More ActiveGPS inspection with Python/Wireshark/Ghidra

Python, Wireshark, ActiveGPS.exe, Ghidra
My ActiveGPS device, purchased maybe 15 years ago (no more produced) 

Hardware used:
https://techcoderadio.blogspot.com/2025/04/some-activegps-pymocking.html

Enhanced version of the PyMock for the ActiveGPS (due to hw setup many retries required when running with sleep or flush .... maybe com0com would work better?). B = b'0303 ... firmware version, 3.6 is the latest version

import serial
import time

A = b'00'
B = b'03036F72AD18F8BF4B07DA01120B3215AF00'
C = b'00000'
D = b'00'
E = b'00'
J = [
     b'18F8BF4B07DA01120B3215AFFFFFFFFF',
     b'409CA961000050124EF175426C73AE41',
     b'14060D0907DB5B58421D474A4A00FFFF',
     b'FFFFFFF133FB33FB33FA33FA33FA33FA',
     b'33FA33FA33FA33FA33FA33FA33FA33FA',
     b'33FA33FFFFFFFFFFFFFFFFFFFFFFFFFF',
     b'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF',
     b'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0000',
    ]

ser = serial.Serial('COM7', 9600, timeout=None)
print("...")
while True:
    s = ser.readline()
    #if s[0:1] == b'\xff' or s[0:1] == b'\xfe' or s[0:1] == b'\xfc':
    #    s = s[1:]
    if s[0:1] != b'&':
        s = s[1:]
    print('\r\nReceived ' + str(s))
    if s == b'&A\r\n':
        print('\tSent ' + str(A))
        ser.write(A)
    elif s == b'&B\r\n':
        print('\tSent ' + str(B))
        ser.write(B)
    elif s == b'&C01\r\n':
        print('\tSent ' + str(C))
        ser.write(C)
    elif s == b'&J\r\n':
        for i in J:
            print('\tSent ' + str(i))
            ser.write(i)
    elif s == '&E000000\r\n':
        print('\tSent ' + str(E))
        ser.write(E)
    elif s == '&D\r\n':
        print('\tSent ' + str(D))
        ser.write(D)
        break
    #else:
    #    break
    time.sleep(0.01)
    #ser.flush()
ser.close()
print("Port closed")



 

                                                Firmware 3.3

 

 Use active mode (Aktiivi Ftp) FTP transfer (päivitä firmware = update firmware)


 

Wireshark



Data packets export as bin in Wireshark and e.g. Linux cat as single file for the e.g. Ghidra or DetectItEasy
 

  

Comments

Post a Comment

Popular posts from this blog

Inspecting Alinco DJ-X100E firmware updater

Image
DJ-X100E(CPU 4.00-004 _DSP 1.07).exe dotPeek, Visual Studio 2022, Detect It Easy Detect It Easy  Motorola S-record inside (DIE Strings view)   DIE save Strings to file   dotPeek to Visual Studio solution. Renesas microcontroller? BIN file inside VS solution. VS can show its content in HEX and ASCII   Python code for extracting S-record lines from the DIE strings file fin = open("G:\\DJ-X100E(CPU 4.00-004 _DSP 1.07).exe.Strings.txt", mode="r", encoding="utf8") fout = open("G:\\DJ-X100E-SREC.txt", mode="w", encoding="utf8") arr = ["S00", "S311", "S315", "S309", "S30B", "S307", "S30C", "S30F", "S30E", "S30D", "S705", "S306"] while True:     line = fin.readline()     if not line:         break     for item in arr:         i = line.find(item)         if i > -1:             fout.write(line[i:])             break...
Read more

Modifying old SDR# TETRA demod plug-in

Image
 15.3.2021 Modifying old SDR# TETRA demod plug-in Visual Studio 2019 Community Edition C#, .NET 4.6 dotPeek SDRSharp.Tetra.dll - TETRA demodulator plug-in version 1.0.10.1 Reverse engineering SDRSharp.Tetra.dll with dotPeek. Mod for PDU raw data display in Network info screen.   Logging PDU data to logfile NetinfoWindow.cs private StreamWriter pduLog = null; public NetInfoWindow(TetraSettings tetraSettings) ... pduLog = File.AppendText(DateTime.Now.ToString("yyyyMMddHHmmss") + "_pduLog.txt"); public void UpdateTextBox ...                 if (GlobalFunction._pduTxt.Trim().Length > 0)                 {                     this.callsTextBox.AppendText(GlobalFunction._pduTxt + Environment.NewLine);       ...
Read more