The mystery In the previous article, I briefly mentioned a slight difference between the ESP-Prog and the reproduced circuit, when it comes to EN: Focusing on EN, it looks like the voltage level goes back to 3.3V much faster on the ESP-Prog than on the breadboard circuit. The grid is horizontally spaced at 2ms, so … Continue reading Transistors in reverse and redundant circuits →| Quentin Santos
In the previous article, we peeked at the reset circuit of ESP-Prog with an oscilloscope, and reproduced it with basic components. We observed that it did not behave quite as expected. In this article, we’ll look into the missing pieces. An incomplete circuit For a hint, we’ll first look a bit more closely at the … Continue reading The missing part of Espressif’s reset circuit→ The post The missing part of Espressif’s reset circuit appeared first on Quentin Santos.| Quentin Santos
I recently discussed how Espressif implements automatic reset, a feature that lets users easily update the code on an Espressif microcontroller. There are actually more subtleties than a quick look would suggest, and I spent a fair bit of time investigating them. This article and the next two present (The missing part of Espressif’s reset … Continue reading Reproducing Espressif’s reset circuit →| Quentin Santos
While developing on ESP32 boards at Lightbug on some of our newer products, I have repeatedly wanted to run Toit and Jaguar without WiFi enabled during a development setting. Either to have WiFi of…| addshore
In this post we discuss how to commuinicate with an unsupported chip using OpenOCD and review how to write flash programming algorithms in OpenOCD. We also demonstrate how to flash custom firmware to the target device.| VoidStar Security Blog
In previous posts, we've gone over how to tear down Arcade cabinets containing SPI Flash as well as how to dissect the data that was extracted from the Rom. With this next series of posts, I'd like to take the concepts we talked about on those platforms and demonstrate them on a more popular platform With this post our goal will be to extract the firmware from the platform and locate and type of debugging if possible (UART,JTAG,etc). We will explore multiple ways of attempting to extract the ...| VoidStar Security Blog
RST defaults to high This is an addendum to the article about Espressif’s automatic reset. In that article, we observed the effect of the RST pin on the ESP32-S2-Saola-1RI board: I skipped over this topic quickly, so I am now taking the time to explain how the RST pin manages to have a defined behavior … Continue reading The ESP32-S2 reset pin→ The post The ESP32-S2 reset pin appeared first on Quentin Santos.| Quentin Santos
In my article about Espressif’s Automatic Reset, I briefly showed UART output from the bootloader, but did not go in more details. In this article, I want to go just a bit further, by showing some two-way interactions. We’ll use the initial basic “real” UART setup. Note that I did not connect DTR/RTS to RST/IO0. … Continue reading Talking to Espressif’s Bootloader →| Quentin Santos
In previous articles, we saw how to use “real” UART, and looked into the trick used by Arduino to automatically reset boards when uploading firmware. Today, we’ll look into how Espressif does something similar, using even more tricks. “Real” UART on the Saola As usual, let’s first simply connect the UART adapter. Again, we connect … Continue reading Espressif’s Automatic Reset→ The post Espressif’s Automatic Reset appeared first on Quentin Santos.| Quentin Santos
In my previous article, I explained how Arduino makes the life of its users easier by automatically resetting the board when the UART pin DTR (or RTS) transitions from electrically high to low. This exploits the fact that this transition happens automatically when someone or something opens the serial device on the host. That is, … Continue reading Linux always toggles DTR & RTS→ The post Linux always toggles DTR & RTS appeared first on Quentin Santos.| Quentin Santos
As mentioned in my previous article, I am planning to publish a long-form article on UART. I am doing a series of shorter articles to lay the groundwork. This is one of these “short” articles; this one about how Arduino uses UART. Of course, I still went way too deep in this topic for something … Continue reading Arduino’s Automatic Reset →| Quentin Santos
I recently went into a deep dive on “UART” and will publish a much longer article on the topic. This is just a recap of the basics to help put things in context. Many tutorials focus on using UART over USB, which adds many layers of abstraction, hiding what it actually is. Here, I deliberately … Continue reading How to use “real” UART →| Quentin Santos
I've been working with many projects that use the USART and not one was like the other alghough hardware resources were pretty similar. | Dror Gluska
This is a detailed description of the major 2.0.0 release of BLE Serial. It is a tool to connect Bluetooth low energy 4. and 5.x (BLE) UART modules to virtual serial ports on Linux and now also COM ports on Windows. Backend Change In the first BLE Serial versions (1.0 up to 1.3) it used bluepy as bluetooth backend library. Problem with it was an open issue that required the manual installation of a fork, like described in the previous post about it. Now over the course of 2020 some PRs got me...| Jake’s Blog
For the past few days I’ve poked around a bit with the fancy new controllers that ship with the Nintendo Switch, the Joy-Con. My primary motivation in looking at these devices mostly come back to the fact that they’re almost everything I wanted in my VR controller project: analog joysticks, four buttons, and grip buttons (to a degree). Position tracking aside, I think they’re basically perfect for VR and have huge potential as a standard Bluetooth controller as well, with some interesti...| [Segmentation Fault]
In this post I'm going to run through a crash course about UART, and write up some personal notes I use to find them quickly and dump shells on embedded devices. So is going to be a little informal at times but the aim of the post is to get the tips and process across quickly so those who want to can get to dumping shells too! So this focused on supporting the activity of interacting with UART ports as they appear on an average IoT device. | k3170
This guide covers the entire process of creating a new STM32F4 project, setting up the UART, and then integrating Electric UI.| Electric UI
This blog entry aims to familiarize readers with locating an active UART on a target system, how to approach a UBoot console, and ultimately how to leverage both of these components to extract the flash memory from our target. After reading this, readers will be familiar with the screen utility the depthcharge python3 libraries.| VoidStar Security Blog
This post reviews some of the tools needed when setting up a lab for reverse engineering embedded systems. There will be two sections, one for hardware tools and one for software tools. After reading this blog post, the reader should know what is needed to set up an introductory lab for reverse engineering embedded systems and firmware images.| VoidStar Security Blog