Skip to content
GD-77, GD-77S, RD-5R, MD-760 and DM-1801 reverse engineering
Branch: master
Clone or download
talentraspel Merge pull request #4 from acontini/master
Original Baofeng DM-860 firmware v.3.1.9. This is the latest version …
Latest commit d76a271 Apr 16, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Baofeng_RD-5R Added RD-5R firmware files V2.0.9 and V2.1.0 + Modified batch files t… Mar 29, 2019
DM-1801 added MD-760 and DM-1801 firmware stripping/decryption/reencryption Apr 2, 2019
DM-860 Original Baofeng DM-860 firmware v.3.1.9. This is the latest version … Apr 15, 2019
GD-77_MCUXpresso
GD-77_cpu-id_calc
GD-77_firmware_decrypt_encrypt initial upload Mar 6, 2019
GD-77_firmware_decrypt_encrypt_workdir
GD-77_firmware_find_shift
GD-77_firmware_find_shift_workdir
GD-77_firmware_stripper initial upload Mar 6, 2019
GD-77_firmware_stripper_workdir added MD-760 and DM-1801 firmware stripping/decryption/reencryption Apr 2, 2019
GD-77_flash_readout
GD-77_new_firmware added more pin initialization information Mar 31, 2019
GD-77_recreate_uploadable_firmware added RD5R firmware 2.1.6 reencrypt Mar 28, 2019
MD-760 added MD-760 and DM-1801 firmware stripping/decryption/reencryption Apr 2, 2019
Radioddity_GD-77 @ 2aba995
Radioddity_GD-77S GD-77S V1.2.0 firmware stripping Mar 7, 2019
.gitmodules
README.md
disclaimer.txt

README.md

GD-77, GD-77S, RD-5R, MD-760 and DM-1801

GD-77, GD-77S, RD-5R, MD-760 and DM-1801 reverse engineering

Details

"Radioddity_GD-77" contains the original encrypted GD-77 firmware files collected by Roger Clark (https://github.com/rogerclarkmelbourne/Radioddity_GD-77.git) as they also are or have been available on the manufacturers web site.

"Radioddity_GD-77S" contains original encrypted GD-77S firmware files as they also are or have been available on the manufacturers web site.

"Baofeng_RD-5R" contains original encrypted RD-5R firmware files as they also are or have been available on the manufacturers web site.

"MD-760" contains original encrypted MD-760 firmware files as they also are or have been available on the manufacturers web site.

"DM-1801" contains original encrypted DM-1801 firmware files as they also are or have been available on the manufacturers web site.

"GD-77_firmware_stripper" contains the source for the firmware stripping tool. It removes the header and seperates the raw encrytped firmware data as it is transfered by the uploader.

"GD-77_firmware_stripper_workdir" contains the executable and the batch. Run it to receive the results.

"GD-77_firmware_find_shift" searches for the firmware file decryption shift values.

"GD-77_firmware_find_shift_workdir" contains the executable and the batch. Run it to receive the results.

"GD-77_firmware_decrypt_encrypt" contains the source for the firmware decrypt/encrypt tool. It uses a keyfile and a sequence entry point for XORing and applies an additional XOR/negate/rotate step and with that decrypts or encrypts a firmware file.

"GD-77_firmware_decrypt_encrypt_workdir" contains the executable and the batch. Run it to receive the results.

"GD-77_recreate_uploadable_firmware" contains the toolchain to recreate an uploadable firmware file. It takes a decrypted (and maybe patched) firmware file, encrypts it again and copyies the original header in front. The result is an uploadable firmware file.

"GD-77_flash_readout" contains patched firmware and tools to get a flush flash readout.

"GD-77_cpu-id_calc" contains tools to calculate the data necessary to patch "full_flash.dat" so that the bootloader and the main application survive their CPU-UID checks.

"GD-77_MCUXpresso" contains the MCUXpresso projects.

Experimental only

"GD-77_new_firmware" contains the MCUXpresso project and the tools that will lead to a new GD-77 firmware written from scratch.

You can’t perform that action at this time.