Finally got around to connecting my #olimex #ice40 development board to power again, and getting a bit stream programmed onto it.
(I really haven't played enough with it)
"Back in the day" I'm sure I used a raspberry pi for the programming.
This time I tried using a dirt cheap #ch341a for the programming, its a bit on the slow side, especially when programming all 2MB of SPI flash.
Probably should limit the number of bytes to be programmed and/or switch to one of my #ch347 boards
Finally!
Daring again to flash #heads #coreboot from #nitrokey onto my good old #thinkpad t430.
The documentation is pretty horrible, as a beginner it was really hard to find info on how the hell to assemble a #CH341a programmer?
Got it working, see on the picture.
Then running #flashrom (as root, couldnt find the udev rules to allow it rootless) to detect the chips, backup and verify the stock ROM, and write heads onto them!
Что нового в IMSProg?
Пару месяцев назад я писал историю создания программатора микросхем CH341a для Linux систем. Благодаря вашим отзывам и комментариям программа изменилась, надеюсь в лучшую сторону.
CH341A tool
This is a Windows tool adding extra functionality to popular EEPROM/FLASH programmer based on #CH341A USB to I2C/SPI/UART converter - using it as a general purpose interface.
CH341A tool
This is a Windows tool adding extra functionality to popular EEPROM/FLASH programmer based on #CH341A USB to I2C/SPI/UART converter - using it as a general purpose interface.
Flash Programmer Shows Some Nifty Tricks https://hackaday.com/2023/11/05/flash-programmer-shows-some-nifty-tricks/ #PeripheralsHacks #ToolHacks #hardware #CH341A #i2c #usb
why do i keep getting this error:
No EEPROM/flash device found.
Note: flashrom can never write if the flash chip isn't found automatically.
I swear I've connected everything properly and even supplied the router with power, as well as supplying the #CH341A programmer with ample voltage, and yet even after switching connectors, it won't work with me.
Either I need a reboot, a universal programmer, a better probe, or I need to read the manual more.
this already reminds me of my first days with #voidlinux.
Is That The Moon Worming Its Way Into Your BIOS?
When facing a malware situation, the usual "guaranteed solution" is to reinstall your OS. The new developments in malware world will also require you to have a CH341 programmer handy. In an arguably inevitable development, [Kaspersky Labs] researchers have found an active piece of malware, out in the wild, that would persist itself by writing its bootstrap code into the BIOS chip. It doesn't matter if you shred the HDD and replace it with a new one. In fact, so-called MoonBounce never really touches the disk at all, being careful to only store itself in RAM, oh, and the SPI flash that stores the BIOS code, of course.
MoonBounce is Microsoft-tailored, and able to hook into a chain of components starting from the UEFI's DXE environment, through the Windows Loader, and finishing as a part of svchost.exe, a process we all know and love.
This approach doesn't seem to be widespread - yet, but it's not inconceivable that we'll eventually encounter a ransomware strain using this to, ahem, earn a bit of extra cash on the side. What will happen then - BIOS reflashing service trucks by our curbsides? After all, your motherboard built-in BIOS flasher UI is built into the same BIOS image that gets compromised, and at best, could be disabled effortlessly - at worst, subverted and used for further sneaky persistence, fooling repairpeople into comfort, only to be presented with one more Monero address a week later.
Will our hardware hacker skills suddenly go up in demand, with all the test clip fiddling and SOIC-8 desoldering being second nature to a good portion of us? Should we stock up on CH341 dongles? So many questions!
This week's installment of "threat vectors that might soon become prevalent" is fun to speculate about! Want to read about other vectors we might not be paying enough attention to? Can't go wrong with supply-chain attacks on our repositories! As for other auxiliary storage-based persistence methods - check out this HDD firmware-embedded proof-of-concept rootkit. Of course, we might not always need the newfangled ways to do things, the old ways still work pretty often - you might only need to disguise your malicious hardware as a cool laptop accessory to trick an average journalist, even in a hostile environment.
Thanks to Brendan Dolan-Gavitt on Twitter for highlighting this to us!
Main image courtesy Kaspersky Labs.
BIOS Flashing Journey Writeup Puts Tutorials To Shame
A couple of weeks ago, [Doug Brown] bought a Ryzen motherboard, advertised as "non-working" and discounted accordingly. He noticed that the seller didn't test it with any CPUs old enough to be supported by the board's stock BIOS revision, and decided to take a gamble with upgrading it.
Not having a supported CPU in hand either, he decided to go the "external programmer" route, which succeeded and gave this board a new life. This is not why we're writing this up, however. The reason this article caught our eye is because [Doug]'s research leaves no stone unturned, and it's all there to learn from. Whether through careful observation or thorough research, this article covers all the important points and more, serving as an example to follow for anyone looking to program their BIOS.
For instance, [Doug] correctly points out a design issue with these common programmers resulting in 5 V getting onto the 3.3 V data lines, and fixes it by rewiring the board. Going through all the letters in the ICs part number, something that many of us would dismiss, [Doug] notices that the flash chip is 1.8 V-only and procures a 1.8 V adapter to avoid the possibility of frying his motherboard. After finding out that the 1.8 V adapters don't work for some people, he reverse-engineers the adapter's schematics and confirms that it, indeed, ought to work with the specific parts on adapter he received.
Noting another letter in the part number implying the flash chip might be configured for quad-SPI operation, he adds series resistors to make sure there's no chance of the programmer damaging the BIOS chip with its hardwired pinout. This is just an example of the insights in [Doug]'s article, there's way more that we can't mention for brevity, and we encourage you to check it out for yourself.
With this level of care put into the process, it's no surprise that the modification was successful. The kind of inquisitiveness shared here is worth aspiring to, and writeups like this often surpass general-purpose tutorials in their insights and usefulness. What's your "successfully making use of something sold as non-working" story?
If you're looking for other insightful BIOS stories, we've covered someone reverse-engineering their BIOS to remove miniPCIe card whitelisting. We've typically covered BIOS modification stories in laptops, since there's more incentives to modify these, but a lot of laptop BIOS articles will apply to desktop motherboards too, such as this supervisor password removal story or this LibreBoot installation journey by our own [Tom Nardi].
Thank you [Sidney] for sharing this with us!
#computerhacks #repairhacks #bios #ch341 #ch341a #motherboard #ryzen
I can't believe it. With this neat 1.8V adapter, I can actually read out the #firmware from my A300 DeskMini devices. \o/ I just need to be patient with the slow #CH341A and 16 megabytes. :D
Best part: It works consistently. Woop woop!
For some older #Toshiba laptop's #mainboard, a Satellite A210-15Y model, I needed a bit more power than the #CH341A could deliver to read the #firmware from the flash chip. This is as hacky and safe as it looks, but it works. :) ✨👩🏻💻✨
