Code to exploit and research the Exynos Bootrom
Go to file
Jonathan Herrewijnen d9d9ae332a Cleaning up code and rewriting documentation. Now mostly finalized.
Boots BL2 and returns to debugger. BL2 is not yet patcheable.
2024-09-10 18:59:32 +02:00
.vscode Added .vscode 2024-01-02 13:29:15 +01:00
documentation Cleaning up code and rewriting documentation. Now mostly finalized. 2024-09-10 18:59:32 +02:00
dump Boots BL2 and returns to debugger. BL2 not yet patcheable. 2024-09-09 17:23:10 +02:00
reven update 2024-08-17 20:35:52 +02:00
source Cleaning up code and rewriting documentation. Now mostly finalized. 2024-09-10 18:59:32 +02:00
.gitignore update gitignore 2024-08-20 15:23:50 +02:00
.gitlab-ci.yml Update .gitlab-ci.yml file 2024-08-23 08:27:08 +00:00
README.md Updating readme and adding some necessary binaries to run the exploit 2024-08-20 16:31:49 +02:00
requirements.txt Unable to get firmware loader to return to debugger (yet) 2024-08-22 19:50:46 +02:00

Samsung_S7

Code to exploit and research the Exynos Bootrom.

Setting up

Python module

Create a venv, and intall ghidra_assistant.

python3 -m venv venv
. venv/bin/activate
pip install -r requirements.txts

Building the debugger

The debugger needs to be built using gupje. Move the contents of source/gupje_device to Gupje/devices/samsung_s7. Then proceed to build the debugger.

mv source/gupje_device/* {your-gupje-root}/devices/samsung_s7
cd {your-gupje-root}
make -f devices/samsung_s7/Makefile

Then proceed to move the debugger to dump/debugger.bin. To get to work, run source/exploit/exploit.py. The launch.json's are located in source/exploit, so its recommended to open this folder in your VSCode/favourite IDE.

Viewing/building documentation

To view documentation, ensure you have sphinx installed. If not, run sudo apt install python3-sphinx. Then proceed to build the documentation by running make livehtml in documentation.