Uncategorized

Expliot gets SPIflashwrite plugin

Re: https://firmwaresecurity.com/2018/06/13/expliot-exploitation-framework/

https://gitlab.com/expliot_framework/expliot

Standard
Uncategorized

SPIDriver: Hardware Adapter for Controlling SPI Devices from Your Computer

https://blog.hackster.io/spidriver-is-a-hardware-adapter-for-controlling-spi-devices-from-your-computer-5b484e90163e

https://www.crowdsupply.com/excamera/spidriver

http://www.excamera.com/sphinx/index.html

Standard
Uncategorized

CrowdSupply: SPIDriver: A better SPI adapter

https://www.crowdsupply.com/excamera/spidriver

SPIDriver is an easy-to-use tool for controlling SPI devices. It works with Windows, Mac and Linux, and has a built in color screen that shows a live logic-analyzer display of all SPI traffic. It uses a standard FTDI USB serial chip to talk to the PC, so no special drivers need to be installed. The board includes 3.3 and 5V supplies with voltage and current monitoring.

Standard
Uncategorized

INTEL-SA-00087: Unsafe Opcodes exposed in Intel SPI based products

Unsafe Opcodes exposed in Intel SPI based products
Intel ID: INTEL-SA-00087
Product family: Multiple Generations
Impact of vulnerability: Denial of Service
Severity rating: Important
Original release: Apr 03, 2018

Configuration of SPI Flash in platforms based on multiple Intel CPUs allows a local attacker to alter the behavior of the SPI Flash, potentially leading to a Denial of Service. This issue has been root-caused, and the mitigation has been validated and is available. Intel identified this issue internally. Issue is root-caused, and the mitigation is known and available. To Intel’s knowledge, the issue has not been seen externally. Intel recommends that users always check with their system manufacturer’s support sites to make sure they have the latest, security updates installed.

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00087&languageid=en-fr

Standard
Uncategorized

Flashing Minnows

Vincent points out an interesting article about using SPI on Minnowboards using Linux:

Excerpt:

Flashing MinnowBoard MAX With the SPI Hook in Linux

If you are doing development on the MinnowBoard MAX board having the ability to read from, write to, and erase the onboard SPI Flash memory is very useful. The SPI Hook tool from TinCanTools provides exactly this functionality. Priced at only $29USD the SPI Hook provides an affordable alternative to much more expensive tools such as the Dediprog SF100 SPI Flash Programmer that retails for $230USD. The SPI Hook is not as fast as more expensive tools but for most development needs it’s fast enough. The SPI Hook also provides a virtual Serial Port for communicating with the MinnowBoard MAX. […]

 

http://billtraynor.com/post/2015/11/12/flashing-minnowboard-max-with-the-spi-hook-in-linux/

Standard