Repository files navigation

Fujihack is a research project that aims to reverse-engineer Fujifilm cameras in order to understand and improve the firmware.

Website •Wiki •Discord server

This codebase consists of:

• Firmware patches to read/write/exec over USB
• CLI tool to run code and dump memory over USB
• C header files documenting Fujifilm's RTOS API
• C header files with info & RAM/firmware stubs for each camera model
• POSIX, Graphics, and I/O APIs over Fujifilm's RTOS API
• Video record limit mod, button remapping
• Frontier, the UI and module/scripting system
• Anything else needed to gaininteroperability

• Currently, the only way to run Fujihack is with a patched firmware.
• Although the patcher has been thoroughly tested, custom firmware isalways dangerous and can cause damage.
• There is a way to recover bricked devices (SoC boot ROM) but it hasn't been reverse-engineered yet.

Aweb based patcher has been written for this project. It has the ability to unpack, inject, patch, repack, and downgrade firmware. It assembles patches in browser and applies them in the firmware.

The most notable patch is thePTP/USB debugger, which has been ported to the XF1 and X-A2.

The debugger firmware patch adds read/write/exec abilities to the PTP code in firmware.

Compiling it requiresarm-none-eabi-gcc andlibusb-v1.0.

Enter theminimal/ directory. The makefile accepts amodel argument, which can be defined by placing a config.mak at the top directory, or with CLI:

make hack.bin model=xa2_130

That target will compilehack.bin, which is the bare ARM binary that is sent over by USB to the camera. Thehack target can be used to compile, and then send code to the camera with the CLI utility.

And remember...
If you break it, you get to keep both pieces.

Copyright 2021-2024 FujiHack by Daniel C and contributors
FujiHack is licenced under the GNU General Public License v3.0