Hello guys
I am working hard with Taylor actually to try to exploit the notes vuln.
As we can make the jtag dumps of the mem, we can clearly follow our buffer
overflow in the memory..
i think we are perhaps close to something useful.
For having more complete memory dumps, i need to cycle a lot through reset->wait
for the boot->jtag dump of the DCache...
But the Dcache info is limited, some data is corrupt, etc... But by putting
together many logs, we could have reliable dumps.
I would therefore need someone who is capable of writing a parser which can
take the raw data from a log, and sort the memory values according to their
values, etc...
what i get :
lines like :
0x09d7dc00: 41414141 41414141 41414141 41414141
(address, and 4 words of data)
some lines are invalid, they have a random 16bit repeating pattern like in the
example
This random pattern can be all0, allF or any other 16 or perhaps 32bit
Sometimes this pattern is also valid, so we would need statistics to help
see an exemple file in attach...
any volunteers ?
sto
parport port = 0
jtag_speed: 1
jtag_nsrst_delay: 30
Error: Translation from khz to jtag_speed not implemented
Info : JTAG tap: arm.taptap tap/device found: 0x10940f0f (mfg: 0x787, part:
0x0940, ver: 0x1)
target state: halted
target halted in ARM state due to debug-request, current mode: Supervisor
cpsr: 0x20000093 pc: 0x2204e8f4
0x08014ec0: 00000000 00000000 00000000 00000000
0x09d7eb00: 414d4341 414e4341 414f4341 41504341
0x09d7e8c0: 55474141 56474141 57474141 58474141
0x085b2fc0: 00000000 00000003 00000017 085abb64
0x085fc680: 080f080f 080f080f 080f080f 080f080f
0x09e9b240: 09e9b290 4f4a4141 09e9b364 09d8006c
0x09d7e240: 4f414141 50414141 51414141 52414141
0x09d7efc0: 080f080f 080f080f 080f080f 080f080f
0x09d7e5c0: 080f080f 080f080f 080f080f 080f080f
0x09d7e380: 51444141 52444141 53444141 54444141
0x09d7f100: 080f080f 080f080f 080f080f 080f080f
0x09d7f340: 44414142 44414143 44414144 44414145
0x081634c0: 080f080f 080f080f 080f080f 080f080f
0x08601940: 00000000 00000000 00000000 00000000
0x09d7e700: 4d434141 4e434141 4f434141 50434141
0x09d7f6c0: 4241414f 42414150 42414151 42414152
0x09d7e4c0: 53474141 54474141 55474141 56474141
0x0863e800: 00000000 00000000 00000000 00000000
0x00001580: 00000000 00000000 00000000 00000000
0x081a3680: e8bd8010 22003fc4 2200dfd4 e3a03000
0x09d7ea80: 41474241 41484241 41494241 414a4241
0x09d7e840: 4f464141 50464141 51464141 52464141
0x09d7f800: 00000000 00000000 00000000 00000000
0x09d7ee00: 00000000 00000000 00000000 00000000
0x0808ce80: 00000000 00000000 00000000 00000000
0x09d7e980: 51494141 52494141 53494141 54494141
0x09d7f940: 48414153 48414154 48414155 48414156
0x081630c0: e5c40000 e59f0004 e8bd8010 085b4cb8
0x09d7ef40: 41434441 41444441 41454441 41464441
0x085b6340: 085adda6 085addc3 085adb65 085adb5e
0x09d7ed00: 00000000 00000000 00000000 00000000
0x08087200: 00000000 00000000 00000000 00000000
0x09d7f080: 00000000 00000000 00000000 00000000
0x09d7e440: 00000000 00000000 00000000 00000000
0x09d7f640: 41414149 4141414a 4141414b 4141414c
0x086c7240: 00000000 00000000 00000000 00000000
0x085ee0c0: 00000025 00000006 00000000 09ef5560
0x09d7e7c0: 49454141 4a454141 4b454141 4c454141
0x09d7f9c0: 00000000 00000000 00000000 00000000
0x09d7e300: 00000000 00000000 00000000 00000000
0x09d7f780: 00000000 00000000 00000000 00000000
0x09d7e580: 00000000 00000000 00000000 00000000
0x09d7e680: 47424141 48424141 49424141 4a424141
0x09d7e900: 00000000 00000000 00000000 00000000
0x09d7eb40: 00000000 00000000 00000000 00000000
0x09d7f8c0: 4741414d 4741414e 4741414f 47414150
0x085ee580: 39c00000 39c00010 39c00008 39c00004
0x09d7eec0: 41574241 41584241 41594241 415a4241
0x09d7ea00: 00000000 00000000 00000000 00000000
0x09e9b280: 00000000 00000000 00000000 00000000
0x0859b540: 00000000 00000000 00000000 00000000
0x08014f00: 00000000 00000000 00000000 00000000
0x085fc800: 00000000 00000000 00000000 00000000
0x085e97c0: 00000000 00000000 00000000 00000000
0x09d7f380: 44414152 44414153 44414154 44414155
0x08227580: 00000000 00000000 00000000 00000000
0x09d7e280: 45424141 46424141 47424141 48424141
0x09d7e500: 49484141 4a484141 4b484141 4c484141
0x09d7f700: 00000000 00000000 00000000 00000000
0x09d7f4c0: 47414154 47414155 47414156 47414157
0x0863e840: 00000000 00000000 00000000 00000000
0x09d7e600: 41414141 42414141 43414141 44414141
0x09d7e3c0: 00000000 00000000 00000000 00000000
0x09d7e880: 45474141 46474141 47474141 48474141
0x0816ff80: 00000000 00000000 00000000 00000000
0x09d7e740: 43444141 44444141 45444141 46444141
0x085b2e40: 08601928 0860199c 09ff77fc 00000000
0x085b2c00: ad55ffff 000052aa 00000001 00000000
0x09ecb1c0: 00000000 00000000 00000000 00000000
0x085ff7c0: 00000000 00000000 00000000 00000000
0x09d7f0c0: 00000000 00000000 00000000 00000000
0x085fc9c0: 00000000 00000000 00000000 00000000
0x09d7e200: 09e909e9 09e909e9 09e909e9 09e909e9
0x09d7f1c0: 41474a41 41484a41 41494a41 414a4a41
0x086c7280: 09e909e9 09e909e9 09e909e9 09e909e9
0x09d7ef80: 09e909e9 09e909e9 09e909e9 09e909e9
0x09d7e340: 09e909e9 09e909e9 09e909e9 09e909e9
0x09d7f7c0: 09e909e9 09e909e9 09e909e9 09e909e9
0x00002cc0: 00000000 00000000 00000000 00000000
0x09d7e480: 09e909e9 09e909e9 09e909e9 09e909e9
0x09d7e6c0: 57424141 58424141 59424141 5a424141
0x09d7f680: 09e909e9 09e909e9 09e909e9 09e909e9
0x09d7f900: 09e909e9 09e909e9 09e909e9 09e909e9
0x09d7ea40: 09e909e9 09e909e9 09e909e9 09e909e9
0x09d7e800: 09e909e9 09e909e9 09e909e9 09e909e9
0x09d7fa00: 09e909e9 09e909e9 09e909e9 09e909e9
0x085fc5c0: 00000000 00007000 00000000 00000000
0x085fc380: 09e909e9 09e909e9 09e909e9 09e909e9
0x09d7e940: 41494141 42494141 43494141 44494141
0x000032c0: 00000000 00000000 00000000 00000000
0x085addc0: 70006c69 6c61706f 7526006c 26006c6d
0x086c7200: 44494449 44494449 44494449 44494449
0x08084000: 44494449 44494449 44494449 44494449
0x09d7e2c0: 44494449 44494449 44494449 44494449
0x09d7f280: 44494449 44494449 44494449 44494449
0x09d7e400: 44494449 44494449 44494449 44494449
0x085ee2c0: 44494449 44494449 44494449 44494449
0x085feec0: 48414841 48414841 48414841 48414841
0x09d7e9c0: 48414841 48414841 48414841 48414841
0x09d7e540: 48414841 48414841 48414841 48414841
0x09d7f980: 48414841 48414841 48414841 48414841
0x09d7e780: 42414241 42414241 42414241 42414241
0x0804bb00: 42414241 42414241 42414241 42414241
0x09d7e8c0: 55474141 56474141 57474141 58474141
0x09d7f4c0: 47414154 47414155 47414156 47414157
0x09e9b240: 09e9b290 4f4a4141 09e9b364 09d8006c
0x09d7e600: 41414141 42414141 43414141 44414141
0x09d7e880: 45474141 46474141 47474141 48474141
0x09d7f840: 42414241 42414241 42414241 42414241
0x09d7e5c0: 080f080f 080f080f 080f080f 080f080f
0x09e9b200: 42414241 42414241 42414241 42414241
0x09d7e700: 42414241 42414241 42414241 42414241
0x086c72c0: 42414241 42414241 42414241 42414241
0x09d7f6c0: 42414241 42414241 42414241 42414241
0x09a31040: 42414241 42414241 42414241 42414241
0x09d7e840: 4f464141 50464141 51464141 52464141
0x09d7f1c0: 42414241 42414241 42414241 42414241
0x086c7280: 42414241 42414241 42414241 42414241
0x09d7e980: 42414241 42414241 42414241 42414241
0x09d7f940: 42414241 42414241 42414241 42414241
0x09e9b1c0: 09f1fda0 080fab64 09d7e600 08601928
0x085ea500: 42414241 42414241 42414241 42414241
0x09d7f7c0: 09e909e9 09e909e9 09e909e9 09e909e9
0x08601900: 42414241 42414241 42414241 42414241
0x09d7e6c0: 57424141 58424141 59424141 5a424141
0x09d7f900: 42414241 42414241 42414241 42414241
0x085ff3c0: 47414741 47414741 47414741 47414741
0x09d7f2c0: 47414741 47414741 47414741 47414741
0x09eff680: 4c454c45 4c454c45 4c454c45 4c454c45
0x09d7e800: 09e909e9 09e909e9 09e909e9 09e909e9
0x09efd540: 4c454c45 4c454c45 4c454c45 4c454c45
0x09d7f640: 41414149 4141414a 4141414b 4141414c
0x086c7240: 00000000 00000000 00000000 00000000
0x085ee300: 4c454c45 4c454c45 4c454c45 4c454c45
0x09d7e940: 4c454c45 4c454c45 4c454c45 4c454c45
0x09e9b180: 4c454c45 4c454c45 4c454c45 4c454c45
0x09d7e7c0: 4c454c45 4c454c45 4c454c45 4c454c45
0x09d7f9c0: 00000000 00000000 00000000 00000000
0x09d7e680: 4c454c45 4c454c45 4c454c45 4c454c45
0x09e9b2c0: 09d8006c 00000000 00000000 0809f444
0x09d7f8c0: 4c454c45 4c454c45 4c454c45 4c454c45
0x09d7f600: 4c454c45 4c454c45 4c454c45 4c454c45
0x09d7e640: 51414141 52414141 53414141 54414141
0x09e9b280: 4c454c45 4c454c45 4c454c45 4c454c45
0x09d7f880: 46414157 46414158 46414159 4741415a
0x085ee080: 4c454c45 4c454c45 4c454c45 4c454c45
0x09d7e9c0: 08090809 08090809 08090809 08090809
0x09d7f740: 08090809 08090809 08090809 08090809
0x085e9dc0: 09d809d8 09d809d8 09d809d8 09d809d8
0x09d7e780: 42414241 42414241 42414241 42414241
0x09d7f980: 44414441 44414441 44414441 44414441
background polling: off
TAP: arm.taptap (enabled)
target state: halted
target halted in ARM state due to debug-request, current mode: Supervisor
cpsr: 0x20000093 pc: 0x2204e8f4
r0: 22001f08 r0: 22001f08 r0: 22001f08 r0: 22001f08
r0: 22001f08 r0: 22001f08
r1: 00000000 r1: 00000000 r1: 00000000 r1: 00000000
r1: 00000000 r1: 00000000
r2: 00000000 r2: 00000000 r2: 00000000 r2: 00000000
r2: 00000000 r2: 00000000
r3: 09d7e980 r3: 09d7e980 r3: 09d7e980 r3: 09d7e980
r3: 09d7e980 r3: 09d7e980
r4: 00000005 r4: 00000005 r4: 00000005 r4: 00000005
r4: 00000005 r4: 00000005
r5: 00000020 r5: 00000020 r5: 00000020 r5: 00000020
r5: 00000020 r5: 00000020
r6: 085ee580 r6: 085ee580 r6: 085ee580 r6: 085ee580
r6: 085ee580 r6: 085ee580
r7: 0402843e r7: 0402843e r7: 0402843e r7: 0402843e
r7: 0402843e r7: 0402843e
r8: 08002020 r8_fiq: ffffffff r8: 08002020 r8: 08002020
r8: 08002020 r8: 08002020
r9: 00000001 r9_fiq: ffffffff r9: 00000001 r9: 00000001
r9: 00000001 r9: 00000001
r10: 0000040a r10_fiq: ffffffff r10: 0000040a r10: 0000040a
r10: 0000040a r10: 0000040a
r11: 09f1fda0 r11_fiq: ffffffff r11: 09f1fda0 r11: 09f1fda0
r11: 09f1fda0 r11: 09f1fda0
r12: 09d7e981 r12_fiq: ffffffff r12: 09d7e981 r12: 09d7e981
r12: 09d7e981 r12: 09d7e981
r13_usr: ffbfffff r13_fiq: 085e94a0 r13_irq: 2200e998 r13_svc: 086c72b8
r13_abt: 085e90a0 r13_und: 085e90a0
lr_usr: ffffffff lr_fiq: ffffffff lr_irq: 0816ed84 lr_svc: 0808cf14
lr_abt: ffffffff lr_und: ffffbfff
pc: 2204e8f4 pc: 2204e8f4 pc: 2204e8f4 pc: 2204e8f4
pc: 2204e8f4 pc: 2204e8f4
cpsr: 20000093 spsr_fiq: 00000010 spsr_irq: 20000013 spsr_svc: 80000013
spsr_abt: 00000010 spsr_und: 00000010
_______________________________________________
Linux4nano-dev mailing list
[email protected]
https://mail.gna.org/listinfo/linux4nano-dev
http://www.linux4nano.org
