Hi,
I have tried this with all vendor firmware files for the Huawei E970/B970 I could find:
./extract-firmware.sh /tmp/original.bin /tmp/extracted
./build-firmware.sh /tmp/extracted
I have not changed the extracted firmware, neither *.img nor the filesystem.
But the resulting new-firmware.bin differs from the original. The CRCs are different, and there are numerous differences in the filesystem. The vendor's firmware uploader rejects the new firmware as invalid.
Binwalk reports:
original:
DECIMAL HEX DESCRIPTION
-------------------------------------------------------------------------------------------------------------------
92 0x5C TRX firmware header, little endian, header size: 28 bytes, image size: 182 bytes, CRC32: 0x1 flags/version: 0x30354345
274 0x112 TRX firmware header, little endian, header size: 28 bytes, image size: 172032 bytes, CRC32: 0xC9A46F4F flags/version: 0x10005
302 0x12E CramFS filesystem, little endian size 167936 version #2 sorted_dirs CRC 0x287a60a6, edition 0, 155 blocks, 143 files
new-firmware.bin
DECIMAL HEX DESCRIPTION
-------------------------------------------------------------------------------------------------------------------
92 0x5C TRX firmware header, little endian, header size: 28 bytes, image size: 182 bytes, CRC32: 0x6893E33 flags/version: 0x30354345
274 0x112 TRX firmware header, little endian, header size: 28 bytes, image size: 172032 bytes, CRC32: 0xC95A033E flags/version: 0x10005
302 0x12E CramFS filesystem, little endian size 167936 version #2 sorted_dirs CRC 0x29131798, edition 0, 155 blocks, 143 files
The CRC of the first header in the vendor's firmware always is 0x1.
What am I doing wrong?
Is this fmk's fault?
Or is this a trick to protect the (open source based) firmware?
P.S.: My computer runs Debian wheezy.
