 !   Wink

It would be really great to have a tutorial !

Thank you in advance !


Cordially
Logged
netkas
Administrator
Hero Member
*****
Offline Offline

Posts: 835



« Reply #1 on: February 18, 2012, 08:50:58 PM »

get ATIRadeonX3000 binary from 10.7.3 and from qe_ci pkg

lipo -thin i386 ATIRadeonX3000_orig -o 32_orig

lipo -thin i386 ATIRadeonX3000_patched -o 32_patched

cmp -l 32_orig 32_patched

it will show which bytes differs, there is few.

now open 32_orig and 32_patched in ida and see, its really simple patch since 10.6.8 or so.

same for 64-bit version, you just need to nop(replace with few 0x90) one instruction.
Logged
fantomas1
Not Newbie
*
Offline Offline

Posts: 44



« Reply #2 on: February 19, 2012, 12:46:19 PM »

Thank you for responding !    Cheesy

you talk about ATIRadeonX3000, but isn't it ATIRadeonX2000 for HD 48XX ?   Huh

I'm not very familiar with a disassembler, but when I make the command cmp -l 32_orig 32_patched in the terminal, I have this:

Mac-de-Apple:Desktop Mac$ cmp -l 32_orig 32_patched
 463910  32  50
 463925  17 231
 463926 203 220
 463927  64 220
 463928 377 220
 463929 377 220
 463930 377 220


So if I understand correctly, here are which differentiate  binarys between 32_orig and 32_patched, isn't it ?

So what's the way to patching ? I have IDA Pro 6.2


P.S : i know the easy way's to let you do it and to wait your qe_ci patch, but I'd really like to learn to do it myself !  Smiley

thank you for understanding and for all what you done !
Logged
netkas
Administrator
Hero Member
*****
Offline Offline

Posts: 835



« Reply #3 on: February 19, 2012, 06:41:46 PM »

Yeah, x2000, typo.

Well, open both 32-bit files in ida, go to the address u see in cmp output and you will see difference in instructions, two instructions patched for 32-bit, one for 64-bit
Logged
fantomas1
Not Newbie
*
Offline Offline

Posts: 44



« Reply #4 on: February 20, 2012, 01:29:41 AM »

sorry netkas, I didn't take the right ATIRadeonX2000 !    Embarrassed

so, now this is what i have with cmp -l 32_orig 32_patched
                                              cmp -l 64_orig 64_patched


http://www.mediafire.com/file/upvuv44pzvnx6si/ATIRadeonX2000 binary patching.zip




Logged
duffs
Not Newbie
*
Offline Offline

Posts: 17


« Reply #5 on: February 26, 2012, 05:49:46 PM »

Grin it works on mountain lion dp1 to . thanks for your tip and patch. 4890

so what does cpm compare tells me. i found your patch searching ida for __zn23..... and then compared hex and found it.

32 bit

hex

83FF1A0F8742FFFFFFB8454400040FA3F80F8334FFFFFF

to

83FF280F8742FFFFFFB8454400040FA3F8909090909090

nice! thx
Logged
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.21 | SMF © 2015, Simple Machines Valid XHTML 1.0! Valid CSS!