grg/checkm8_tool
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Much better communication model

Browse Source
This commit is contained in:
Gregor Haas
2019-12-15 18:32:34 -05:00
parent 450f4de756
commit 3972ac655e
9 changed files with 233 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
checkm8_remote/include/checkm8.h
View File

@@ -17,6 +17,7 @@
#define DEV_IDVENDOR 0x05AC
#define DEV_IDPRODUCT 0x1227
#define DFU_IMAGE_BASE 0x1800B0000
#else
#error "Unspported checkm8 platform"

22
checkm8_remote/include/command.h
View File

@@ -3,11 +3,23 @@
#include "checkm8.h"
int dev_memset(struct pwned_device *dev, long addr, unsigned char c, int len);
int dev_memcpy(struct pwned_device *dev, long dest, long src, int len);
int dev_exec(struct pwned_device *dev, int response_len, int nargs, unsigned long long *args);
#define CMD_USB_READ_LIMIT 0xFF0
int dev_read_memory(struct pwned_device *dev, long addr, long len);
int dev_write_memory();
struct dev_cmd_resp
{
int ret;
unsigned long long magic;
unsigned char *data;
int len;
};
struct dev_cmd_resp *dev_memset(struct pwned_device *dev, long long addr, unsigned char c, int len);
struct dev_cmd_resp *dev_memcpy(struct pwned_device *dev, long long dest, long long src, int len);
struct dev_cmd_resp *dev_exec(struct pwned_device *dev, int response_len, int nargs, unsigned long long *args);
struct dev_cmd_resp *dev_read_memory(struct pwned_device *dev, long long addr, int len);
struct dev_cmd_resp *dev_write_memory(struct pwned_device *dev, long long addr, unsigned char *data, int len);
void free_dev_cmd_resp(struct dev_cmd_resp *resp);
#endif //IPWNDFU_REWRITE_C_COMMAND_H

7
checkm8_remote/include/payload.h
View File

@@ -6,6 +6,7 @@
#define PAYLOAD_AES_BIN CHECKM8_BIN_BASE "payloads/payload_aes.bin"
#define PAYLOAD_SYSREG_BIN CHECKM8_BIN_BASE "payloads/payload_sysreg.bin"
#define PAYLOAD_SYNC_BIN CHECKM8_BIN_BASE "payloads/payload_sync.bin"
typedef enum
{
PAYLOAD_SYNC,
@@ -19,9 +20,13 @@ typedef enum
DRAM
} LOCATION_T;
#define RESP_VALUE(buf, type, i) ((type *) buf)[i]
int install_payload(struct pwned_device *dev, PAYLOAD_T p, LOCATION_T loc);
int uninstall_payload(struct pwned_device *dev, PAYLOAD_T p);
int execute_payload(struct pwned_device *dev, PAYLOAD_T p, int nargs, ...);
struct dev_cmd_resp *execute_payload(struct pwned_device *dev, PAYLOAD_T p, int nargs, ...);
struct dev_cmd_resp *read_payload(struct pwned_device *dev, long long addr, int len);
struct dev_cmd_resp *write_payload(struct pwned_device *dev, long long addr, unsigned char *data, int len);
#endif //IPWNDFU_REWRITE_C_PAYLOAD_H