[Tfug] OT: driver reverse engineering

Bexley Hall bexley401 at yahoo.com
Wed Oct 7 17:06:23 MST 2009


Hi Zack,

> > I need to reverse engineer the interface to a touch panel.
> > I have a copy of a NT executable that "works".  But, I
> > am clueless as to how to use "DOS" tools to peek at what
> > is going on inside the "driver".
> 
> What kind of interface is there between the device and the
> system?

I haven't completely disassembled the thing, yet.  It's an
older piece of medial equipment (I think MRI or XRAY) so
everything is "custom".  Made in Japan.  None of the
names in the driver EXE are recognizable as "typical"
firms so it was probably commissioned as a special by
the manufacturer (runs under NT4, IIRC)

> That's where I'd look - for example, there are a whole lot
> of USB traffic sniffers that can dump just the traffic between
> your device and the rest of the system.

Predates USB.  It will either be EIA232 (hopefully) or
some really custom interface (e.g., a pair of A/DC's on
some IO ports).

I'll try to take it apart (without breaking it in the process)
and see what goes where.  Maybe drag out the logic analyzer
and let it watch what's happening on the interface while I
poke at it.

I figured digging through the binary would be more revealing as
it may cover "special cases" that might not happen in my
limited empirical testing...

--don


      




More information about the tfug mailing list