Wireless Communications and Mobile Computing

Research Article

Determining the Image Base of ARM Firmware by Matching Function Addresses

Table 1

The experimental results.
ModelFileFunctionARM_LDRThumb_LDRALL_LDRMatchBaseTime (s)
ABB NETA-21uImage7549146112221167232260xC0008000233
Advantech_EKI-2748FI35513176735087981951130x40000041
Emerson TopWorx ES-03001ES-03001-1.ffd166821774402599840x1000FFD48
Pebbletintin_fw.bin1522031523152N/AN/A8
Phoenix 400 PND-4TX-IB2985563_321.fw68569867897107281870x20800F28116
Samsung gear fitwingtip_in.bin11619043344334N/AN/A99
Schneider 140CRA31200CRA31200_Com.bin7517139801378152843770x1000167
Schneider 140CRA31200140CRA31200_Master.bin7185138832176159503960x02001000180
Sony AS30 DVvmlinux.bin48387993175196762650xC001800080
Sony SBH52SBH52_firmware.bin2949415641568730x80400018