137 lines
3.8 KiB
Plaintext
137 lines
3.8 KiB
Plaintext
Web interface running on the C5
|
|
Web interface
|
|
Terminal
|
|
Oscilloscope / Raw Sniff
|
|
ADC
|
|
Logic Sniff
|
|
Direct GPIO Access (asm optimized) or
|
|
RMT
|
|
Manual Timing GPIO
|
|
Direct GPIO Access (asm optimized) or
|
|
RMT
|
|
Volage Glitching
|
|
Direct GPIO Access (asm optimized) or
|
|
RMT
|
|
Sniff/Detect/IO Protocols
|
|
UART
|
|
SPI
|
|
I2C
|
|
1Wire
|
|
Raw (ADC)
|
|
Bit Bang
|
|
Freertos on core 0 of P4
|
|
Core 0 of P4 responsible for
|
|
"administratvie"
|
|
communicate with C5 web interface
|
|
parse and handle commands
|
|
user i/o
|
|
UART
|
|
SPI
|
|
I2C
|
|
1Wire
|
|
No rtos on core 1
|
|
Core 1 of P4 responsible for
|
|
Direct GPIO Access
|
|
Logic sniff
|
|
Bit Banging
|
|
RMT
|
|
manually timed GPIO
|
|
r/w
|
|
ADC
|
|
Raw Sniff
|
|
|
|
Utilize:
|
|
FreeRTOS
|
|
Web Interface Over WiFi
|
|
Station Mode or
|
|
AP mode
|
|
Remote Control transceiver (RMT)
|
|
Timed GPIO i/o
|
|
Bit Bang
|
|
Custom Protocols
|
|
Custom Hardware fuzz/sniff mode
|
|
Dedicated GPIO Access (asm optimized)
|
|
Logic Sniff
|
|
Voltage Glitching
|
|
Manual Bit Bang
|
|
Custom Hardware fuzz/sniff mode
|
|
Interprocesser Call (asm optimized)
|
|
Communicate Between Core 0 (FreeRTOS) and Core 1 (ASM Optimized Attack Core)
|
|
ADC
|
|
Raw Sniff
|
|
Oscilloscope
|
|
Typical Protocols
|
|
UART
|
|
SPI
|
|
I2C
|
|
Logging
|
|
Logic Sniff
|
|
Raw Sniff (Oscilloscope)
|
|
Command History
|
|
Web Interface Action History
|
|
IO History
|
|
To:
|
|
SD Card
|
|
Host over UART
|
|
Web Interface/Terminal
|
|
With export formats
|
|
CSV
|
|
XML
|
|
Text
|
|
Etc
|
|
USB-Passthrough
|
|
Emulate ft232
|
|
UART
|
|
SPI
|
|
I2C
|
|
Console componant for UART cli
|
|
break each console function into its own file for clarity?
|
|
web interface somewhat a wrapper for functions/cli
|
|
Hardware:
|
|
ESP32-P4
|
|
ESP32-C5
|
|
GPIO Pins As Many as practical/useful
|
|
2.54mm standard pins
|
|
USB UART Interface or two or three
|
|
make able to emulate ft232 like tigand thing?
|
|
maintain compatability with flashrom, asprogrammer/neoprogrammer
|
|
uart to ESP32s
|
|
uart passthrough
|
|
spi passthrough
|
|
i2c passthrough
|
|
Caps for draining down power for voltage glitching
|
|
toggleable
|
|
pull down/pull up resistors
|
|
toggleable
|
|
exernal power + transitors + GPIO
|
|
real fast toggle of external power via gpios
|
|
shared ground?
|
|
amplifier for weak raw sniff signals?
|
|
|
|
Start with Console app over UART P4, no net yet
|
|
ESP32-P4:
|
|
Configure:
|
|
CONFIG_IDF_TARGET="esp32p4"
|
|
CONFIG_ESPTOOLPY_FLASHMODE_QIO=y
|
|
CONFIG_ESPTOOLPY_FLASHFREQ_120M=y
|
|
CONFIG_ESPTOOLPY_FLASHSIZE_16MB=y
|
|
CONFIG_ESPTOOLPY_HEADER_FLASHSIZE_UPDATE=y
|
|
CONFIG_SPIRAM=y
|
|
CONFIG_SPIRAM_SPEED_80M=y
|
|
CONFIG_SPIRAM_XIP_FROM_PSRAM=y
|
|
CONFIG_ESP_SYSTEM_PANIC_PRINT_HALT=y
|
|
CONFIG_FREERTOS_UNICORE=y
|
|
CONFIG_ULP_COPROC_ENABLED=y
|
|
CONFIG_ULP_HP_UART_CONSOLE_PRINT=y
|
|
CONFIG_IDF_EXPERIMENTAL_FEATURES=y
|
|
Code:
|
|
make structure for multiple files for the functions
|
|
console interface:
|
|
make a basic PoC RMT console interface
|
|
make a basic PoC Direct GPIO access console interface
|
|
write
|
|
read
|
|
simoltanius rw
|
|
make a basic PoC ADC console interface
|
|
make a basic PoC Logic sniffing console iterface
|
|
|