Come on, building programmers is a lot easier than building that JTAG finder and these Mega32s aren't that expensive...
mat h schrieb: > If I had an ATMega32 and a prgrammer for it I would attempt building > one but since I dont I wont. ;( > > On 10/5/07, *MsTiFtS* < [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> wrote: > > Sorry, I have neither a dissected iPod nor an ATMega32 lying > around here :( > In the presentation they stated that they found the JTAG ones out > of 30 > pads in a few hours using that finder. With 15 pins it will take > 1/8 of > the time. If can rule out a bunch of pads because they are tightly > connected to ground or VCC (not pullable through 330R resistors), you > can probably reduce the pad count to about 10 pads. That's 1/27 of the > time they needed for their 30 pins. So I think it's worth a try, > but as > I said, I won't open my nano to do that. If I manage to get one with a > broken display/battery/etc. I'll do it. > > JD schrieb: > > I read the paper long ago and I continue to think it's too > difficult > > but if you want to try... be my guest :) > > > > JD. > > > > On 05/10/2007, MsTiFtS <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> > wrote: > > > >> You only need to find the first 3 pins, if you have got these > you'll see > >> what the 4th is. > >> And with level tests, you can simply rule out all these VCC and > GND pins > >> and further reduce the number of pins you need to test. > >> Have a closer look at the PDF presentation of the JTAG finder > site, it's > >> all described there. > >> > >> JD schrieb: > >> > >>> I take a look on that JTAG finder, it's a good tool to find > out JTAG > >>> pins when you know where the pins are (but you don't know pin > order). > >>> The problem with level test is other chips may got the same level > >>> characteristcs than a JTAG signal. > >>> And there a permutation of 4 pins in 15 pads is more around > 30000 possibilities. > >>> > >>> JD. > >>> > >>> On 05/10/2007, MsTiFtS <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > >>> > >>> > >>>> Well, IF there are ONLY 15 pads (I could not make out any on > the scans, > >>>> where the heck are they?), you can probably reduce them to > about 10 with > >>>> signal level tests, so there are only about 110 or 1000 > possibilities to > >>>> go, depending what scheme you use. That's done withing a few > seconds > >>>> using that JTAG finder. Who has a dissected nano to try it > out? ;) > >>>> > >>>> JD schrieb: > >>>> > >>>> > >>>>> Of course there is a way to put binaries on the devices but > I don't > >>>>> think we can find how without the original documentation, mainly > >>>>> because: > >>>>> > >>>>> 1. There is no proof that JTAG is used here. > >>>>> Only the ARM got a JTAG interface on our board and the main > JTAG > >>>>> feature is daisy chaining multiple chips on a single bus. > Maybe the > >>>>> in2g is initially programmed by an other protocol / bus, > even by an > >>>>> homemade simple serial bus. > >>>>> But okay if I have to bet I choose JTAG. > >>>>> > >>>>> 2. The JTAG pins aren't clearly defined, that doesn't mean > there are > >>>>> no pins on our board but maybe the pins are one of the many > board pads > >>>>> ( approximatly 15 pads and 4 JTAG pins -> impossible to > guess even > >>>>> with signal level tests (maybe I'm wrong but even if it's > possible > >>>>> this will take a very very long time)). > >>>>> > >>>>> I really think there is no hope about JTAG without proper > schematics / > >>>>> boards layout. > >>>>> > >>>>> JD. > >>>>> > >>>>> On 04/10/2007, MsTiFtS <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > >>>>> > >>>>> > >>>>> > >>>>>> I doubt there are JTAG pins anywhere accessible on the > board. I am > >>>>>> wondering how they loaded the initial code to these > devices, but I can't > >>>>>> see any way to do this except before the chips where > soldered to the > >>>>>> boards. There is simply nothing on this board you cold make > a quick > >>>>>> connection to except the dock port, but I doubt that JTAG > is in there > >>>>>> somewhere. That JTAG finder just helps to get the pinout if > you have a > >>>>>> dozen touchpoints on the board. Whe have the exact opposite > problem: > >>>>>> Nothing to hook up to. (Well, at least nothing I can see on > the various > >>>>>> PCB scans, I didn't get my fingers on a dissected iPod yet.) > >>>>>> > >>>>>> mat h schrieb: > >>>>>> > >>>>>> > >>>>>> > >>>>>>> http://www.c3a.de/wiki/index.php/JTAG_Finder > <http://www.c3a.de/wiki/index.php/JTAG_Finder> ? > >>>>>>> > >>>>>>> On 9/28/07, *mat h* < [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>>> wrote: > >>>>>>> > >>>>>>> just an idea what chip is the ram? Alot of chips have > debugging > >>>>>>> pins on them ( JTAG etc) does the ram chip? > >>>>>>> > >>>>>>> > >>>>>>> On 9/28/07, *Jeremy Prater* < [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > >>>>>>> <mailto: [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>>> wrote: > >>>>>>> > >>>>>>> Hmmm, im going to stop my hunt then, I searched > 19% of the > >>>>>>> keyspace, but it sounds like im wasting time here. > Has anyone > >>>>>>> had any luck or ideas on how to dump the 256mbit/ > 8meg ram? > >>>>>>> Ive got no ideas on even trying to get the ram out > of there. > >>>>>>> Hehe except with a hammer... ok later im going to > keep at it. > >>>>>>> -- Jeremy > >>>>>>> > >>>>>>> -----Original Message----- > >>>>>>> From: Emmanuel Fleury [mailto: [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > >>>>>>> <mailto:[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>] > >>>>>>> Sent: Thursday, September 27, 2007 10:20 PM > >>>>>>> To: Hardware and developpement mailing list. > >>>>>>> Subject: Re: [Linux4nano-dev] Update to rc4 key search > >>>>>>> (optimized) > >>>>>>> > >>>>>>> mat h wrote: > >>>>>>> > ok, just give me a bell if you need cpu power. > >>>>>>> > > >>>>>>> > Anyway what makes you so sure that the key is RC4? > >>>>>>> > >>>>>>> It's not. We have some good clues against it. > >>>>>>> > >>>>>>> Comparing several consecutive encrypted firmwares > show us that > >>>>>>> the same > >>>>>>> key is used each time. > >>>>>>> > >>>>>>> In the case of an RC4 (or any stream cipher > scheme), it would > >>>>>>> mean that > >>>>>>> we could have some statistical properties poping > out when > >>>>>>> XORing of two > >>>>>>> encrypted firmwares (namely we should see > something similar to > >>>>>>> the > >>>>>>> statistical property of an ARM binary... As > Serpilliere did > >>>>>>> mention it, > >>>>>>> ARM binaries have very specific statistical > properties (on the > >>>>>>> 'command' > >>>>>>> part)). > >>>>>>> > >>>>>>> We tried and nothing came out from this, which > means that it's > >>>>>>> very > >>>>>>> likely a block cipher scheme (with a fixed key). > >>>>>>> > >>>>>>> Regards > >>>>>>> -- > >>>>>>> Emmanuel Fleury > >>>>>>> > >>>>>>> I do not fear computers. I fear the lack of them. > >>>>>>> -- Isaac Asimov > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> _______________________________________________ > >>>>>>> Linux4nano-dev mailing list > >>>>>>> [email protected] > <mailto:[email protected]> <mailto:[email protected] > <mailto:[email protected]>> > >>>>>>> https://mail.gna.org/listinfo/linux4nano-dev > >>>>>>> http://www.linux4nano.org > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> -- > >>>>>>> We explore... and you call us criminals. > >>>>>>> We seek after knowledge... and you call us criminals. > >>>>>>> We exist without skin color, without nationality, without > >>>>>>> religious bias... and you call us criminals. > >>>>>>> You build atomic bombs, you wage wars, you murder, > cheat, and lie > >>>>>>> to us and try to make us believe it's for our own good... > >>>>>>> ....yet we're the criminals. > >>>>>>> > >>>>>>> ____________WAUSHARE ROX ______________ > >>>>>>> Join the dark side we've got cheese > >>>>>>> Annoying people since 1992 > >>>>>>> If you hate me, I love you too. It ain't my fault I'm > better than you > >>>>>>> Save Water, Drink Beer > >>>>>>> God Made Women First, Then He Had A Better Idea. > >>>>>>> If Barbie is soo popular...how come you have to buy > her friends? > >>>>>>> Don't play stupid with me... I'm better at it! > >>>>>>> You were so cute when you were a baby...What happened? > >>>>>>> My folks were always asking me to wear underpants. > What am I, the > >>>>>>> pope? > >>>>>>> I'm calling the police!... Right after I flush some tings. > >>>>>>> Join the army, see the world, meet interesting people, > and kill them. > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> -- > >>>>>>> We explore... and you call us criminals. > >>>>>>> We seek after knowledge... and you call us criminals. > >>>>>>> We exist without skin color, without nationality, without > religious > >>>>>>> bias... and you call us criminals. > >>>>>>> You build atomic bombs, you wage wars, you murder, cheat, > and lie to > >>>>>>> us and try to make us believe it's for our own good... > >>>>>>> ....yet we're the criminals. > >>>>>>> > >>>>>>> ____________WAUSHARE ROX ______________ > >>>>>>> Join the dark side we've got cheese > >>>>>>> Annoying people since 1992 > >>>>>>> If you hate me, I love you too. It ain't my fault I'm > better than you > >>>>>>> Save Water, Drink Beer > >>>>>>> God Made Women First, Then He Had A Better Idea. > >>>>>>> If Barbie is soo popular...how come you have to buy her > friends? > >>>>>>> Don't play stupid with me... I'm better at it! > >>>>>>> You were so cute when you were a baby...What happened? > >>>>>>> My folks were always asking me to wear underpants. What am > I, the pope? > >>>>>>> I'm calling the police!... Right after I flush some tings. > >>>>>>> Join the army, see the world, meet interesting people, and > kill them. > >>>>>>> > ------------------------------------------------------------------------ > >>>>>>> > >>>>>>> _______________________________________________ > >>>>>>> Linux4nano-dev mailing list > >>>>>>> [email protected] <mailto:[email protected]> > >>>>>>> https://mail.gna.org/listinfo/linux4nano-dev > >>>>>>> http://www.linux4nano.org > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>> _______________________________________________ > >>>>>> Linux4nano-dev mailing list > >>>>>> [email protected] <mailto:[email protected]> > >>>>>> https://mail.gna.org/listinfo/linux4nano-dev > >>>>>> http://www.linux4nano.org <http://www.linux4nano.org> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>> _______________________________________________ > >>>>> Linux4nano-dev mailing list > >>>>> [email protected] <mailto:[email protected]> > >>>>> https://mail.gna.org/listinfo/linux4nano-dev > >>>>> http://www.linux4nano.org > >>>>> > >>>>> > >>>>> > >>>>> > >>>> _______________________________________________ > >>>> Linux4nano-dev mailing list > >>>> [email protected] <mailto:[email protected]> > >>>> https://mail.gna.org/listinfo/linux4nano-dev > <https://mail.gna.org/listinfo/linux4nano-dev> > >>>> http://www.linux4nano.org > >>>> > >>>> > >>>> > >>> _______________________________________________ > >>> Linux4nano-dev mailing list > >>> [email protected] <mailto:[email protected]> > >>> https://mail.gna.org/listinfo/linux4nano-dev > >>> http://www.linux4nano.org > >>> > >>> > >>> > >> _______________________________________________ > >> Linux4nano-dev mailing list > >> [email protected] <mailto:[email protected]> > >> https://mail.gna.org/listinfo/linux4nano-dev > >> http://www.linux4nano.org > >> > >> > > > > _______________________________________________ > > Linux4nano-dev mailing list > > [email protected] <mailto:[email protected]> > > https://mail.gna.org/listinfo/linux4nano-dev > > http://www.linux4nano.org > > > > > > > _______________________________________________ > Linux4nano-dev mailing list > [email protected] <mailto:[email protected]> > https://mail.gna.org/listinfo/linux4nano-dev > http://www.linux4nano.org <http://www.linux4nano.org> > > > > > -- > We explore... and you call us criminals. > We seek after knowledge... and you call us criminals. > We exist without skin color, without nationality, without religious > bias... and you call us criminals. > You build atomic bombs, you wage wars, you murder, cheat, and lie to > us and try to make us believe it's for our own good... > ....yet we're the criminals. > > ____________WAUSHARE ROX ______________ > Join the dark side we've got cheese > Annoying people since 1992 > If you hate me, I love you too. It ain't my fault I'm better than you > Save Water, Drink Beer > God Made Women First, Then He Had A Better Idea. > If Barbie is soo popular...how come you have to buy her friends? > Don't play stupid with me... I'm better at it! > You were so cute when you were a baby...What happened? > My folks were always asking me to wear underpants. What am I, the pope? > I'm calling the police!... Right after I flush some tings. > Join the army, see the world, meet interesting people, and kill them. > ------------------------------------------------------------------------ > > _______________________________________________ > Linux4nano-dev mailing list > [email protected] > https://mail.gna.org/listinfo/linux4nano-dev > http://www.linux4nano.org _______________________________________________ Linux4nano-dev mailing list [email protected] https://mail.gna.org/listinfo/linux4nano-dev http://www.linux4nano.org
