Ricoh GR3(x) firmware reversing / hacking effort

[hhornbacher]

Hey Firmware Forum Community,
I wanted to share an exciting project I've been working on related to the Ricoh GRIII(x) camera. The goal is to find a way to run custom applications on the camera without altering its firmware, just like MagicLantern/CHDK does for Canon cameras.
The camera runs a customized Poky 2.2 on Linux kernel v4.4 and has various system daemons controlling its functions, along with a few custom libraries.
I've been diving deep into this project, analyzing the firmware image, building the kernel, and creating a Docker container for easy system and application testing. Started reverse engineering the webapid, sysmgrd, camctrld, and custom libraries is also underway.
Moving forward, I'll be focusing on getting the system up and running with mocked components, exploring the firmware update process, and investigating display output. I'm also on the lookout for potential vulnerabilities in order to inject own code or gain remote shell access.

To make my work more streamlined, I've set up dedicated Docker containers for kernel building, mocks, and running the firmware image rootfs.
I wanted to share this project with you all, as your insights and contributions would be valuable.
Looking forward to your thoughts and involvement.


Here's a link to the repository: https://github.com/hhornbacher/gr3x-fw-hack


Cheers,
Harry