jtag for dummies
DESCRIPTION
JTAG for dummies. 31/01/2013 DCG # 7812. by @ cherboff. Intro. A long time ago…. WTF?. WOOOT?. Разработка Прототипирование О тладка Производство Прошивка Тестирование PCB и компонентов Сопровождение Сервис-центры (восстановление/обновление). JTAG from outside. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: JTAG for dummies](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812f08550346895d94a5ab/html5/thumbnails/1.jpg)
JTAG for dummies31/01/2013DCG #7812
by @cherboff
![Page 2: JTAG for dummies](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812f08550346895d94a5ab/html5/thumbnails/2.jpg)
Defcon Russia (DCG #7812) 2
Intro
![Page 3: JTAG for dummies](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812f08550346895d94a5ab/html5/thumbnails/3.jpg)
Defcon Russia (DCG #7812) 3
A long time ago…
WTF?
![Page 4: JTAG for dummies](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812f08550346895d94a5ab/html5/thumbnails/4.jpg)
Defcon Russia (DCG #7812) 4
WOOOT?
• Разработка– Прототипирование– Отладка
• Производство – Прошивка– Тестирование PCB и компонентов
• Сопровождение– Сервис-центры (восстановление/обновление)
![Page 5: JTAG for dummies](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812f08550346895d94a5ab/html5/thumbnails/5.jpg)
Defcon Russia (DCG #7812) 5
JTAG from outside
• TCK (clock)• TDI (data input)• TDO (data output)• TMS (mode select)• [RTCK] (reverse clock)• [RST] (reset)
![Page 6: JTAG for dummies](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812f08550346895d94a5ab/html5/thumbnails/6.jpg)
Defcon Russia (DCG #7812) 6
Slide_name
Core
JTAG
![Page 7: JTAG for dummies](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812f08550346895d94a5ab/html5/thumbnails/7.jpg)
Defcon Russia (DCG #7812) 7
A bit of theory
![Page 8: JTAG for dummies](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812f08550346895d94a5ab/html5/thumbnails/8.jpg)
Defcon Russia (DCG #7812) 8
A bit of theory
![Page 9: JTAG for dummies](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812f08550346895d94a5ab/html5/thumbnails/9.jpg)
Defcon Russia (DCG #7812) 9
What we can do with?
• Read / Write registers• Read / Write memory• Read / Write flash (!!!)
• Execution control }GOD Mode
![Page 10: JTAG for dummies](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812f08550346895d94a5ab/html5/thumbnails/10.jpg)
Defcon Russia (DCG #7812) 10
But…
• ARM Code security• Code protection fuses (AVR)
• PCB obfuscation and stuff
![Page 11: JTAG for dummies](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812f08550346895d94a5ab/html5/thumbnails/11.jpg)
11
Get armed!
• Hardware emulators• Debug software• Helpful tools
Defcon Russia (DCG #7812)
![Page 12: JTAG for dummies](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812f08550346895d94a5ab/html5/thumbnails/12.jpg)
Defcon Russia (DCG #7812) 12
Hardware : «Wiggler»
• Ultra low cost• Easy to assemble• Base features supported
![Page 13: JTAG for dummies](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812f08550346895d94a5ab/html5/thumbnails/13.jpg)
Defcon Russia (DCG #7812) 13
Hardware : U-Link / J-Link
• USB• Dozens of features• Open OCD support (J-Link)• ~ $500 (original)*
* ~ $12 from China with love ;-)
![Page 14: JTAG for dummies](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812f08550346895d94a5ab/html5/thumbnails/14.jpg)
Defcon Russia (DCG #7812) 14
Software
• Keil uVision• IAR• Open OCD
+ Open source+ Crossplatform+ gdb / eclipse integration
![Page 15: JTAG for dummies](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812f08550346895d94a5ab/html5/thumbnails/15.jpg)
Defcon Russia (DCG #7812) 15
JTAG In wild
• 10 x 2
• 7x2
• 5x2
etc…
![Page 16: JTAG for dummies](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812f08550346895d94a5ab/html5/thumbnails/16.jpg)
Defcon Russia (DCG #7812) 16
JTAG In wild
OR
![Page 17: JTAG for dummies](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812f08550346895d94a5ab/html5/thumbnails/17.jpg)
Defcon Russia (DCG #7812) 17
Point detection
• Check datasheets• Multimeter probing• Logic analysers• Special tools
![Page 18: JTAG for dummies](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812f08550346895d94a5ab/html5/thumbnails/18.jpg)
Defcon Russia (DCG #7812) 18
JtagenumAutomated JTAG scanner
+ open source+ Arduino based+ rs232 controlled+ full-featured CLI
![Page 19: JTAG for dummies](https://reader035.vdocuments.mx/reader035/viewer/2022062221/56812f08550346895d94a5ab/html5/thumbnails/19.jpg)
Defcon Russia (DCG #7812) 19
Questions?