fail0verflow / shofel2 Goto Github PK
View Code? Open in Web Editor NEWTegra X1 bootrom exploit
License: BSD 3-Clause "New" or "Revised" License
Tegra X1 bootrom exploit
License: BSD 3-Clause "New" or "Revised" License
can anyone confirm?
Had to change to VMWare Workstation to get the Exploit to execute.
Fails compiling in SCAD, STL file fails and says incorrect format for slicers (Slic3r, S3D, Cura attempted). Also cannot open the STL as a mesh in Meshmixier nor Fusion360 to attempt to correct format error.
Per instructions in the readme, tegra_mtc.bin
can be extracted using cbfstool
. But it seems cbfstool requires tegra_mtc.bin
to build:
$ make
Skipping submodule '3rdparty/blobs'
GEN build.h
HOSTCC cbfstool/fmaptool.o
HOSTCC cbfstool/cbfs_sections.o
HOSTCC cbfstool/fmap_from_fmd.o
HOSTCC cbfstool/fmap.o
HOSTCC cbfstool/kv_pair.o
HOSTCC cbfstool/valstr.o
make: *** No rule to make target 'tegra_mtc.bin', needed by 'build/coreboot.pre'. Stop.
~/Desktop/NS/linux$
make
\ CHK include/config/kernel.release
CHK include/generated/uapi/linux/version.h
CHK include/generated/utsrelease.h
CHK include/generated/bounds.h
CHK include/generated/timeconst.h
CHK include/generated/asm-offsets.h
CALL scripts/checksyscalls.sh
CHK scripts/mod/devicetable-offsets.h
CHK include/generated/compile.h
CHK kernel/config_data.h
make[1]: *** No rule to make target '/lib/firmware/brcm/brcmfmac4356-pcie.txt', needed by 'firmware/brcm/brcmfmac4356-pcie.txt.gen.o'. Stop.
Makefile:1048: recipe for target 'firmware' failed
make: *** [firmware] Error 2
This can be mitigated by configuring MAX77620_REG_LDO1_CFG with 0xCA before uboot and preferably before coreboot.
Testing with adding this to pmic.c showed 100% fail rate.
But if this is configured before coreboot (via RCM payload) it shows results.
Maybe it needs more registers to be configured. The MAX77620 shows 26 different registers.
Anything else, like SoC registers, is the same.
EDIT:
Basically it's not the clean shutdown/reboot that fixes wifi. It's that after the restart, the PMIC is not reset.
Thus the previous voltages stay and the bring up works. So it's a misconfiguration on the boot process.
I have everything running now.
Just need to know where to put ArchLinux
I followed the instructions on the README and when compiling Linux, the "firmware" target fails because of a missing rule :
natinusala@natinusala-GP70-2QE:~/shofel2/linux$ make
CHK include/config/kernel.release
CHK include/generated/uapi/linux/version.h
CHK include/generated/utsrelease.h
CHK include/generated/bounds.h
CHK include/generated/timeconst.h
CHK include/generated/asm-offsets.h
CALL scripts/checksyscalls.sh
CHK scripts/mod/devicetable-offsets.h
CHK include/generated/compile.h
CHK kernel/config_data.h
make[1]: *** Aucune règle pour fabriquer la cible « /lib/firmware/nvidia/tegra210/vic04_ucode.bin », nécessaire pour « firmware/nvidia/tegra210/vic04_ucode.bin.gen.o ». Arrêt.
Makefile:1048 : la recette pour la cible « firmware » a échouée
make: *** [firmware] Erreur 2
This may just be something dumb I did but I figured I'd report anyhow in case anyone else runs into it.
U-Boot 2018.01-00030-ga2d885d448-dirty (Apr 23 2018 - 15:01:33 -0600)
TEGRA210
Model: Nintendo Switch
Board: Nintendo Switch
DRAM: 3.5 GiB
MMC: sdhci@700b0000: 1, sdhci@700b0600: 0
Using default environment
In: serial
Out: serial
Err: serial
Net: No ethernet found.
Hit any key to stop autoboot: 0
SDP: initialize...
SDP: handle requests...
Downloading file of size 8666861 to 0x83000000... done
Downloading file of size 41024 to 0x8d000000... done
Downloading file of size 354 to 0x8e000000... done
Jumping to header at 0x8e000162
Header Tag is not an IMX image
Wrong image format for "source" command
For some reason, imx_usb_loader has a hard time jumping to the script, but if I ^C out of SDP I can source 8e000000
and the script runs fine. Not sure what to make of it.
Edit: imx_usb output is
config file <./imx_usb.conf>
vid=0x0955 pid=0x701a file_name=switch.conf
config file <./switch.conf>
parse ./switch.conf
Trying to open device vid=0x0955 pid=0x701a
Interface 0 claimed
HAB security state: development mode (0x56787856)
== work item
filename ../../switch-linux/build/switch/arch/arm64/boot/Image.gz
load_size 0 bytes
load_addr 0x83000000
dcd 0
clear_dcd 0
plug 0
jump_mode 0
jump_addr 0x00000000
== end work item
loading binary file(../../switch-linux/build/switch/arch/arm64/boot/Image.gz) to 83000000, skip=0, fsize=843eed type=0
<<<8666861, 8666861 bytes>>>
succeeded (security 0x56787856, status 0x88888888)
HAB security state: development mode (0x56787856)
== work item
filename ../../switch-linux/build/switch/arch/arm64/boot/dts/nvidia/tegra210-nintendo-switch.dtb
load_size 0 bytes
load_addr 0x8d000000
dcd 0
clear_dcd 0
plug 0
jump_mode 0
jump_addr 0x00000000
== end work item
loading binary file(../../switch-linux/build/switch/arch/arm64/boot/dts/nvidia/tegra210-nintendo-switch.dtb) to 8d000000, skip=0, fsize=a040 type=0
<<<41024, 41024 bytes>>>
succeeded (security 0x56787856, status 0x88888888)
HAB security state: development mode (0x56787856)
== work item
filename switch.scr.img
load_size 0 bytes
load_addr 0x8e000000
dcd 0
clear_dcd 0
plug 0
jump_mode 1
jump_addr 0x8e000000
== end work item
loading binary file(switch.scr.img) to 8e000000, skip=0, fsize=162 type=aa
<<<354, 354 bytes>>>
succeeded (security 0x56787856, status 0x88888888)
jumping to 0x8e000162
failed (security 0x56787856, status 0x33050a00)
Hello,
I am trying to exploit a Nvidia Shield using this method. I would like to see if I can recover the RCM keys to have a way to unbrick my device in order to perform some experiments that I would like to do with the bootloader.
After some peak and poke I have manage to progress a little bit with this. Using your code and ktemkin code I have manage to write a small script that collect the RCM ID using the EP1 and perform some Get Status calls to collect some info.
Looks like your code uses a GetStatus to collect some info from the device and perform a sanity check. When this sanity check is run on the T124 it fails. The parameters that are check are the SP and the USB buffer 2 address. I am supposing that since this is a different device these address could be different, hence I have modified the sanity check to match the returned values: 0x40008000 and 0x4000dcf4.
After a quick check on the values returned by the sanity GetStatus I found that there was a value of 0x40004000, I suppose that this could be the address for USB buffer 1.
Also I have succeed to execute a GetStatus for a big amount of data , hence I'am supposing that this call must be bugged and the exploit is running correctly.
However I have not succeed to load any payload to EP1. As soon as I try to write more than 0x1000 bytes to EP1 it stops to allow me to write more data (I have tried sending different amounts for the length field).
On the other hand as soon as I write any amount of data to EP1 (even if it is less than 0x1000, EP0 stops to answer.
I would say that the code that handles the RCM mode on the T124 is different and as soon as I send the first package it fails some validation that prevents to send anything else to the interface on both EPs.
Does anyone has any idea about how can I proceed? Is there any dump of the T124 iROM available?
Hello, I have a question (not an issue to report) Do we need some modifications to run it on the pixel C or will it works as it is ?
Hi, do you think shofel2 will work on the pixel C
I im having problems compiling the kernel, specifically with all the blobs. after deleting all the blobs from the make menuconfig and use the imx usb loader there's a green screen that i suppose is a kernel panic because there's no driver, can you help me with this?
error: Server does not allow request for unadvertised object 8fb3448f6878dec1e7dec4abb786596e011720e3
Fetched in submodule path '3rdparty/arm-trusted-firmware', but it did not contain 8fb3448f6878dec1e7dec4abb786596e011720e3. Direct fetching of that commit failed.
[alarm@alarm root]$ xrandr --setprovideroffloadsink 0x3f 0x72
X Error of failed request: BadValue (integer parameter out of range for operation)
Major opcode of failed request: 140 (RANDR)
Minor opcode of failed request: 34 (RRSetProviderOffloadSink)
Value in failed request: 0x72
Serial number of failed request: 16
Current serial number in output stream: 17
This is using the plain arch linux arm image, with an XFCE install. I have mesa and such, but glxinfo also only wants llvmpipe :(
need to change line
Line 220 in e9dd9a4
relevant fix a different project (i tested and it booted mainline 5.0).
All I'm getting is a black screen with no backlight. It was working, but now it just.. doesn't
jershxl@spaghetti:~$ sudo ./hack.sh
[sudo] password for jershxl:
File descriptor: 9
b'8084fc0a0000001886782d6401101062'
entry 400168ed
throwing more
Performing hax...
Size: 0x6c68
b'820000000000686c'
b'0200000000000000000000000000000010d2240100000000716c000000000000000000000000000000000000000000000f0f00000000000000'
URB address: 0x1245ae0
URB status: -2
b'CBFS\n'
>>> Switching to cbfs mode...
sending 0x7000 bytes @0x0
sending 0x4 bytes @0x7fffc
sending 0x20 bytes @0x20138
sending 0x18 bytes @0x20100
sending 0x20 bytes @0x20118
sending 0x18 bytes @0x20180
sending 0x20 bytes @0x20198
sending 0x1c bytes @0x201b8
sending 0x5344 bytes @0x201d4
sending 0x80000 bytes @0x0
you have been served
Image Name: boot.scr
Created: Fri Apr 27 14:37:55 2018
Image Type: AArch64 Linux Script (uncompressed)
Data Size: 290 Bytes = 0.28 KiB = 0.00 MiB
Load Address: 00000000
Entry Point: 00000000
Contents:
Image 0: 282 Bytes = 0.28 KiB = 0.00 MiB
config file <./imx_usb.conf>
vid=0x0955 pid=0x701a file_name=switch.conf
config file <./switch.conf>
parse ./switch.conf
Trying to open device vid=0x0955 pid=0x701a
Interface 0 claimed
HAB security state: development mode (0x56787856)
== work item
filename ../../linux/arch/arm64/boot/Image.gz
load_size 0 bytes
load_addr 0x83000000
dcd 0
clear_dcd 0
plug 0
jump_mode 0
jump_addr 0x00000000
== end work item
loading binary file(../../linux/arch/arm64/boot/Image.gz) to 83000000, skip=0, fsize=872d29 type=0
<<<8858921, 8858921 bytes>>>
succeeded (security 0x56787856, status 0x88888888)
HAB security state: development mode (0x56787856)
== work item
filename ../../linux/arch/arm64/boot/dts/nvidia/tegra210-nintendo-switch.dtb
load_size 0 bytes
load_addr 0x8d000000
dcd 0
clear_dcd 0
plug 0
jump_mode 0
jump_addr 0x00000000
== end work item
loading binary file(../../linux/arch/arm64/boot/dts/nvidia/tegra210-nintendo-switch.dtb) to 8d000000, skip=0, fsize=9c56 type=0
<<<40022, 40022 bytes>>>
succeeded (security 0x56787856, status 0x88888888)
HAB security state: development mode (0x56787856)
== work item
filename switch.scr.img
load_size 0 bytes
load_addr 0x8e000000
dcd 0
clear_dcd 0
plug 0
jump_mode 2
jump_addr 0x8e000000
== end work item
loading binary file(switch.scr.img) to 8e000000, skip=0, fsize=1a2 type=aa
<<<418, 418 bytes>>>
succeeded (security 0x56787856, status 0x88888888)
jumping to 0x8e000162
root1@DESKTOP-GRME42H:~/coreboot$ sudo make [sudo] password for root1: Skipping submodule '3rdparty/blobs' CC romstage/lib/lzmadecode.o src/lib/lzmadecode.c: In function 'LzmaDecode': src/lib/lzmadecode.c:77:2: error: macro expands to multiple statements [-Werror=multistatement-macros] 77 | Range -= bound; \ | ^~~~~ src/lib/lzmadecode.c:300:7: note: in expansion of macro 'UpdateBit1' 300 | UpdateBit1(prob); | ^~~~~~~~~~ src/lib/lzmadecode.c:299:8: note: some parts of macro expansion are not guarded by this 'else' clause 299 | } else | ^~~~ cc1: all warnings being treated as errors make: *** [Makefile:338: build/romstage/lib/lzmadecode.o] Error 1
Any Fix?
Hey,
It seems that the direct link to the brcmfmac4356-pcie.txt file will download a seemingly Base64 encoded version of the file, which will allow compilation but will result in broken WiFi when using Linux on the Switch.
You can check by comparing the file contents of the preview on Google's Git here and the direct link listed in the README.md here.
hi i have a sony xperia tablet s with tegra 3 and i need to exploit my sony xperia tablet s to port edk2 (UEFI) and i need help
could you help me with that?
Assuming in mtc_tables/, but not sure...
macOS (and really most things that aren't Linux or Cygwin) do not implement /proc/self/fd
(not sure if Plan 9 From Bell Labs does — it's where /proc
originates from — but I digress).
I'm not knowledgeable enough with python to implement an equivalent, but I'm sure there's another way to get the file descriptors for a given process that's more portable.
Or perhaps use a different method for exploiting RCM mode. Fusée Gelée's fusee-launcher.py
uses a separate backend for launching the exploit on macOS: https://github.com/reswitched/fusee-launcher/blob/c68ae700b558ff320ff8298f7a690b5d9ebcee6e/fusee-launcher.py#L125
Either way, if these both use the same exploit I imagine it wouldn't be too difficult to port ShofEL2 to macOS since Fusée works fine.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.