Searching \ for '[OT]Help with some hex. (Challenge)' in subject line. ()
Make payments with PayPal - it's fast, free and secure! Help us get a faster server
FAQ page: massmind.org/techref/index.htm?key=help+with+hex+challenge
Search entire site for: 'Help with some hex. (Challenge)'.

Exact match. Not showing close matches.
PICList Thread
'[OT]Help with some hex. (Challenge)'
1997\12\11@121107 by Paul BRITTON

flavicon
face
Hi,

Can anyone help with this tricky problem.

I've been given a hex file, but wasn't told which processor
it is for, (it could be a PIC), I've tried an 8051 disassembler
but it's not 8051 code.

Any ideas?

It looks like this:
from 0000 -0FFFH contain just  0FFH
and then ...

:10100000A20000A2FF09A2FF0BA2FF08A2FF0AA2F2
:10101000EF06A28000A22000A72000FC2208D03505

This looks like a table of jumps.( Anyone know which processor
has 0A2H as a jump instruction?


:1010200088203B14F8A22000A62000FCA22000A7E4
:101030002000FC88203214F923F72407F8D524D5A2
:101040000D8B600506A28400525F0DA20003A20072
:1010500010A26F02A28103122423DF241C8B100034
:10106000B8D80DD818D8332202525E8EF7EDD41DB1
:10107000D933D918D90DD92488FFFF0F0588203B13
:1010800014F9D03572103672050572040972FC0A23
:1010900072401188203D14F92D4AE61288203E1432
:1010A000F92D52E60988203F14F92D42E2208820CC
:1010B0003D14224AF888203E142252F888203F141A
:1010C0002242F88821FF148801001F22FFEC8820AB
:1010D0002F1488002F1F22FFECEB8CF0DD3207AAC3
:1010E000F109D01AAAF10AD01B9E1B7802078000D2
:1010F00027200D24208200770411E273FB11E0DD2C
:10110000760411D9741E11E0D4F667F569F117F76A
:1011100067F11372FE070A8EF838770415097618FE

and it continues for another 60-70 lines.

1997\12\11@150656 by Andrew Mayo

flavicon
face
It looks awfully like 8080 or Z80 code, to be honest, though I could be
wrong.

{Quote hidden}

1997\12\11@150757 by Martin R. Green

flavicon
face
What you have is a classic Hex file.  It is simply a binary image that
has been converted into printable characters.  A lot of device
programmers work with this kind of file.

This description is completely from memory, so some of it might be a
little wrong.  Every line must start with ":10", followed by two
characters which define the number of bytes per line (10 hex in your
case, or 16 bytes per line).  Next comes 4 characters (I think) that
define the offset onto the binary image of the first byte defined by
this line, then the 16 bytes, and finally one byte for a checksum.
the very last line in the file must be a special EOF line, and will
start with ":00" instead of ":10", followed by some other stuff that I
forget right now (about 6 or eight characters).

Anyway, this file is just a printable character representation of a
binary image, and has no particular connection to any processor or
other device.  Hex<->Binary and Binary<->Hex converters are widely
available, but it is still going to take some detective work to figure
out the target processor.

CIAO - Martin.


On Thu, 11 Dec 1997 17:06:59 +0000, Paul BRITTON
<paul.brittonspamKILLspamMMSUK.CO.UK> wrote:

{Quote hidden}

<SNIP>

Martin R. Green
.....elimarKILLspamspam.....NOSPAMbigfoot.com

To reply, remove the NOSPAM from the return address.
Stamp out SPAM everywhere!!!

1997\12\11@153111 by John Payson

picon face
> It looks awfully like 8080 or Z80 code, to be honest, though I could be
> wrong.

If the opening part is a jump table (as was suggested) it would appear that
the processor stores jump addresses in big-endian format (MSB first).  If
memory serves, the Z80 and 8080 are little-endian, which would rule them
out.  Unfortunately, I just looked up the 68HC05 and 68HC11 and it doesn't
appear to be either of those, nor is it the 8x51.  Maybe a National Cop8
[running out of ideas...]

1997\12\11@153545 by jcp

flavicon
face
> I've been given a hex file, but wasn't told which processor
> it is for, (it could be a PIC), I've tried an 8051 disassembler
> but it's not 8051 code.

From a quick look, It doesn't look like a Z80/8080. T
he A2 is an INI (memory move and increment) instruction in Z80 assembler,
which the 8080 did not have,so it is not an 8080.
The absence of jumps C3 CD etc. would also indicate it is not from this
family.

The motorola CPU's have a jump table at the top of memory (from memory!), which
are just address words. Also motorola is Big Endian (MSB byte first), which
this could be......I just can't find a motorola book.

Hope this provides some help

Regards
John
EraseMEjcpspam_OUTspamTakeThisOuTintsol.com.au
Integration Solutions
702 Henley Rd
Kangaroo Ground  Vic 3097
Australia

1997\12\11@212852 by Andrew Mayo

flavicon
face
Don't .HEX files reverse the byte order for words?. I seem to recall
this is so, making a little-endian machine look big-endian and
vice-versa.

{Quote hidden}

1997\12\11@222742 by Walter Banks

picon face
I was expecting Andy Warren or John Payson or someone else
to come up with this one easily. No problem says I we have
written 80 assemblers in the last 15 years just grep the sources
for A2 and find out who uses it for a JMP. If that fails (it did)
we have a box of instruction cards many of which saw use with
very little silicon it has got to be one of those. Dump 'em out
on the conference room table, dust off a paper tape copy
(this box goes way back) of micro-chess, and micro-aid in the
layer above the IBM 1620 instruction card I went from the
extinct Signetics 2650 to the obsure Monolithic Memories 67110,
National SC/MP and at least 50 others, It isn't PDP11, M68K
Unless I missed somthing nobody uses the opcode A2 for a jump.

So there you have it folks A2 is available as patentable opcode
all of which does solve the question at hand.

BTW Paul are there any more clues

Walter Banks

----------
{Quote hidden}

1997\12\11@235245 by Andrew Mayo

flavicon
face
Therefore it is perhaps not a jump table. In fact looking at the
'addresses' attached to the opcodes it seems implausible that it is.
Interesting problem....

{Quote hidden}

1997\12\12@001959 by Don McKenzie

flavicon
face
A National Scamp??? An early PDP-11????
I doubt it very much Walter!!
It's really a lower case character generator I hand encoded in 1977 for
the TRS-80 model one that was burnt into a 2716 EPROM. We needed
descenders, and Radio Shack wouldn't provide, so we did it ourselves.
I'm pretty sure this is correct, so I'll check my old source code. ;)

Don...

Andrew Mayo wrote:
{Quote hidden}

> > Can anyone help with this tricky problem.
> > > I've been given a hex file, but wasn't told which processor
> > > it is for, (it could be a PIC), I've tried an 8051 disassembler
> > > but it's not 8051 code.
> > > :10100000A20000A2FF09A2FF0BA2FF08A2FF0AA2F2
> > > :10101000EF06A28000A22000A72000FC2208D03505
> > > This looks like a table of jumps.( Anyone know which processor
> > > has 0A2H as a jump instruction?

Don McKenzie  EraseMEdonspamspamspamBeGonedontronics.com   http://www.dontronics.com

Don's Download Dungeon http://www.dontronics.com/download.html
DonTronics Logo Design Contest http://www.dontronics.com/logo.html
For more details, send a blank message to RemoveMEinfoKILLspamspamdontronics.com
or simstickSTOPspamspamspam_OUTdontronics.com or spamBeGonebasicsSTOPspamspamEraseMEdontronics.com

1997\12\12@052919 by Keith Howell

flavicon
face
Once, out of curiousity, I read the EPROM of a commercial packet-radio TNC.
I was surprised to find no ASCII text in it. I suspected the data bit lines
had been jumbled up. There are two reasons to do this:

1. It obstructs people reverse engineering.
But anyone can do as I did and buzz the connections between the CPU (a 63B01)
and the EPROM bits. I wrote a tiny C program to read in the file, unjumble
the bits, and writie it back. Presto! Readable ASCII and program code.

2. It is convenient for circuit-board layout.
It's worth doing if it means the difference between single & double-sided PCBs.

If you don't have the original hardware, you'll have to experiment.
I think there are 8x7x6x5x4x3x2x1 = 40320 possible combinations.

If they were really sneaky, they could jumble address lines too!

1997\12\12@165647 by BobBuege

picon face
The problem might be more clear if you add punctuation in appropriate
locations as follows:

:10 1000 00 - A200 00A2 FF09 A2FF 0BA2 FF08 A2FF 0AA2 - F2
:10 1010 00 - EF06 A280 00A2 2000 A720 00FC 2208 D035 - 05
:10 1020 00 - 8820 3B14 F8A2 2000 A620 00FC A220 00A7 - E4
:10 1030 00 - 2000 FC88 2032 14F9 23F7 2407 F8D5 24D5 - A2
:10 1040 00 - 0D8B 6005 06A2 8400 525F 0DA2 0003 A200 - 72
:10 1050 00 - 10A2 6F02 A281 0312 2423 DF24 1C8B 1000 - 34
:10 1060 00 - B8D8 0DD8 18D8 3322 0252 5E8E F7ED D41D - B1
:10 1070 00 - D933 D918 D90D D924 88FF FF0F 0588 203B - 13
:10 1080 00 - 14F9 D035 7210 3672 0505 7204 0972 FC0A - 23
:10 1090 00 - 7240 1188 203D 14F9 2D4A E612 8820 3E14 - 32
:10 10A0 00 - F92D 52E6 0988 203F 14F9 2D42 E220 8820 - CC
:10 10B0 00 - 3D14 224A F888 203E 1422 52F8 8820 3F14 - 1A
:10 10C0 00 - 2242 F888 21FF 1488 0100 1F22 FFEC 8820 - AB
:10 10D0 00 - 2F14 8800 2F1F 22FF ECEB 8CF0 DD32 07AA - C3
:10 10E0 00 - F109 D01A AAF1 0AD0 1B9E 1B78 0207 8000 - D2
:10 10F0 00 - 2720 0D24 2082 0077 0411 E273 FB11 E0DD - 2C
:10 1100 00 - 7604 11D9 741E 11E0 D4F6 67F5 69F1 17F7 - 6A
:10 1110 00 - 67F1 1372 FE07 0A8E F838 7704 1509 7618 - FE

The first byte has no apparent meaning and is always 10h.
The next 2 bytes provide and address.
The fourth byte is always 1.
The next 16 bytes contain the data from the file.
The final byte is calculated so that the checksum of all bytes within a line
adds up to 0 (ignoring any carry to a high order byte).

Bob

In a message dated 97-12-11 12:48:58 EST, you write:

{Quote hidden}

1997\12\13@160956 by BobBuege

picon face
Subj:   Re: [OT]Help with some hex. (Challenge)
Date:   12/12/97
To:     KILLspamPICLISTspamBeGonespamMITVMA.MIT.EDU

The problem might be more clear if you add punctuation in appropriate
locations as follows:

:10 1000 00 - A200 00A2 FF09 A2FF 0BA2 FF08 A2FF 0AA2 - F2
:10 1010 00 - EF06 A280 00A2 2000 A720 00FC 2208 D035 - 05
:10 1020 00 - 8820 3B14 F8A2 2000 A620 00FC A220 00A7 - E4
:10 1030 00 - 2000 FC88 2032 14F9 23F7 2407 F8D5 24D5 - A2
:10 1040 00 - 0D8B 6005 06A2 8400 525F 0DA2 0003 A200 - 72
:10 1050 00 - 10A2 6F02 A281 0312 2423 DF24 1C8B 1000 - 34
:10 1060 00 - B8D8 0DD8 18D8 3322 0252 5E8E F7ED D41D - B1
:10 1070 00 - D933 D918 D90D D924 88FF FF0F 0588 203B - 13
:10 1080 00 - 14F9 D035 7210 3672 0505 7204 0972 FC0A - 23
:10 1090 00 - 7240 1188 203D 14F9 2D4A E612 8820 3E14 - 32
:10 10A0 00 - F92D 52E6 0988 203F 14F9 2D42 E220 8820 - CC
:10 10B0 00 - 3D14 224A F888 203E 1422 52F8 8820 3F14 - 1A
:10 10C0 00 - 2242 F888 21FF 1488 0100 1F22 FFEC 8820 - AB
:10 10D0 00 - 2F14 8800 2F1F 22FF ECEB 8CF0 DD32 07AA - C3
:10 10E0 00 - F109 D01A AAF1 0AD0 1B9E 1B78 0207 8000 - D2
:10 10F0 00 - 2720 0D24 2082 0077 0411 E273 FB11 E0DD - 2C
:10 1100 00 - 7604 11D9 741E 11E0 D4F6 67F5 69F1 17F7 - 6A
:10 1110 00 - 67F1 1372 FE07 0A8E F838 7704 1509 7618 - FE

The first byte has no apparent meaning and is always 10h.
The next 2 bytes provide and address.
The fourth byte is always 1.
The next 16 bytes contain the data from the file.
The final byte is calculated so that the checksum of all bytes within a line
adds up to 0 (ignoring any carry to a high order byte).

Bob

In a message dated 97-12-11 12:48:58 EST, you write:

{Quote hidden}

1997\12\15@025014 by ruben

flavicon
face
Bob Buege wrote:

> The problem might be more clear if you add punctuation in appropriate
> locations as follows:
>
> :10 1000 00 - A200 00A2 FF09 A2FF 0BA2 FF08 A2FF 0AA2 - F2
> :10 1010 00 - EF06 A280 00A2 2000 A720 00FC 2208 D035 - 05
-snip-
> The first byte has no apparent meaning and is always 10h.

 The first byte is a hexadecimal byte count of how many bytes of
 data this line contains

> The next 2 bytes provide and address.
> The fourth byte is always 1.

 The fourth byte is a 'record type' identifier. 0 = normal data,
 1 = End of file record.

> The next 16 bytes contain the data from the file.
> The final byte is calculated so that the checksum of all bytes within a line
> adds up to 0 (ignoring any carry to a high order byte).
>
> Bob

------------------------------------
Ruben Jšnsson
AB Liros Elektronik
Box 9124
200 39 Malmš, Sweden
Tel:  +46 40 14 20 78
Mail: EraseMErubenspamEraseMEsbbs.se
------------------------------------

1997\12\15@031753 by Eric Smith

flavicon
face
BobBuege <@spam@BobBuege@spam@spamspam_OUTAOL.COM> writes about an Intel Hex format file.
> The first byte has no apparent meaning and is always 10h.

It is the number of data bytes in the line.  Records can be shorter (or
longer) than 16 bytes.

Cheers,
Eric

More... (looser matching)
- Last day of these posts
- In 1997 , 1998 only
- Today
- New search...