EljakimHerrewijnen/Samsung_S7
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
96 Commits 2 Branches 0 Tags 73 MiB
6711ceea27
Commit Graph

96 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonathan Herrewijnen
6711ceea27 updates docs to explain final sboot boot 2024-09-25 18:44:44 +02:00
Jonathan Herrewijnen
0174b2a4f7 Boots patched BL33 2024-09-24 18:50:11 +02:00
Jonathan Herrewijnen
1dc24198b6 Returns to debugger and allows booting into recovery. Patching BL33 does not work. Should try patching the verification 2024-09-17 20:06:49 +02:00
Jonathan Herrewijnen
f431e1981f Adding DT_Sphinx confluence push. Fixing some errors in the documentation. 2024-09-17 18:28:35 +02:00
Jonathan Herrewijnen
fe58a3b869 reads B33 2024-09-16 17:14:14 +02:00
Jonathan Herrewijnen
e56a90f457 Merge remote-tracking branch 'origin/HEAD' 2024-09-16 10:53:46 +02:00
Jonathan Herrewijnen
201e8485e8 Minor docs update and exploit.py update 2024-09-16 10:52:44 +02:00
Jonathan Herrewijnen
76d1b8361c Adding decompiled BL33 for now 2024-09-16 10:46:37 +02:00
Jonathan Herrewijnen
5bf8cf0a7f Minor update to memory map and some documentation updates 2024-09-14 16:41:21 +02:00
Jonathan Herrewijnen
d9d9ae332a Cleaning up code and rewriting documentation. Now mostly finalized. 
Boots BL2 and returns to debugger. BL2 is not yet patcheable.
 2024-09-10 18:59:32 +02:00
Jonathan Herrewijnen
ac755b81f1 Updating docs 2024-09-09 18:19:34 +02:00
Jonathan Herrewijnen
a75bf965cc Boots BL2 and returns to debugger. BL2 not yet patcheable. 2024-09-09 17:23:10 +02:00
Jonathan Herrewijnen
b0c2b414ca Updated ghidra project file 2024-09-09 10:12:37 +02:00
Jonathan Herrewijnen
c8dd132ef9 Some spaces/devices 2024-09-05 20:55:39 +02:00
Jonathan Herrewijnen
c03af09de2 Adding ghidra BL31 file for later inspection 2024-09-05 20:18:05 +02:00
Jonathan Herrewijnen
20ad0cdb45 Found area where 02035600 becomes unaccessible. Trying to patch it. 2024-09-04 18:16:37 +02:00
Jonathan Herrewijnen
66621d36d7 Add descriptions to commit and cleanup 2024-09-04 14:16:26 +02:00
Jonathan Herrewijnen
906629b80f Small docs update 2024-09-03 19:31:41 +02:00
Jonathan Herrewijnen
e59478187d Loads and executes BL31, then returns debugger, then continues bootflow and enters recovery 2024-08-29 21:06:15 +02:00
Jonathan Herrewijnen
a12453cbd3 TTBR0_EL3 visible after BL31 2024-08-28 18:45:05 +02:00
Jonathan Herrewijnen
91c7d60638 Adding third (variable) debugger 2024-08-27 20:18:39 +02:00
Jonathan Herrewijnen
a9f426292c Reversing draw order of boot diagram 2024-08-27 20:16:45 +02:00
Jonathan Herrewijnen
5044941619 Better boot memory overview. Boots into recovery. 2024-08-26 17:45:29 +02:00
Jonathan Herrewijnen
fb2c105bf3 Adding memdump with potential keys (NIST_P25) from before any boot other than bootrom 2024-08-26 13:09:19 +02:00
Jonathan Herrewijnen
df71d537ec small blocks in blocks memory map update 2024-08-25 20:00:07 +02:00
Jonathan Herrewijnen
3039e1dbc7 Debugger overwritten by BL2. Working on better memory map 2024-08-23 18:05:06 +02:00
Jonathan Herrewijnen
98033c5d61 Update .gitlab-ci.yml file 2024-08-23 08:27:08 +00:00
Jonathan Herrewijnen
ee605f567e Adjust for non-sudo 2024-08-22 19:56:46 +02:00
Jonathan Herrewijnen
d45b9eeb1b Add xvfb to build pipeline 2024-08-22 19:55:56 +02:00
Jonathan Herrewijnen
4ab063cc71 Unable to get firmware loader to return to debugger (yet) 2024-08-22 19:50:46 +02:00
Jonathan Herrewijnen
416521c8c7 Revert changes in exploit.py 2024-08-21 19:00:18 +02:00
Jonathan Herrewijnen
34ca995109 Adding gitlab pages 2024-08-20 17:28:57 +02:00
Jonathan Herrewijnen
5154096998 Updating readme and adding some necessary binaries to run the exploit 2024-08-20 16:31:49 +02:00
Jonathan Herrewijnen
ac9b7630b9 update gitignore 2024-08-20 15:23:50 +02:00
Eljakim Herrewijnen
2c20ff6255 Boots a patched bl31 2024-08-18 13:55:11 +02:00
Eljakim Herrewijnen
2d0557c5c7 update 2024-08-17 20:35:52 +02:00
Eljakim Herrewijnen
8cb5f2e151 added bl1 patches comment 2024-08-17 12:27:56 +02:00
Eljakim Herrewijnen
8926897590 added bl1 patches comment 2024-08-17 12:25:35 +02:00
Eljakim Herrewijnen
c4fac034a1 Fully booting with ability to patch BL1 2024-08-17 12:24:47 +02:00
Eljakim Herrewijnen
6bc9156cb6 Fixed resturctured text layout 2024-08-16 23:00:13 +02:00
Jonathan Herrewijnen
5e7cfa7a60 Debugger alive after bl31 2024-08-16 19:37:25 +02:00
Jonathan Herrewijnen
55da2ce981 Now booting into USB recovery. Not yet jumping back to the debugger at each boot stage 2024-08-16 18:15:53 +02:00
Eljakim Herrewijnen
dc64defded added sboot 2024-08-16 13:46:03 +02:00
Eljakim Herrewijnen
27fd2b00fb added normal boot mode 2024-08-16 10:11:18 +02:00
Jonathan Herrewijnen
a8aed2e480 usb stack likely not executable 2024-08-14 19:46:27 +02:00
Jonathan Herrewijnen
99385d69e9 Booting bl31 fails as soon as we jump into it at 02021810 2024-08-13 16:42:17 +02:00
Jonathan Herrewijnen
7a80b9f5a9 Boots BL1 correctly by setting some things (twin) 2024-08-12 18:58:49 +02:00
Jonathan Herrewijnen
4bbb11908f Merge branch 'main' of https://git.herreweb.nl/EljakimHerrewijnen/Samsung_S7 2024-08-12 16:58:46 +02:00
Jonathan Herrewijnen
de8395b286 updated docs 2024-08-12 16:58:34 +02:00
Jonathan Herrewijnen
19d20965db updated docs 2024-08-12 16:57:40 +02:00