SplashTop resources
Hacking ExpressGate (Asus Splashtop) (Phoronix)- Splashtop on USB stick (Phoronix)
- Asus ExpressGate SSD Hacking (SierraSoftworks)
DFI image file format:
48-byte header
- 16-char string: _DeviceVM Inc._\0
- 8-char datestamp
- 8 bytes unknown
- 16 bytes unknown
00000000 5f 44 65 76 69 63 65 56 4d 20 49 6e 63 2e 5f 00 |_DeviceVM Inc._.| 00000010 32 30 30 39 30 37 33 30 01 04 0a 08 72 5c 6a 6f |20090730....r\jo| 00000020 98 e6 c0 b2 7c 69 90 fd 87 23 d6 10 c2 48 84 32 |.æÀ²|i.ý.#Ö.ÂH.2|
- MBR-partitioned disk image
- FAT16 filesystem
CE.CEX format:
Weird. Looks like a debian archive, but it's not. More specifically, it appears to be a debian archive header that's been overwritten with other values in certain places:
64-byte header with overwrite at 0x10-0x13 and 0x30-0x37, with the actual data payload starting at 0x40 instead of 0x44
0x10-0x13 contains the hex value '27 5b c9 47', or '[EG in ascii
The useful bits are at offset 0x30-0x37, two little-endian encoded int32 sizes (including headers), representing the sizes of the two chunks in the file:
First chunk is a 64-byte header (since it includes the file header) and a tar.gz
Second chunk is an empty debian archive.