cleaned up, documented some
This commit is contained in:
@@ -2,5 +2,15 @@
|
||||
Working on an exploit to break the security on the ESP32-S3
|
||||
Highly a work in progress
|
||||
|
||||
[entropy](entropy/) - entropy images of the bootroms
|
||||
[esp-rom-elfs-20230320](esp-rom-elfs-20230320/) - all of the ESP32-X bootloader elfs from [here](https://github.com/espressif/esp-rom-elfs/releases/tag/20230320)
|
||||
[ESP32-S3_Exploit_FPGA](ESP32-S3_Exploit_FPGA/) - runs the exploit, based on a cheap [Tang Nano 9K FPGA](https://www.aliexpress.us/item/3256807026232976.html?channel=twinner) using [Lushay Code](https://learn.lushaylabs.com/vscode-extension/) for VS Code
|
||||
[existing_files](existing_files/) - assorted existing roms I found
|
||||
[Ghidra](Ghidra/) - Ghidra project for reverse engineering and exploit dev
|
||||
[libs](libs/) - extra libraries that Espressif disclosed was used in the roms, excepting those found natively in esp-idf (useful for reverse engineering and debugging)
|
||||
[sillyfillyespdumper](sillyfillyespdumper/) - tool I made to dump arbitrary data from ESP32-Xs
|
||||
[silltfillyespdumper/live-roms](sillyfillyespdumper/live-roms/) - full, redundant rom dumps from two production ESP32-S3s
|
||||
|
||||
|
||||
Based much on [Coruk's attack on the ESP32-C3](https://courk.cc/esp32-c3-c6-fault-injection)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user