EljakimHerrewijnen/Samsung_S7
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
87 Commits 2 Branches 0 Tags 51 MiB
d9d9ae332a
Commit Graph

46 Commits

Author SHA1 Message Date
Jonathan Herrewijnen
d9d9ae332a Cleaning up code and rewriting documentation. Now mostly finalized. 
Boots BL2 and returns to debugger. BL2 is not yet patcheable.
 2024-09-10 18:59:32 +02:00
Jonathan Herrewijnen
a75bf965cc Boots BL2 and returns to debugger. BL2 not yet patcheable. 2024-09-09 17:23:10 +02:00
Jonathan Herrewijnen
c03af09de2 Adding ghidra BL31 file for later inspection 2024-09-05 20:18:05 +02:00
Jonathan Herrewijnen
20ad0cdb45 Found area where 02035600 becomes unaccessible. Trying to patch it. 2024-09-04 18:16:37 +02:00
Jonathan Herrewijnen
66621d36d7 Add descriptions to commit and cleanup 2024-09-04 14:16:26 +02:00
Jonathan Herrewijnen
906629b80f Small docs update 2024-09-03 19:31:41 +02:00
Jonathan Herrewijnen
e59478187d Loads and executes BL31, then returns debugger, then continues bootflow and enters recovery 2024-08-29 21:06:15 +02:00
Jonathan Herrewijnen
a12453cbd3 TTBR0_EL3 visible after BL31 2024-08-28 18:45:05 +02:00
Jonathan Herrewijnen
5044941619 Better boot memory overview. Boots into recovery. 2024-08-26 17:45:29 +02:00
Jonathan Herrewijnen
3039e1dbc7 Debugger overwritten by BL2. Working on better memory map 2024-08-23 18:05:06 +02:00
Jonathan Herrewijnen
4ab063cc71 Unable to get firmware loader to return to debugger (yet) 2024-08-22 19:50:46 +02:00
Jonathan Herrewijnen
416521c8c7 Revert changes in exploit.py 2024-08-21 19:00:18 +02:00
Jonathan Herrewijnen
5154096998 Updating readme and adding some necessary binaries to run the exploit 2024-08-20 16:31:49 +02:00
Eljakim Herrewijnen
2c20ff6255 Boots a patched bl31 2024-08-18 13:55:11 +02:00
Eljakim Herrewijnen
2d0557c5c7 update 2024-08-17 20:35:52 +02:00
Eljakim Herrewijnen
8cb5f2e151 added bl1 patches comment 2024-08-17 12:27:56 +02:00
Eljakim Herrewijnen
8926897590 added bl1 patches comment 2024-08-17 12:25:35 +02:00
Eljakim Herrewijnen
c4fac034a1 Fully booting with ability to patch BL1 2024-08-17 12:24:47 +02:00
Jonathan Herrewijnen
5e7cfa7a60 Debugger alive after bl31 2024-08-16 19:37:25 +02:00
Jonathan Herrewijnen
55da2ce981 Now booting into USB recovery. Not yet jumping back to the debugger at each boot stage 2024-08-16 18:15:53 +02:00
Eljakim Herrewijnen
27fd2b00fb added normal boot mode 2024-08-16 10:11:18 +02:00
Jonathan Herrewijnen
a8aed2e480 usb stack likely not executable 2024-08-14 19:46:27 +02:00
Jonathan Herrewijnen
99385d69e9 Booting bl31 fails as soon as we jump into it at 02021810 2024-08-13 16:42:17 +02:00
Jonathan Herrewijnen
7a80b9f5a9 Boots BL1 correctly by setting some things (twin) 2024-08-12 18:58:49 +02:00
Jonathan Herrewijnen
4bbb11908f Merge branch 'main' of https://git.herreweb.nl/EljakimHerrewijnen/Samsung_S7 2024-08-12 16:58:46 +02:00
Jonathan Herrewijnen
19d20965db updated docs 2024-08-12 16:57:40 +02:00
Eljakim Herrewijnen
5e7fd96d40 fixed conflicts 2024-08-12 16:53:25 +02:00
Eljakim Herrewijnen
2a0cd7ef02 bl1 authenticated and jumped to 2024-08-09 22:22:16 +02:00
Jonathan Herrewijnen
5d6204efa3 Minor docs update. Trying to dump memory 2024-08-09 22:16:13 +02:00
Jonathan Herrewijnen
e8a997fee8 Merge branch 'main' of https://git.herreweb.nl/EljakimHerrewijnen/Samsung_S7 into altered-script-flow 2024-08-09 15:26:18 +02:00
Eljakim Herrewijnen
fbf826c99b authbl1 with bl1 works 2024-08-09 12:57:34 +02:00
Jonathan Herrewijnen
11bd8dd512 changed exploit flow 2024-08-08 19:46:04 +02:00
Jonathan Herrewijnen
e4c2b7ae02 Additional documentation 2024-08-07 19:13:35 +02:00
Eljakim Herrewijnen
0176439498 update 2024-08-07 00:20:30 +02:00
Eljakim Herrewijnen
a8cc6b3f39 Started booting fwbl1 2024-08-05 19:37:13 +02:00
Eljakim Herrewijnen
934bebe0c5 stage1 and debugger working 2024-08-05 14:51:04 +02:00
Eljakim Herrewijnen
d991625f9f Merge branch 'main' of ssh://git.herreweb.nl:3022/EljakimHerrewijnen/Samsung_S7 2024-08-04 11:48:37 +02:00
Eljakim Herrewijnen
5460d45bf9 stage1 seperation 2024-08-04 11:48:31 +02:00
Jonathan Herrewijnen
5aa1331a52 small docs update 2024-08-03 15:38:10 +02:00
Eljakim Herrewijnen
58e85db48f :) 2024-08-02 22:15:02 +02:00
Eljakim Herrewijnen
5d7e117ea0 added working dwc3 2024-08-02 22:13:27 +02:00
Eljakim Herrewijnen
ceba895566 update 2024-08-02 21:19:14 +02:00
Eljakim Herrewijnen
87c5ce75c9 full send/recv working but need to clean up code 2024-08-02 21:18:08 +02:00
Eljakim Herrewijnen
0a7ffe9399 send with custom address works 2024-08-02 21:11:18 +02:00
Eljakim Herrewijnen
d40e818b33 sending incorrect data now 2024-08-02 19:53:33 +02:00
Eljakim Herrewijnen
10e4590faf send/receive working 2024-08-02 15:51:35 +02:00