4

For one of my projects I am interested to see how someone else implemented their concept. I wanted to tap onto their microprocessor and read that code. First question I have, if I am to solder wires to the pins of the microprocessor, to which ones should I solder in order to be able to read anything back?

Also, I read about lock bits, for my own future security, if I leave the lock bits off, is there a method to trigger lock bits on if someone does any hardware changes (as in trying to tap to the microcontroller)?

Community
  • 1
KingsInnerSoul
  • 173
  • 4

1 Answers1

2

In a well protected chip, this is not a trivial task.

There are several methods to try, some in software, some in hardware.

One technique to get around lock bits in the cpu, is to 'glitch' the cpu, by giving it signals which are either too short, or too low a voltage on just the right pins, sometimes this will cause an inconsistent state inside the cpu, allowing one to bypass the memory protection.

The exact wires you would need depend very much on the specifications of the chip.

Another technique would be to look for software bugs which allow you to run your own code in the context of the secure memory. This is how some of the early iphone jailbreaks worked.

In a not so well protected system, it might be sufficient to look for the JTAG port, and using some jtag interface you can then sometimes just read the entire memory of the system.

Willem Hengeveld
  • 1,829
  • 11
  • 11