Saturday, January 8, 2011

We came across the proceedings of the 27C3 Chaos Communications Congress held at Berlin Germany; which can easily be considered at the heaven for the Hackers. Innovators Nathan Fain and Vadik presented their topic JTAG/Serial/FLASH/PCB Embedded Reverse Engineering Tools and Techniques.


Its of for-most importance to any one looking out to modify and alter the functionality of the Embedded devices. This also helps to understand what is called as the "Leaky Abstractions" which applies to security flaws seen in software and hardware alike.
The presenters here discuss about various types of techniques that can be used to find the debug interfaces such as Serial (UARTs), JTAG and also reprogramming of the Flash. They also dive into some of the intuitive techniques that are used by Hardware hackers to find out missing parts that can help enhance functionality and alter the use for Artistic purposes. And guess what we go gaga about Arduino again. Its simple and most used in all the presentation. With some minor alternations the Arduino becomes the hacker tool to reverse engineer the hardware. In specific one of the clones used is Teensy++ which is Modified for 3.3V to be used for the sniffing purpose. A great big cache of know how and lots of exciting finds have a look at the links.
To find the Presented material at the Conference here is Link:
https://events.ccc.de/congress/2010/Fahrplan/events/4011.en.html
The Detailed Wiki page containg explanation of the Hacks used is given in following Link:
http://events.ccc.de/congress/2010/wiki/Embedded_Analysis

Some of the Important Tools:
1. RS232enum is a Arduino based program that can be used to scan and find serial on 30+ pins, vias (through-holes) and pads. Load the sketch onto Arduino and then open a serial console at 115200 buad to interface to this tool.
2. JTAGenum (code, further documentation) can be used to find JTAG amongst a set of 30+ pins, vias or pads. The standard JTAG instructions (IDCODE, BYPASS) are used to scan for pins.
3. Parallel Flash Dumper used to extract the entire Hex code from a given Flash chip through CFI. The hardware is quite simple and made by breadboarding some shift registers drawn in Fritzing.
4. DePCB an PCB reverse engineering tool that is used to make a net list of the given PCB with the available images. Its presently available only for 2 layers but the team has a plan using Heat Signatures to make it for multiple layers.

Apart from this there is lots of info on the wiki page for you to ponder on and gain access to your own next embedded device. Best of luck Hacking !!

{ 1 Discuss... read them below or add one }

  1. This is a nice informational posting about embedded training and courses. Thanks for sharing this important post with us. Keep it on...

    Visit here for best Embedded Engineering Course at affordable way.

    ReplyDelete

Welcome to Boseji's Blog

Popular Post

Blogger templates

Welcome

Creation by Electronics Hobbyists from Bharat(India) to encourage & help people. This blog hosts the numerous innovations, discoveries and projects we provide.
Our Research Wing Adhar Labs
Contact Form | Email Address
We Support Open Source Hardware Definition v1.0
Creative Commons License
All works on this blog are licensed under a
Creative Commons Attribution-ShareAlike 3.0 Unported License.
Based on a work at forbharat.wordpress.com and m8051.blogspot.com.

Permissions beyond the scope of this license may be available at http://forbharat.wordpress.com/permissions/.
Thank you for all your support.

© A.D.H.A.R Labs Research 2008-2013 . Powered by Blogger.

Follow by Email

Followers

PCB Unit Converter

mils
mm

- Copyright © Electronics for Bharat -Robotic Notes- Powered by Blogger - Designed by Johanes Djogan -