by redirecting traffic to burpsuite I intercepted a call to download the firmware
GET /windsor/074.09E08061A HTTP/1.1
Connection: close
Host: firmware.roku.com
User-Agent: Roku/DVP-4.9 (074.09E08022A)
you too can download it here: http://firmware.roku.com/windsor/074.09E08061A
so now I have a 41M file which, using strings, begins "imgARMcC" and
has interesting things like "BCM95001" and "Starting ARM with %dMB
ARM clock speed at %dMHz **** failed to power up the USB interface" in it.
GET /windsor/074.09E08061A HTTP/1.1
Connection: close
Host: firmware.roku.com
User-Agent: Roku/DVP-4.9 (074.09E08022A)
you too can download it here: http://firmware.roku.com/windsor/074.09E08061A
so now I have a 41M file which, using strings, begins "imgARMcC" and
has interesting things like "BCM95001" and "Starting ARM with %dMB
ARM clock speed at %dMHz **** failed to power up the USB interface" in it.
Last edited: