Currently, i know how to extract only two parts of firmware (linux rootfs image and jffs2 partition used by it).
Delivered as .blr file (example: Sagem3202_2402E2.blr)
It's 256 bytes long header and standard cramfs image:
Red part is cramfs image size (also, included in cramfs header by itself).
Green part is crc32A hash(1) of cramfs image(it's in reversed order - for "01 02 03 04" it would be "04 03 02 01"),
Purple is release description.
After it comes cramfs image.
You need cramfs tools
# dd if=Sagem3202_2402E2.blr of=a.bin skip=1 ibs=256 # cramfsck -x ./1 ./a.bin
# mkcramfs ./1 ./mfi.bin # dd if=Sagem3202_2402E2.blr of=header.bin count=1 ibs=256 # cat header.bin mfi.bin > mfi.blr
After performing these steps it's needed to fix cramfs size and checksum manually in header of mfi.blr file(using hex editor).
Delivered as .blj file (example: Sagem3202_2402E2.blj)
It seems to be standard jffs2 image mountable with avialable tools.
1.Sample code for generating hash:
<?php echo hash_file('crc32', 'file.bin'); ?>