I wanted to add that these tutorial series may be one of the best hardware hacking tutorials. This series gave me confidence to start buying and taking apart random stuff to gain more knowledge. Thank you very much for the effort!
You sir are a human university, the best tutorials ever made, the most comprehensive and clear, keep up the good work, I am waiting for the next video in the series.
@@MakeMeHack Thank you for your Video, I need help! :( I think all my Devices have a malicous code, Smart TV, Monitor, Smartphone, Computer, Tablet, Xbox one, PS4...... They are all like radio controlled, they will be very fast hot, the sound will be quieter and quieter and the picture quality is worse, dark picture, even die Mini DAB Radio in the Kitchen have this malicous code, do you know about this malicous code?
This showed up in my feed today. I have no need to do any of this but I watched the entire video. You explain everything so well I just kept watching. Good job man.
I am a programmer at a finance company, but was always interested in hardware, mostly from a software perspective. I started looking at this series about a year ago and it kick-started a burning interest in electronics and hardware hacking in general. Now my desk is overcrowded with bread boards, several chips and boards like raspberry pies, several arduinos of different types, standalone mc chips, avr and arm cortex and have started soldering stuff together with sensors etc etc. The wires are every where. Even spreding out to the living room! Now I have started looking into openocd and things to get to the bottom of the hardware communication things, saw this video series again and this time I understand wth you are explaining (in terms of technology) which makes me appreciate the video series even more. Grazie mille!
This was a fantastic video - you have clear depth of knowledge, and you present better than almost every other hardware reversing video. I particularly like the context you give. So often presenters just show a wall of cryptic commands and output. You do a fantastic job in explaining.
This is perfect channel for all beginers in reverse firmware education and understanding what firmware works...Great job! Maybe in future we can send you some firmwares and you can make video from firmware analys this firmware.
Valerio, I really like the way you explain - detailed, clear and comprehensive, no shortcuts, no hiding details. Thank you for sharing your experience to us. I just discovered your channel, already subscribed and can't wait to watch from the beginning. Keep up the good work, I am sure this channel will grow up quick. (Y)
like i said in my tweet earlier today, this whole series is awesome. you fill in the blanks on a lot of information that is all over on RU-vid but not i none place. thank you.
Valerio, a genuinely informative video, packed with useful, advanced information that will inspire and spark the interest of tinkerers, young and old, everywhere. We all thank you for sharing so generously. For the feedback you asked for, I would encourage more use of text to display names and acronyms, because you naturally have an endearing strong accent and this could improve the clarity for a wider audience. I will definitely be learning from more of your videos. Subscribed.
Fantastic video's, the density of information is incredible to me! Absolutely loving this series, and particularly this video so far, there are so many things I always wondered about in boot logs that you have addressed, it's inspiring me to learn more about all the other bits in there as well!
I was all smiles during this entire video. Your expertise shows through and this was the exact content I was looking for. I am excited to learn more. Thank you!
I have watched most of your videos and what can I say is your videos are fantastic and very informative. I am too an electronic engineer and I'm trying to reverse engineer a set top box these days. Your tutorials were very much helpful for me. I'm currently trying to extract the firmware using JTAG since I have successfully identified JTAG port using your tutorial. Keep up the good work! P.s- you have a nice accent too ;-) I like it
Hello Isaiah Newman, thank you for your appreciation and support. I plan to continue with this series and with this channel. My original ambition was to release a video each week, but in reality, I need more time, so, on average I will release a new video every 10/14 days.
Hello sir I would really want to thank you for your awesome content! It's a real wealth of high quality hands on information coming from experience which you dont see often. Most of the time people make 1 short tutorial and thats itl. Also your english is very understandable and I would dare to say that its easier to follow than some native speakers. You really make an effort to speak clearly and it helps! Have you maybe thought about doing a patreon or something like that? I really hope that you will contineau producing videos!
Just in case someone stumbles upon here: uboot often has the commands to dump the contents of any connected SPI NOR or NAND flash disabled. Also, e.g. Xiaomi likes to disable UART-input entirely for uboot and the installed OS, so none of this will work in that case and you will need to either access the flash directly, use JTAG or find a vulnerability for the installed OS that lets you get root access that way.
I agree with the comments here. Thank you so much for sharing such amount of knowledge, in such a structured and brilliant way. We are lucky to have you. Gracie mille, from France.
I am also an old man.... I haven't seen Expect or TCL for many years.... Expect was ("was", no..... "IS") wonderful for this sort of thing. In the past I ran "end of day" on our mainframe using something very much like expect and my manager thought it was "black magic". I want to go back and look at my old TCL scripts now.
Re: TSOP (at 7:31) - there are clips for chips like this available. They can be found by searching for something like "nand tsop clip" or "360 clip". Security researchers use them to find TOCTOU (etc) firmware security flaws.
I have a hisense 50U6HF tv (Amazon version) I have soldered RX,TX, GND to debug area and get output in serial console but when i try to interrupt boot to get to uboot it says lockdown mode? I get a shell with no ability to input any commands. How to bypass this?
Maestro mille grazie di Germania por cet seria di video informativo. It was very nice to see in practice things having thought about theoretically. As a thanks I will subscribe your channel for the first time after watching non stop 15 years RU-vid videos.
You are simply awesome, I hadn’t any idea how to do this and luckily I found you (seems most OpenWRT based routers uses same bootloader structure), I’m very happy to see how you manage your videos/explanations, it denotes you have passion for you work. This is great sir! :) Hope you are safe under these rare days, take care good man!
Thanks for the video. I am currently trying to gain access to a system through UART. However, when I connect my UART-USB bridge, I can only see the output of the device (so baud rate seems to be correct) but cannot send any commands. I have checked the wiring and settings. Both TX and RX are connected to the MCU (I checked the traces). Do you have any idea other idea?
How to get firmware if i have only JTAG interface on board? On board i have small ic eeprom - this is all firmware of this board or in processor is another soft? I was looking channel like this about 1 year, i hope you turn back to making video!
Hello Sir. I got a cable modem device. It has a black cable where one end of it is connected to the motherboard and the other end of the cable has an audio jack connector facing outside. Do you know which type of cable should I use to connect to this audio jack and my laptop?.
Interesting video. Thanks for your explanation. Can you make Raspberry Pi Pico board as a tool to read/write firmware of CSR-BC417 Chip which is in cheap bluetooth module HC-05? I tried it but failed, and I don't know why.
Thank you and you gained another subscriber, I would like to change the firmware of an Epson printer, but I don't know if it's possible, just looking to find out
wow that is amazing, i have question is it possible to read not only eeprom but the whole BOOTloader and for example if we change the MCU to be available to reprogram and the device to work fine. (i mean to transplant new Microcontroler which is empty )
You can't sniff the router's WAN interface? What about creating a subnet using the target router connecting it's WAN interface to any LAN port on the primary router.
Hello Valerio, I have a printer board with BGA Flash (GL032N90FFI03 - Spansion Inc. Cypress semiconductor. I Would like to know how can I access this device and copy your firmware for install in a new BGA Flash? Thank you and kind regards.
Salve è complimenti per il video su Github, ho letto la tua guida per sostituire il Firmware con uno Open Source ad un wvrtm-127acn ho un wvrtm-130acn volevo sapere sè la procedura è la stessa!? è sé il Dump dell Firmware è indispensabile ó si può saltare in quanto richiede circa 11 ore per il dump!? Grazie!
Hello. I love every bit i read and hear from you. How ever, i have a test clip and a tl866ii programmer and the clip seems not to work or identify the chips. Please assist
Very professional video, how can we get in contact with you ? and can you do a video about a UBIFS file, i find it hard to extract data out of it, Thanks
Buonasera, Vorrei un informazione, dispongo di un hardware molto vecchio compatibile con windows XP. Se installo i software a corredo del dispositivo usando la compatibilità per Windows XP, riesco ad installarlo madonna qualche problema di librerie DLL. Inoltre, non si crea la porta COM necessaria a controllare il dispositivo in questione. Il Device consiste in un Controller per motori passo passo. Sarebbe teoricamente possibile estrarre il firmware e modificarlo per essere supportato dagli SO più moderni? Grazie anticipatamente