exploit

package
v0.0.0-...-6437eea Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 26, 2023 License: GPL-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ParametersForKind = map[devices.Kind]Parameters{
	devices.Nano3: &epNano3G{},
	devices.Nano4: newEPNano4G(),
	devices.Nano5: newEPNano5G(),
}

Functions

func RCE 

func RCE(usb *gousb.Device, ep Parameters, payload, data []byte) ([]byte, error)

Types

type Parameters 

type Parameters interface {
	// Address of the DFU data buffer.
	DFUBufAddr() uint32
	// Address at which payload begins execution, within the DFU data buffer,
	// as jumped into by the SetupPacket.
	ExecAddr() uint32
	// Address of the USB DMA buffer, ie. the SETUP packet currently being
	// processed.
	USBBufAddr() uint32
	// Address of trampoline in bootrom, jumped to by handler.
	TrampolineAddr() uint16
	// Setup packet to be sent. This must also be valid ARM code, as it happens
	// to be executed.
	SetupPacket() []byte

	HandlerFooter(addr uint32) []uasm.Statement
	AESCall() []uasm.Statement
	HaxedDFUPayload() []uasm.Statement
	DisableICache() []uasm.Statement

	NANDInit(bank uint32) ([]uasm.Statement, error)
	NANDReadPage(bank, page, offset uint32) ([]uasm.Statement, uint32)

	NORInit(spino uint32) ([]uasm.Statement, error)
	NORRead(spino uint32, offset uint32) ([]uasm.Statement, uint32)
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.