Changes

::: '''[Example]''' Genuine Dell laptop power supplies use the 1-Wire protocol to send transmit data via over the third wire to the laptop computer 's embedded controller, providing information about power, current , and voltage ratings.::: The laptop will embedded controller then refuse charging if the adapter does not meet requirementsverifies that a compatible power supply is connected, allowing all VRM phases to operate at maximum duty cycle.

: In case of an external rom ROM you can always try to read it with a programmer and try to dump the contents this way for later static analysis.

When your traget target chip has an a built-in ROM and the chip is locked you are out of luck trying to easily read the firmware in most cases.<br>Here is were where it comes handy to know of different methods widely used to attack these chips in order to retrive retrieve the firmware for later static analysis or even live debugging.

:::;- [https://0xinfection.github.io/reversing/reversing-for-everyone.pdf Great resources on reserve reverse engineering]

Atmel SAM4C32 reset low period during early start-up process somewhere in the bootloader showing vurnable time for glitch.<br>After glitching the chip, JTAG comes online serving a command prompt which allows to dump the firmware of the chip protected by Atmel's Security Bit Feature called GPNVM.<br: >[[File:Atmel SAM4 series glitch.pngATSAM4C32|none|thumb|Atmel SAM4C32 glitching. Yellow VDDCORE, Purple RST..]]Credits to [https://www.0x01teamFull in-depth wiki page can be found here.com/hw_security/bypassing-microchip-atmel-sam-e70-s70-v70-v71-security/ 0x01 Team] and [https://www.youtube.com/watch?v=IOD5voFTAz8 RECESSIM] for finding the reset low period being connected to the glitch timebase.

: Atmel SAM4C32 reset low period during early start-up process somewhere in the bootloader showing vulnerable time for glitch.<br>: After glitching the chip, JTAG comes online serving a command prompt which allows to dump the firmware of the chip protected by Atmel's Security Bit Feature called GPNVM.<br>: [[File:Atmel SAM4 series glitch.png|none|thumb|Atmel SAM4C32 glitching. Yellow VDDCORE, Purple RST..]]: Credits to [https://www.0x01team.com/hw_security/bypassing-microchip-atmel-sam-e70-s70-v70-v71-security/ 0x01 Team] and [https://www.youtube.com/watch?v=IOD5voFTAz8 RECESSIM] for finding the reset low period being connected to the glitch timebase. ====Debugging=========Debugging Hardware / Tools=====

:::;- [https://github.com/openocd-org/openocd OpenOCD (Open On-Chip Debugger)]:::;- [https://www.picotech.com/products/oscilloscope PicoScope. The modern alternative to the traditional benchtop oscilloscope.]:::;- [https://buspirate.com/ BusPirate - universal bus interface device for I2C and SPI.]:::;- [https://github.com/travisgoodspeed/goodfet GoodFET JTAG adapter]:::;- [https://mouser.com/new/segger/seggerjlink/ J-Link In-Circuit Debugger]:::;- [https://github.com/grandideastudio/jtagulator JTAGulator is an open source hardware tool that assists in identifying OCD interfaces from test points, vias, component pads, or connectors on a target device.] =====Logic Analyzer=====:: [https://hardwear.io/netherlands-2024/speakers/sasha-sheremetov.php hardwear.io - Hacking NAND Memory Pinout using Logic Analyzer.]:: '''Abstract:''':: This presentation is about analysis of technological pinout of NAND memory in such devices as microSD, eMMC and other monolithic chips using a logic analyzer.:: YouTube video: https://www.youtube.com/watch?v=sgl9Sfu79Lc

====Programmers / Flash Utilities & Nand Flash Controllers ====

Since the search engine is broken @ the usual suspects: DHgate, Gearbest, Banggood, Aliexpress or various other China stores. I use a search query like for example '''“TSOP48 usb pcb controller flash disk site:aliexpress.com”''' in image search mode.

Analyzing dumped data.You might also find the [[Software_Tools#|software category interesting.]]::* ToolsAnalyzing & unpacking firmware blobs