Skip to content
/ LPC-ROP Public

Breaking Bootloaders on the Cheap - BlackHat Europe 2019

License

Apache-2.0 license
5 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

qaistem1/LPC-ROP

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
Exploit_Read_CRP_Value.bin
Exploit_Read_CRP_Value.bin
 
 
LICENSE
LICENSE
 
 
LPC1343_bootloader_dump.bin
LPC1343_bootloader_dump.bin
 
 
README.md
README.md
 
 

Repository files navigation

NXP LPC1343 Return-oriented Programming Exploit

This exploit is metioned in my Blackhat Europe 2019 talk with David Oswald (Breaking Bootloaders on the Cheap): https://i.blackhat.com/eu-19/Thursday/eu-19-Temeiza-Breaking-Bootloaders-On-The-Cheap-2.pdf

This exploit breaks the CRP-1 of the LPC1343 and also it can break CRP-1 on some other LPC devices (it may need modifications in order to work on the other vulnerable LPC devices). ONLY FOR RESEARCH PURPOSES

How to use this exploit?

-Encode the exploit using a UU-encoding tool

-Invoke the UART bootloader

-Call the "Write to RAM" command via entering "W 268443476 172"

-Send the econded exploit to the device

For more details please refer to the Blackhat talk.

About

Breaking Bootloaders on the Cheap - BlackHat Europe 2019

Topics

arm embedded assembly lpc bootloader embedded-devices exploitation lpc1343

Resources

Readme

License

Apache-2.0 license
Activity

Stars

5 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published