U-Boot Bootloader Firmware Extraction Tools
6,814
Published 2024-05-06
firmwaretools Github Repo:
github.com/nmatt0/firmwaretools/tree/master
IoT Hackers Hangout Community Discord Invite:
discord.com/invite/vgAcxYdJ7A
🛠️ Stuff I Use 🛠️
🪛 Tools:
XGecu Universal Programmer: amzn.to/4dIhNWy
Multimeter: amzn.to/4b9cUUG
Power Supply: amzn.to/3QBNSpb
Oscilloscope: amzn.to/3UzoAZM
Logic Analyzer: amzn.to/4a9IfFu
USB UART Adapter: amzn.to/4dSbmjB
iFixit Toolkit: amzn.to/44tTjMB
🫠 Soldering & Hot Air Rework Tools:
Soldering Station: amzn.to/4dygJEv
Microsoldering Pencil: amzn.to/4dxPHwY
Microsoldering Tips: amzn.to/3QyKhrT
Rework Station: amzn.to/3JOPV5x
Air Extraction: amzn.to/3QB28yx
🔬 Microscope Setup:
Microscope: amzn.to/4abMMao
Microscope 0.7X Lens: amzn.to/3wrV1S8
Microscope LED Ring Light: amzn.to/4btqiTm
Microscope Camera: amzn.to/3QXSXsb
About Me:
My name is Matt Brown and I'm an Hardware Security Researcher and Bug Bounty Hunter. This channel is a place where I share my knowledge and experience finding vulnerabilities in IoT systems.
- Soli Deo Gloria
💻 Social:
twitter: twitter.com/nmatt0
linkedin: www.linkedin.com/in/mattbrwn/
github: github.com/nmatt0/
#hacking #iot #cybersecurity
All Comments (21)
-
Keen to see you tackle a more realistic device, say without the full uboot version, a login prompt for UART, encrypted firmware etc. that's what I keep getting lately, or not being able to find a file system at all after desoldering and reading the memory chip 😢
-
Thanks for making these videos! I watch them purely for education and entertainment, even though i have no professional relationship with any of this. I really find your videos very interesting to watch and easy to grasp, so please keep them going!!!
-
Nice job as always Matt. Really like the firmware tools, awesome automation for this extraction analysis.
-
I love these videos. I love watching the process from start to finish.
-
Wow! That was sooooooooooooooo interesting! Thanks! I wish I had some device to mess around with now lol
-
If you run 'bdinfo' that will give you the memory organization of U-Boot. Failures on md/mw on address could be; 1. Memory is mapped to CPU registers, 2 the address does not exist, or 3 U-boot could be running out of that memory rang. There could be a lot of things to cause failure.
-
Love your stuff! This is super useful for what I'm trying to do right now with my router, keep up the awesome work!
-
am i only person get entertained by watching your content 🤠 ❤ GOOD 👍 JOB 👌 BRO
-
Thank you for the content, great insights, as always!
-
Thanks, Matt. Uboot has always seemed a bit mystical to me. Very practical example.
-
Lots of really good info here, thanks!
-
Thank you , the content is awesome, good information!!
-
Nice job Matt 👍
-
Awesome work dude!
-
Surprised to see that your parse uboot dump wasn't just wrapping a call to 'xxd -r'
-
Matt make a video on extracting the files on locked down phones like Samsung, extracting the files that tell the device can use ADB or that tell the device if the OEM is on or not so we can extract them and change the values then push them back to the device to gain root access
-
Good stuff
-
awesome tool. i will be putting it to work and def makes life a whole lot easier to just be able to fetch the actual files rather than MD. Can you elaborate on any write methods which can help write files or strings back to a location on an ext4fs via uboot.
-
Don't you think the reset is simply caused by you overwriting code in memory that is currently being executed? Maybe the bootloader code itself, or interrupt vectors?
-
Ugh, that thumbnail font. FIAWAAE EHTAACTION?