Here we go, a FG implementation that only takes up ~10k with no dependencies: https://github.com/DavidBuchanan314/fusee-nano
Here we go, a FG implementation that only takes up ~10k with no dependencies: https://github.com/DavidBuchanan314/fusee-nano
On github you mentioned something about generating the payload on-the-fly. how would that work?
- Joined
- Apr 25, 2009
- Messages
- 777
- Trophies
- 0
- Location
- Tropical Island
- Website
- www.O-P-A.biz
- XP
- 9,502
- Country
FANTASTIC! I will order one of the "3g/4g router modem 150m" (since it lacks a proper name) test articles. Gonna have to wait a few days for delivery though.
Bear in mind that there are several versions of this hardware. The one linked is the one with the built-in battery pack. Since this is a full SoC embedded linux we are gonna be using, it can still do its original task with our new firmware. We should be able to cram some logic for the FG injector function so that it only fires when a switch in RCM mode is detected, and does its normal job otherwise.
---
ORDERED.
Last edited by Wierd_w,
CHIP is out of production, IIRC.
--------------------- MERGED ---------------------------
The "3g /4g router 150m" device is kinda bulky. I would not want it rigidly connected to my switch. A short 6in pigtail cable would be ideal. This could still fit nicely in a travel bag, and it doubles as a portable power pack for phones and other gadgets. Conceivably, it could be used to power the switch for longer road trips.
i guess we are going in a good direction.
gotta love switch scene.
and its just getting started
With this many hands converging on the same target, many solutions will become available. That means good things for the scene. By the time Atmosphere is ready, we should have at least one inexpensive DIY dongle ready for use with it. Nintendo should be shitting bricks.
I'm not much of a tinkerer, but I used to use "GL.iNet GL-AR300M-Lite" as a VPN tunnel for certain devices to connect to.
Anyway, I see some of you talking about mini routers like this, do you think this router could do something?
Here's some specs https://store.gl-inet.com/collections/travel-routers/products/gl-ar300m-lite-mini-smart-router
Anyway, I see some of you talking about mini routers like this, do you think this router could do something?
Here's some specs https://store.gl-inet.com/collections/travel-routers/products/gl-ar300m-lite-mini-smart-router
It comes out of the gate with openwrt, so "yes." Depending on how they did the firmware (is ehci-hcd.ko built into the kernel, or is it a loadable module?), you might need to build a custom firmware image that incorporates the FoF patch so that large control messages can be sent, or just build the ehci-hcd kernel module with the change and push it to the device, then either building and using the C implementation loader posted prior, or installing and using python and the ReSwitched FG injection script.
However, it appears to be externally powered, which is a mark against it. The chinese "3g /4g router 150m" comes in two variants- one that lacks a battery, and one that has a battery built in. The one with the built in battery has an on-switch. Since we only need it for what-- 10 seconds TOPS?-- we should be able to get a shitload of injections per charge. Given that we now have the ultra-compact C implementation of the injector, I have ordered one with the battery pack, and will build the needed flash package for it once my hardware arrives.
If you want to tinker with the mini smart router, go right ahead. The more options we have, the better off we all are.
For anyone who wants the smallest possible chip, I think it might be this:
http://linuxgizmos.com/worlds-smallest-quad-core-sbc-starts-at-8-dollars/
I’m not 100% sure it would work, but who knows!
http://linuxgizmos.com/worlds-smallest-quad-core-sbc-starts-at-8-dollars/
I’m not 100% sure it would work, but who knows!
a) My 10k implementation which was being discussed relies on the linux kernel
b) Good luck finding a USB host mode stack for PIC
That said, there are plenty of other inexpensive microcontrollers with a USB stack, namely the SAMD21
By the way RetrOid nice job on that minimal implementation of pushing the exploit, it cuts out any extra b.s. and just does what's necessary! Your version there is helping me understand how the payload works! Sometimes I just need a simplified straight to the point version of something to be able to clearly see how it's working.
My post:
Yea that's the thing to be aware of. Not just anything with a usb port will work, it has to have a USB host mode stack, just a client stack is not enough. The "VoCore2 + USB Header + MicroSD" shown to me by Wierd_w seems like it might do the job, but im still considering my options. If using that I think I would at least need to keep the microsd attached to hold the payload and should hopefully still fit with it (since the 16MB onboard isn't hardly anything). Then solder the usb connection directly (without the header). It even has wifi lol, so should be able to update the payload over wifi if necessary. (once installed would be slightly inconvenient to pop the sdcard for payload updating).
For the SAMD21, yup the data sheet says it:
One full-speed (12Mbps) Universal Serial Bus (USB) 2.0 interface
*Embedded host and device function*
Eight endpoints
The vocore is less explicit about whether it can act in usb host mode or not. But on a vocore wiki page I found this:
"VoCore is a tiny device created by Vonger based on the RaLink RT5350 SOC running at 360MHz. It features 32MB SDRAM, 8MB SPI Flash Interfaces include 802.11bgn, 10/100M Ethernet, USB, UART, I2C, I2S, PCM and JTAG With the optional Dock it can be powered by a MicroUsb Phone charger and has an USB Host port"
Which says USB Host so I think it does mean host mode support. Actually that looks like the vocore 1 not vocore 2 but if it was in v1 it should still be in the 2nd revision of it.
And anyway why linux? Because penguins... that's why! lol
Sometimes I just need a simplified straight to the point version of something to be able to clearly see how it's working.My post:
Yea that's the thing to be aware of. Not just anything with a usb port will work, it has to have a USB host mode stack, just a client stack is not enough. The "VoCore2 + USB Header + MicroSD" shown to me by Wierd_w seems like it might do the job, but im still considering my options. If using that I think I would at least need to keep the microsd attached to hold the payload and should hopefully still fit with it (since the 16MB onboard isn't hardly anything). Then solder the usb connection directly (without the header). It even has wifi lol, so should be able to update the payload over wifi if necessary. (once installed would be slightly inconvenient to pop the sdcard for payload updating).
For the SAMD21, yup the data sheet says it:
One full-speed (12Mbps) Universal Serial Bus (USB) 2.0 interface
*Embedded host and device function*
Eight endpoints
The vocore is less explicit about whether it can act in usb host mode or not. But on a vocore wiki page I found this:
"VoCore is a tiny device created by Vonger based on the RaLink RT5350 SOC running at 360MHz. It features 32MB SDRAM, 8MB SPI Flash Interfaces include 802.11bgn, 10/100M Ethernet, USB, UART, I2C, I2S, PCM and JTAG With the optional Dock it can be powered by a MicroUsb Phone charger and has an USB Host port"
Which says USB Host so I think it does mean host mode support. Actually that looks like the vocore 1 not vocore 2 but if it was in v1 it should still be in the 2nd revision of it.
And anyway why linux? Because penguins... that's why! lol
- Joined
- Apr 25, 2009
- Messages
- 777
- Trophies
- 0
- Location
- Tropical Island
- Website
- www.O-P-A.biz
- XP
- 9,502
- Country
Similar threads
