Closed libc0607 closed 5 months ago
up-n-atom
commented
5 months ago Any suggestions? And, is there someone experienced on 8051 RE watching here?
Sorry for this late reply. Oddly, rather than github informing me of pending open issues, it was a reply on servethehome.com that got my attention. Anyway, I will allocate time this weekend to take a look at these developments and try to gather any new insight.
up-n-atom
commented
5 months ago Before I delve into the code, I can confirm that same reset button boot loop is experienced with the SWTG118AS v1.0 and I wrote a little explanation at https://forums.servethehome.com/index.php?threads/horaco-2-5gbe-managed-switch-8-x-2-5gbe-1-10gb-sfp.41571/post-428606
up-n-atom
commented
5 months ago @libc0607 @FanFansfan It's AES encryption.
The sbox in bytes are at 0xDD433..0xDD532 and the rcon in dwords are at 0xDD533..0xDD55E.
I haven't dug into it just yet but my assumption is 59494F4754fff00\0 and 59494F4754fff01\0 are the 128bit keys.
giver3
commented
5 months ago The flash's UID in these captures is what he said in the Yakigani issue,
10 09 3F 30 D4 50 84 22(64-bit), and the OTP content is57 2d ad 0d 4f f6 c7 45(hex char). Maybe that helps.
I can confirm that on the two operational managed switches (ZX-SWTG124AS) the UID starts with: 10 09 3F 30 D4 xx xx xx. The OTP value is the same (57 2D AD 0D 4F F6 C7 45). I wonder why the OTP has a size of 4096 (https://github.com/libc0607/Yakigani/issues/1#issuecomment-2106170866) maybe further down is the rest of the data?
libc0607
commented
5 months ago The flash's UID in these captures is what he said in the Yakigani issue,
10 09 3F 30 D4 50 84 22(64-bit), and the OTP content is57 2d ad 0d 4f f6 c7 45(hex char). Maybe that helps.I can confirm that on the two operational managed switches the UID starts with: 10 09 3F 30 D4 xx xx xx. The OTP value is the same (57 2D AD 0D 4F F6 C7 45). I wonder why the OTP has a size of 4096 (libc0607/Yakigani#1 (comment)) maybe further down is the rest of the data?
Maybe he had set the wrong size in the reading script? @FanFansfan
Thank you for the flash information.
So the Realtek SDK really wrote a bug, only reading the first 32-bit of UID ... So all flash with a UID starts with 10 09 3F 30 shares the same OTP content.
I think they had forgotten the 4 dummy bytes after sending CMD 4B ๐๐ Maybe the actual UID that goes into the AES algo should be sth like 00 00 00 00 10 09 3F 30 or FF FF FF FF 10 09 3F 30 ...
And I've noticed that after reading the UID, it reads the %02bx @0DC000, 8 times. Seems like converting a 64-bit UID into hex string.
libc0607
commented
5 months ago Did some timing analysis on the LA captured data, @up-n-atom you're right it's AES-128. It reads the sbox data 10 rounds.
// Step 0.
// 4 reads/grp, 10 grps
// 0.0
6479313,6146693036.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD463, 3 bytes): 04 c7 23
6479374,6146701452.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD463, 3 bytes): 04 c7 23
6479441,6146710828.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD433, 3 bytes): 63 7c 77
6479508,6146720076.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD499, 3 bytes): 33 85 45
// 0.1
6482303,6147321502.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4B2, 3 bytes): d2 cd 0c
6482364,6147329918.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD468, 3 bytes): 96 05 9a
6482431,6147339294.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD48E, 2 bytes): 39 4a
6482497,6147348412.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD48A, 3 bytes): 5b 6a cb
// 0.2
6485291,6147949838.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD513, 3 bytes): e1 f8 98
6485352,6147958254.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD470, 3 bytes): 27 b2 75
6485419,6147967630.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD49F, 1 bytes): 50
6485484,6147976622.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4B5, 3 bytes): 13 ec 5f
// 0.3
6488277,6148578688.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD456, 3 bytes): 26 36 3f
6488338,6148587104.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD439, 3 bytes): 6f c5 30
6488405,6148596480.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4A8, 3 bytes): 9d 38 f5
6488472,6148605728.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4E9, 3 bytes): 4e a9 6c
// 0.4
6491267,6149207282.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD492, 3 bytes): cf d0 ef
6491328,6149215698.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4E0, 3 bytes): 95 e4 79
6491395,6149225072.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD481, 3 bytes): 2f 84 53
6491462,6149234320.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD47B, 3 bytes): 52 3b d6
// 0.5
6494257,6149836770.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD51D, 3 bytes): 87 e9 ce
6494318,6149845186.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD44D, 3 bytes): a2 af 9c
6494385,6149854562.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD43C, 3 bytes): 01 67 2b
6494452,6149863810.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4BB, 3 bytes): c4 a7 7e
// 0.6
6497246,6150471540.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD475, 3 bytes): 2c 1a 1b
6497307,6150479956.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD46F, 1 bytes): eb
6497372,6150489076.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4DB, 3 bytes): c2 d3 ac
6497439,6150498324.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD458, 3 bytes): 3f f7 cc
// 0.7
6500232,6151101286.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4FB, 3 bytes): e8 dd 74
6500293,6151109700.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4F7, 3 bytes): 1c a6 b4
6500360,6151119076.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD47D, 3 bytes): d6 b3 29
6500427,6151128324.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD50D, 3 bytes): 57 b9 86
// 0.8
6503222,6151729878.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD476, 3 bytes): 1a 1b 6e
6503283,6151738294.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4AE, 2 bytes): 21 10
6503349,6151747542.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD44C, 3 bytes): d4 a2 af
6503416,6151756790.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD453, 3 bytes): b7 fd 93
// 0.9
6506211,6152359240.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4FE, 2 bytes): 1f 4b
6506271,6152367528.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD501, 3 bytes): 8b 8a 70
6506338,6152376904.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4F1, 3 bytes): ae 08 ba
6506405,6152386150.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4BC, 3 bytes): a7 7e 3d
// Step 1.
// 16 reads
// 1.0
6516094,6154390040.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD437, 3 bytes): f2 6b 6f
6516299,6154420216.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD43A, 3 bytes): c5 30 01
6516504,6154450390.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD437, 3 bytes): f2 6b 6f
6516709,6154480566.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD488, 3 bytes): fc b1 5b
6517029,6154529396.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD43C, 3 bytes): 01 67 2b
6517234,6154559572.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD453, 3 bytes): b7 fd 93
6517439,6154589748.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD437, 3 bytes): f2 6b 6f
6517644,6154619922.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD489, 3 bytes): b1 5b 6a
6517964,6154668754.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD437, 3 bytes): f2 6b 6f
6518169,6154698928.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD43A, 3 bytes): c5 30 01
6518374,6154729104.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD489, 3 bytes): b1 5b 6a
6518579,6154759280.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD436, 3 bytes): 7b f2 6b
6518899,6154808110.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD433, 3 bytes): 63 7c 77
6519104,6154838286.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD43A, 3 bytes): c5 30 01
6519309,6154868460.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD492, 3 bytes): cf d0 ef
6519514,6154898636.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD463, 3 bytes): 04 c7 23
// 1.1
6536972,6157755018.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4EB, 3 bytes): 6c 56 f4
6537177,6157785192.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4B3, 3 bytes): cd 0c 13
6537382,6157815368.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD464, 3 bytes): c7 23 c3
6537587,6157845544.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4F0, 3 bytes): 7a ae 08
6537907,6157894374.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4A9, 3 bytes): 38 f5 bc
6538112,6157924550.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4E2, 3 bytes): 79 e7 c8
6538317,6157954724.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD43F, 1 bytes): fe
6538520,6157984644.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD44D, 3 bytes): a2 af 9c
6538840,6158033474.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD49A, 3 bytes): 85 45 f9
6539045,6158063650.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD43A, 3 bytes): c5 30 01
6539250,6158093826.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD520, 3 bytes): 55 28 df
6539455,6158124000.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD446, 3 bytes): 7d fa 59
6539775,6158172832.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD43C, 3 bytes): 01 67 2b
6539980,6158203006.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD459, 3 bytes): f7 cc 34
6540185,6158233182.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4B7, 3 bytes): 5f 97 44
6540390,6158263358.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD438, 3 bytes): 6b 6f c5
// 1.2
6557722,6161103002.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4C0, 3 bytes): 5d 19 73
6557927,6161133178.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD433, 3 bytes): 63 7c 77
6558132,6161163354.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD502, 3 bytes): 8a 70 3e
6558337,6161193528.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4D7, 3 bytes): 49 06 24
6558657,6161242360.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4D4, 3 bytes): 32 3a 0a
6558862,6161272534.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4AF, 1 bytes): 10
6559065,6161302454.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD497, 3 bytes): 43 4d 33
6559270,6161332630.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD514, 3 bytes): f8 98 11
6559590,6161381460.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD49F, 1 bytes): 50
6559793,6161411380.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4FA, 3 bytes): c6 e8 dd
6559998,6161441556.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4B1, 3 bytes): f3 d2 cd
6560203,6161471730.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD442, 3 bytes): 76 ca 82
6560523,6161520562.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD452, 3 bytes): c0 b7 fd
6560728,6161550736.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4D4, 3 bytes): 32 3a 0a
6560933,6161580912.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4EA, 3 bytes): a9 6c 56
6561138,6161611088.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4D4, 3 bytes): 32 3a 0a
// 1.3
6578470,6164446124.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD481, 3 bytes): 2f 84 53
6578675,6164476300.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD487, 3 bytes): 20 fc b1
6578880,6164506476.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD47D, 3 bytes): d6 b3 29
6579085,6164536650.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD450, 3 bytes): a4 72 c0
6579405,6164585482.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD500, 3 bytes): bd 8b 8a
6579610,6164615656.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD516, 3 bytes): 11 69 d9
6579815,6164645832.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD493, 3 bytes): d0 ef aa
6580020,6164676008.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD529, 3 bytes): 42 68 41
6580340,6164724838.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD50B, 3 bytes): 61 35 57
6580545,6164755014.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4D7, 3 bytes): 49 06 24
6580750,6164785188.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4F2, 3 bytes): 08 ba 78
6580955,6164815364.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD43D, 3 bytes): 67 2b fe
6581275,6164864194.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD455, 3 bytes): 93 26 36
6581480,6164894370.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD458, 3 bytes): 3f f7 cc
6581685,6164924546.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD483, 3 bytes): 53 d1 00
6581890,6164954720.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD446, 3 bytes): 7d fa 59
// 1.4
6599180,6167789054.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD466, 3 bytes): c3 18 96
6599385,6167819230.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD448, 3 bytes): 59 47 f0
6599590,6167849406.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD504, 3 bytes): 3e b5 66
6599795,6167879580.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD510, 3 bytes): c1 1d 9e
6600115,6167928412.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4BE, 2 bytes): 3d 64
6600319,6167958458.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD451, 3 bytes): 72 c0 b7
6600524,6167988634.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4E5, 3 bytes): 37 6d 8d
6600729,6168018810.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD445, 3 bytes): c9 7d fa
6601049,6168067640.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD43D, 3 bytes): 67 2b fe
6601254,6168097816.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD433, 3 bytes): 63 7c 77
6601459,6168127990.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4EF, 1 bytes): 65
6601662,6168157910.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD506, 3 bytes): 66 48 03
6601982,6168206740.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4D1, 3 bytes): 0b db e0
6602187,6168236916.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4FB, 3 bytes): e8 dd 74
6602392,6168267092.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD43A, 3 bytes): c5 30 01
6602597,6168297266.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD51E, 2 bytes): e9 ce
// 1.5
6619949,6171140912.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4A6, 3 bytes): 8f 92 9d
6620154,6171171088.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4EB, 3 bytes): 6c 56 f4
6620359,6171201262.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4A6, 3 bytes): 8f 92 9d
6620564,6171231438.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD523, 3 bytes): 8c a1 89
6620884,6171280268.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD44A, 3 bytes): f0 ad d4
6621089,6171310444.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD492, 3 bytes): cf d0 ef
6621294,6171340620.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD476, 3 bytes): 1a 1b 6e
6621499,6171370794.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD464, 3 bytes): c7 23 c3
6621819,6171419626.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD50A, 3 bytes): 0e 61 35
6622024,6171449800.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4D6, 3 bytes): 0a 49 06
6622229,6171479976.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4E0, 3 bytes): 95 e4 79
6622434,6171510152.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4A7, 3 bytes): 92 9d 38
6622754,6171558982.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD511, 3 bytes): 1d 9e e1
6622959,6171589158.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD503, 3 bytes): 70 3e b5
6623164,6171619332.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD493, 3 bytes): d0 ef aa
6623369,6171649508.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4D1, 3 bytes): 0b db e0
// 1.6
6640743,6174488898.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4B5, 3 bytes): 13 ec 5f
6640948,6174519074.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD447, 3 bytes): fa 59 47
6641153,6174549248.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4B7, 3 bytes): 5f 97 44
6641358,6174579424.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD52A, 3 bytes): 68 41 99
6641678,6174628254.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4A4, 3 bytes): a3 40 8f
6641883,6174658430.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD528, 3 bytes): e6 42 68
6642088,6174688604.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD503, 3 bytes): 70 3e b5
6642293,6174718780.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD52E, 2 bytes): 0f b0
6642612,6174767484.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD514, 3 bytes): f8 98 11
6642817,6174797658.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD532, 3 bytes): 16 00 00
6643022,6174827834.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD515, 3 bytes): 98 11 69
6643227,6174858010.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD472, 3 bytes): 75 09 83
6643547,6174906840.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD48F, 1 bytes): 4a
6643750,6174936760.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD513, 3 bytes): e1 f8 98
6643955,6174966934.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD435, 3 bytes): 77 7b f2
6644160,6174997110.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD499, 3 bytes): 33 85 45
// 1.7
6661471,6177833812.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4B6, 3 bytes): ec 5f 97
6661676,6177863986.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD445, 3 bytes): c9 7d fa
6661881,6177894162.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD47C, 3 bytes): 3b d6 b3
6662086,6177924338.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4C8, 3 bytes): 2a 90 88
6662406,6177973168.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4AE, 2 bytes): 21 10
6662610,6178003216.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD520, 3 bytes): 55 28 df
6662815,6178033390.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD46C, 3 bytes): 12 80 e2
6663020,6178063566.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4E3, 3 bytes): e7 c8 37
6663340,6178112396.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4F7, 3 bytes): 1c a6 b4
6663545,6178142572.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD493, 3 bytes): d0 ef aa
6663750,6178172748.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4AE, 2 bytes): 21 10
6663954,6178202794.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4ED, 3 bytes): f4 ea 65
6664274,6178251626.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4BB, 3 bytes): c4 a7 7e
6664479,6178281800.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4FA, 3 bytes): c6 e8 dd
6664684,6178311976.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD460, 3 bytes): d8 31 15
6664889,6178342152.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4DC, 3 bytes): d3 ac 62
// 1.8
6682326,6181197252.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4CC, 3 bytes): ee b8 14
6682531,6181227428.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4BD, 3 bytes): 7e 3d 64
6682736,6181257604.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD497, 3 bytes): 43 4d 33
6682941,6181287778.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD452, 3 bytes): c0 b7 fd
6683261,6181336610.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD508, 3 bytes): 03 f6 0e
6683466,6181366784.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD462, 3 bytes): 15 04 c7
6683671,6181396960.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4BA, 3 bytes): 17 c4 a7
6683876,6181427136.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4CB, 3 bytes): 46 ee b8
6684196,6181475966.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD43F, 1 bytes): fe
6684399,6181505886.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD46B, 3 bytes): 07 12 80
6684604,6181536060.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD43D, 3 bytes): 67 2b fe
6684809,6181566236.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4EB, 3 bytes): 6c 56 f4
6685129,6181615066.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD447, 3 bytes): fa 59 47
6685334,6181645242.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4B7, 3 bytes): 5f 97 44
6685539,6181675418.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4A5, 3 bytes): 40 8f 92
6685744,6181705592.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD470, 3 bytes): 27 b2 75
// 1.9
6703021,6184533046.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD521, 3 bytes): 28 df 8c
6703226,6184563222.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD433, 3 bytes): 63 7c 77
6703431,6184593398.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD477, 3 bytes): 1b 6e 5a
6703636,6184623572.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD483, 3 bytes): 53 d1 00
6703956,6184672404.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD47B, 3 bytes): 52 3b d6
6704161,6184702578.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD450, 3 bytes): a4 72 c0
6704366,6184732754.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD434, 3 bytes): 7c 77 7b
6704571,6184762930.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD477, 3 bytes): 1b 6e 5a
6704891,6184811760.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD444, 3 bytes): 82 c9 7d
6705096,6184841936.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4E1, 3 bytes): e4 79 e7
6705301,6184872110.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4E9, 3 bytes): 4e a9 6c
6705506,6184902286.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD4F6, 3 bytes): 2e 1c a6
6705826,6184951116.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD483, 3 bytes): 53 d1 00
6706031,6184981292.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD515, 3 bytes): 98 11 69
6706236,6185011468.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD497, 3 bytes): 43 4d 33
6706441,6185041642.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD494, 3 bytes): ef aa FBBased on the LA capture maybe we can recover the 16-byte block being encrypting. The "step 0" above should be generating the round-key or sth.
giver3
commented
5 months ago Maybe he had set the wrong size in the reading script? @FanFansfan
You are right. The log (10s_auth_success_full) only reads 16B (4 x 4Bytes), so there is no more OTP data.
Thank you for the flash information.
No problem.
libc0607
commented
5 months ago Doing some calculations.
Let's assume that the available byte in each flash read is only the first byte. I think the hardware is doing some "pre-fetch" job for 8051 so every read command reads 3 bytes, which is the longest possible instruction length of 8051.
// 0.0
6479313,6146693036.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD463, 3 bytes): 04 c7 23
6479374,6146701452.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD463, 3 bytes): 04 c7 23
6479441,6146710828.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD433, 3 bytes): 63 7c 77
6479508,6146720076.00,FF,,0B,,,Command: Fast read data (FAST/READ),Fast read data (addr 0DD499, 3 bytes): 33 85 45From that we can calculate that the last 4 bytes of the 16-byte key is 66 30 30 00.
Assume the key is 59494F4754fff00\0.
Using the s-box data read from section 1.0:
F2 01 F2 63
C5 B7 C5 C5
F2 F2 B1 CF
FC B1 7B 04So the raw data should be:
31 3D 31 66
3E 66 33 37
30 30 30 6F
6C 61 65 30It makes no sense, and the error (not matching the logic analyzer value) starts from the second round.
Conclusion: The key is less likely just 59494F4754fff00\0. (I could be wrong -- yes, wrong)
Edit: Went through the draft then I found where I got messed up. As it's my first time play with AES, I decided to try it in paper and pencil then I made a small mistake when calculating the round-key ... should use python instead. (๏ผโฒโ`)
up-n-atom
commented
5 months ago Early lazy assessment by utilizing the key expansion code from https://goggleheadedhacker.com/blog/post/reversing-crypto-functions-aes#key-expansion and proxing the self.RCON and self.SBOX access to print offsets and the value.
Passing in 59494F4754fff00\0 as the 128-bit key produced the same results as your SPI log.
SBOX[ DD463 ] = 04
SBOX[ DD463 ] = 04
SBOX[ DD433 ] = 63
SBOX[ DD499 ] = 33
SBOX[ DD4B2 ] = d2
SBOX[ DD468 ] = 96
SBOX[ DD48E ] = 39
SBOX[ DD48A ] = 5b
SBOX[ DD513 ] = e1
SBOX[ DD470 ] = 27
SBOX[ DD49F ] = 50
SBOX[ DD4B5 ] = 13
SBOX[ DD456 ] = 26
SBOX[ DD439 ] = 6f
SBOX[ DD4A8 ] = 9d
SBOX[ DD4E9 ] = 4e
SBOX[ DD492 ] = cf
SBOX[ DD4E0 ] = 95
SBOX[ DD481 ] = 2f
SBOX[ DD47B ] = 52
SBOX[ DD51D ] = 87
SBOX[ DD44D ] = a2
SBOX[ DD43C ] = 01
SBOX[ DD4BB ] = c4
SBOX[ DD475 ] = 2c
SBOX[ DD46F ] = eb
SBOX[ DD4DB ] = c2
SBOX[ DD458 ] = 3f
SBOX[ DD4FB ] = e8
SBOX[ DD4F7 ] = 1c
SBOX[ DD47D ] = d6
SBOX[ DD50D ] = 57
SBOX[ DD476 ] = 1a
SBOX[ DD4AE ] = 21
SBOX[ DD44C ] = d4
SBOX[ DD453 ] = b7
SBOX[ DD4FE ] = 1f
SBOX[ DD501 ] = 8b
SBOX[ DD4F1 ] = ae
SBOX[ DD4BC ] = a7I will do the same for the cipher later.
up-n-atom
commented
5 months ago @libc0607
let me reword that because it was an implementation error
take the 4 byte unique id as a lower case hex string and concat it to itself
enc.py
from Cryptodome.Cipher import AES
uid = b'10093f30' # lowercase 32bit hex string sliced from the 128bit unique id - read 4Bh
key = b'59494F4754fff00\0' # hardcoded in the flash at DD55Fh or update at C4418h
pt = uid + uid # plaintext concat uid for 128bits
cipher = AES.new(key, AES.MODE_ECB)
otp = cipher.encrypt(pt) # returns the otp bytes
print(otp[:8].hex())python -m venv .venv
source .venv/bin/activate
python3 -m pip install pycryptodomex
python3 enc.pyoutput
572dad0d4ff6c745Good work
libc0607
commented
5 months ago Amazing, now we know all the details of the crab firmware! Thanks for your great work!
concat it to itself
Ahh that's the combination I never wanted to try ๐It must be a bug wrote by Realtek ๐๐
giver3
commented
5 months ago I generated my own (for a different UID) OTG and uploaded it to the flash drive. The switch works -)
Hi.
A week ago, @FanFansfan and I started some exploration on some RTL8372 firmware, and I found your repo yesterday. See our discussion (mainly) here and here (a little bit) (sry for zh-cn, pls use translate).
In short:
I don't know if it's worth spending time on reverse engineering the algorithm. Making an FPGA MITM module on the SPI bus may better than that.
Any suggestions? And, is there someone experienced on 8051 RE watching here?