Hello!

I picked up an software bricked firewall from SonicWALL.
I opened it up and i saw that it used standard ATx Pc components, so i am wondering if it can be hacked to run custom firmware?

I have the standard hacking tools: Jtag, TTL, Serial etc. Can this be done? I tried to mount the flash card to my workstation but it won't. because it has some kind of bad blocks or something?
I have hocked it up to an videocard, please see the images!
I can provide all the information possible!!
The images are here:
http://imgur.com/a/1He14/embed

Kind Regards.

(Last edited by pappkopp on 10 Dec 2013, 23:55)

pappkopp,

I see an 80386 board, running some kind of FreeDOS, and the file 'FDXMS.SYS' seems to be corrupted.
Most probably, the flashcard got corrupted and needs te be replaced (and all software on it).

What model and type is the firewall?
Maybe original software is downloadable from (Dell) Sonicwall? You need to register.
What kind of BIOS is the system using?

Best thing:
- check if you can get original software.
- check (format) or replace flashcard.
- reinstall original software.

When you cannot find original firmware (SonicOS) at Sonicwall, you probably can install whatever you want on that machine, depends on what the BIOS detects at boot.

Otherwise install Linux on the machine, should be not that difficult. You can make this your NAS with those 4 Sata connections The BIOS seems to working fine, dont mess with that!

And, as i can see you can use videocard and keyboard, and there are USB ports.
Why you should need serial, JTAG or other communication with the board?

Hopefully you get it working again.

Regards, DG.

Hello DGDodo!

Tanks for your help

But i have already tried the standard things:

Best thing:
- check if you can get original software. (Can only find updates, got to research harder)
- check (format) or replace flashcard. (The original card is broken, or i cannot recover any data. I tried to mount it/ddrescue++
- reinstall original software.( I installed FreeDOS to a compact disk but it won't boot with other media than the orginal)

We can solve this :=)

Also read this thread: http://www.eevblog.com/forum/projects/s … -hacking!/

pappkopp,

Reading the other posts, there seems te be still alot of questions.
First you have to find out which kind of BIOS you have (i guess AMIBIOS), and gain access to it, see:
http://pcsupport.about.com/od/fixthepro … s_bios.htm

And this could also be another key combination to get access to you BIOS, i.e. Ctrl_B, ESC_x, etc etc, then mentioned in 'normal' AMIBIOS documentation because of the fact that this device is a secured firewall. Even 3 key combinations are possible!

You need to know your BIOS to get any further. What memory table is used, what are the offsets to specific hardware ROM code within the memory, after the BIOS did his job, etc etc.
And all of this stuff is managed by your BIOS, you have to get in.

There are tools on internet and see what kind, brand version BIOS you have.
Try that first, before removing any chips.

Another option is to remove the BIOS chip (AMIBIOS, 6140?) and see where it get stuck.

I would be more interested in the BIOS chip (in that squared socket).

You should get as much information as possible, before thinking of hardware hacking these kind of devices   It's always harder then you think (harder then your husband? -Zappa-).

Watching your pictures, and google, makes sense. That Nitrox chip could be the main CPU.
As i don't have any experience with these chips you have to search yourself more.

There also other chips, with heatsinks on them in your pics. This makes analyse of your device more difficult. You could try to remove those heatsinks, but probably you will not read anything on them after that. Or the codes were removed before placing the heatsink, or the removal of the heatsink will distroy the code on the chip.
Again some issues to keep in mind.

But most important, get into your bios! Then you can read out which devices are detected by the BIOS.

You wrote: 'I guess that the "Floppy disk" is under the genre of Compact flash disk?'
Why you think that? Floppies max = 2.5 MB your flashcard is 1 GB...
Reading that VIA pdf its most likely only the serial/parallel/MIDI/game/IR/floppy controller.

You installed FreeDOS on other card but it wont boot? Do other devices boot from that card?
Made that new flashcard bootable, like usb devices?
Tried to remove the flashcard and boot from USB, or boot from a HD to one of the sata connections?

Regards, DG.

PS. You need to know how computers work in general, before you can change things in computers.

Hello,
I had a SRA 4200 that not start..

Is there anybody that has the image of the CompactFlash??

I want to try to change the CF Image and try to boot

I don't think the Sonicwall flash cards are standard off shelf compact flash cards!

I've got a fully working SRA1600 and picked up another on eBay (spares/repair missing its CF card) so wanted to clone the Sonicwall 1Gb CF card to a Sandisk 1Gb CF card.

Like the original poster pappkopp, my known good Sonicwall CF isn't recognised by my Windows PC or Macboook but the Sandisk does and works fine.

I've tried booting the SRA with the blank Sandisk CF but it beeps several times and swicthes off.
I also tried putting the SRA into safemode (pin in the hole - whilch normally allowes you to restore firmware) and swapping the CF cards whilst the system was powered on, but the web interface locks up.

I've finally tried a couple of different CF cards with the same results, this is what make me think the CF cards arn't compatible - so can't be cloned.