Well, IF there are ONLY 15 pads (I could not make out any on the scans, where the heck are they?), you can probably reduce them to about 10 with signal level tests, so there are only about 110 or 1000 possibilities to go, depending what scheme you use. That's done withing a few seconds using that JTAG finder. Who has a dissected nano to try it out? ;)
JD schrieb: > Of course there is a way to put binaries on the devices but I don't > think we can find how without the original documentation, mainly > because: > > 1. There is no proof that JTAG is used here. > Only the ARM got a JTAG interface on our board and the main JTAG > feature is daisy chaining multiple chips on a single bus. Maybe the > in2g is initially programmed by an other protocol / bus, even by an > homemade simple serial bus. > But okay if I have to bet I choose JTAG. > > 2. The JTAG pins aren't clearly defined, that doesn't mean there are > no pins on our board but maybe the pins are one of the many board pads > ( approximatly 15 pads and 4 JTAG pins -> impossible to guess even > with signal level tests (maybe I'm wrong but even if it's possible > this will take a very very long time)). > > I really think there is no hope about JTAG without proper schematics / > boards layout. > > JD. > > On 04/10/2007, MsTiFtS <[EMAIL PROTECTED]> wrote: > >> I doubt there are JTAG pins anywhere accessible on the board. I am >> wondering how they loaded the initial code to these devices, but I can't >> see any way to do this except before the chips where soldered to the >> boards. There is simply nothing on this board you cold make a quick >> connection to except the dock port, but I doubt that JTAG is in there >> somewhere. That JTAG finder just helps to get the pinout if you have a >> dozen touchpoints on the board. Whe have the exact opposite problem: >> Nothing to hook up to. (Well, at least nothing I can see on the various >> PCB scans, I didn't get my fingers on a dissected iPod yet.) >> >> mat h schrieb: >> >>> http://www.c3a.de/wiki/index.php/JTAG_Finder ? >>> >>> On 9/28/07, *mat h* < [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> wrote: >>> >>> just an idea what chip is the ram? Alot of chips have debugging >>> pins on them ( JTAG etc) does the ram chip? >>> >>> >>> On 9/28/07, *Jeremy Prater* < [EMAIL PROTECTED] >>> <mailto:[EMAIL PROTECTED]>> wrote: >>> >>> Hmmm, im going to stop my hunt then, I searched 19% of the >>> keyspace, but it sounds like im wasting time here. Has anyone >>> had any luck or ideas on how to dump the 256mbit/ 8meg ram? >>> Ive got no ideas on even trying to get the ram out of there. >>> Hehe except with a hammer... ok later im going to keep at it. >>> -- Jeremy >>> >>> -----Original Message----- >>> From: Emmanuel Fleury [mailto:[EMAIL PROTECTED] >>> <mailto:[EMAIL PROTECTED]>] >>> Sent: Thursday, September 27, 2007 10:20 PM >>> To: Hardware and developpement mailing list. >>> Subject: Re: [Linux4nano-dev] Update to rc4 key search >>> (optimized) >>> >>> mat h wrote: >>> > ok, just give me a bell if you need cpu power. >>> > >>> > Anyway what makes you so sure that the key is RC4? >>> >>> It's not. We have some good clues against it. >>> >>> Comparing several consecutive encrypted firmwares show us that >>> the same >>> key is used each time. >>> >>> In the case of an RC4 (or any stream cipher scheme), it would >>> mean that >>> we could have some statistical properties poping out when >>> XORing of two >>> encrypted firmwares (namely we should see something similar to >>> the >>> statistical property of an ARM binary... As Serpilliere did >>> mention it, >>> ARM binaries have very specific statistical properties (on the >>> 'command' >>> part)). >>> >>> We tried and nothing came out from this, which means that it's >>> very >>> likely a block cipher scheme (with a fixed key). >>> >>> Regards >>> -- >>> Emmanuel Fleury >>> >>> I do not fear computers. I fear the lack of them. >>> -- Isaac Asimov >>> >>> >>> >>> >>> _______________________________________________ >>> Linux4nano-dev mailing list >>> [email protected] <mailto:[email protected]> >>> https://mail.gna.org/listinfo/linux4nano-dev >>> http://www.linux4nano.org >>> >>> >>> >>> >>> -- >>> We explore... and you call us criminals. >>> We seek after knowledge... and you call us criminals. >>> We exist without skin color, without nationality, without >>> religious bias... and you call us criminals. >>> You build atomic bombs, you wage wars, you murder, cheat, and lie >>> to us and try to make us believe it's for our own good... >>> ....yet we're the criminals. >>> >>> ____________WAUSHARE ROX ______________ >>> Join the dark side we've got cheese >>> Annoying people since 1992 >>> If you hate me, I love you too. It ain't my fault I'm better than you >>> Save Water, Drink Beer >>> God Made Women First, Then He Had A Better Idea. >>> If Barbie is soo popular...how come you have to buy her friends? >>> Don't play stupid with me... I'm better at it! >>> You were so cute when you were a baby...What happened? >>> My folks were always asking me to wear underpants. What am I, the >>> pope? >>> I'm calling the police!... Right after I flush some tings. >>> Join the army, see the world, meet interesting people, and kill them. >>> >>> >>> >>> >>> -- >>> We explore... and you call us criminals. >>> We seek after knowledge... and you call us criminals. >>> We exist without skin color, without nationality, without religious >>> bias... and you call us criminals. >>> You build atomic bombs, you wage wars, you murder, cheat, and lie to >>> us and try to make us believe it's for our own good... >>> ....yet we're the criminals. >>> >>> ____________WAUSHARE ROX ______________ >>> Join the dark side we've got cheese >>> Annoying people since 1992 >>> If you hate me, I love you too. It ain't my fault I'm better than you >>> Save Water, Drink Beer >>> God Made Women First, Then He Had A Better Idea. >>> If Barbie is soo popular...how come you have to buy her friends? >>> Don't play stupid with me... I'm better at it! >>> You were so cute when you were a baby...What happened? >>> My folks were always asking me to wear underpants. What am I, the pope? >>> I'm calling the police!... Right after I flush some tings. >>> Join the army, see the world, meet interesting people, and kill them. >>> ------------------------------------------------------------------------ >>> >>> _______________________________________________ >>> Linux4nano-dev mailing list >>> [email protected] >>> https://mail.gna.org/listinfo/linux4nano-dev >>> http://www.linux4nano.org >>> >> _______________________________________________ >> Linux4nano-dev mailing list >> [email protected] >> https://mail.gna.org/listinfo/linux4nano-dev >> http://www.linux4nano.org >> >> > > _______________________________________________ > Linux4nano-dev mailing list > [email protected] > https://mail.gna.org/listinfo/linux4nano-dev > http://www.linux4nano.org > > _______________________________________________ Linux4nano-dev mailing list [email protected] https://mail.gna.org/listinfo/linux4nano-dev http://www.linux4nano.org
