Maybe need Pico unique id?
https://stackoverflow.com/questions/72594333/arduino-rp2040-pico-unique-id
I don't know yet, as I'd need to virtualize the code myself first to know what it's even attempting to do.
Maybe need Pico unique id?
https://stackoverflow.com/questions/72594333/arduino-rp2040-pico-unique-id
This sounds very interesting. Hopefully someone out there could decrypt the dump if possible.This dumped firmware for rp2040 glitch from china.
Used "picotool save all" command from linux.
Post automatically merged:
Tested on Switch Lite
Chucked this thing on an rp2040-zero I had (not soldered into any switch sadly, I am NOT even remotely that good at soldering) and it definitely looks to be doing something. Plugging it into a USB-C port makes the LED go blue, then rapidly switch to green then turn off, I don't have a clue what it's actually doing, but if it's doing what it's thought to be then I'm gonna seriously consider looking around for people in my local area with actual soldering skill to see if I can get it in a console. Consider my interest piqued.This dumped firmware for rp2040 glitch from china.
Used "picotool save all" command from linux.
Post automatically merged:
Tested on Switch Lite
is this the correct pinout?Thank you guys, looks very shady. BTW after my request the seller send me this 'pinout scheme', hehe:
7 PIN:
29 - D0
28 - CMD
27 - CLK
26 - RST
15 - SOC shelf
Don't understand any bit about all of it tbh.
Pi pico have a swd port)What about SWD disabling in firmware. How to enable debugging?
Post automatically merged:
I found xref to encrypted data and, maybe, decryptor code. But i cant connect to target via swd port )
yepis this the correct pinout?
I know what Swd is, I asked how they turned it off? openocd is unable to connect to the target.Pi pico have a swd port)
yep
Also, using the attached file you can get your RP-2040-Zero unique Flash ID.I have some info about PicoFly so i'll share it with you.
1) Yes, it's really exist.
2) Yes, it can glitch (at least it definetely works with Switch Lite and Switch Oled).
3) Yes, you still need a cpu ribbon cable (V2 or higher).
4) The firmware is unique for each chip. Each chip has its own ID, and the firmware uses it for verification.
Example ID - Flash ID: D6 28 60 B8 1C 55 6A 25
5) You need three resistors (probably for protection?), ~45 ohm each.
Switch lite Solder scheme is attached (yes, it's low quality, but who cares?)
Given the talk of encryption in the firmware, I'm assuming you can't just hex edit the flash dump to put your own flash ID in and make it work.Also, using the attached file you can get your RP-2040-Zero unique Flash ID.
Connect rp-2040-zero to the PC. Look at the COM port of the chip in the device manager.
Just drug-and-drop .uf2 to your chip and then connect to the COM port using PuTTY or KiTTY (or whatever you use). Strings with a Flash ID of your chip will appear in the console (Flash ID: XX XX XX XX XX XX XX XX).
No! You need encrypt 2nd stage firmware with new key (generated with unique Flash ID)Given the talk of encryption in the firmware, I'm assuming you can't just hex edit the flash dump to put your own flash ID in and make it work.
do you have the source code of this, I really start to learning hoy to code this bugger, and is fun.Also, using the attached file you can get your RP-2040-Zero unique Flash ID.
Connect rp-2040-zero to the PC. Look at the COM port of the chip in the device manager.
Just drug-and-drop .uf2 to your chip and then connect to the COM port using PuTTY or KiTTY (or whatever you use). Strings with a Flash ID of your chip will appear in the console (Flash ID: XX XX XX XX XX XX XX XX).
Sir, I got my ID and still have hope for the release of this to become true.I have some info about PicoFly so i'll share it with you.
1) Yes, it's really exist.
2) Yes, it can glitch (at least it definetely works with Switch Lite and Switch Oled).
3) Yes, you still need a cpu ribbon cable (V2 or higher).
4) The firmware is unique for each chip. Each chip has its own ID, and the firmware uses it for verification.
Example ID - Flash ID: D6 28 60 B8 1C 55 6A 25
5) You need three resistors (probably for protection?), ~45 ohm each.
Switch lite Solder scheme is attached (yes, it's low quality, but who cares?)
I think this is the right onedo you have the source code of this, I really start to learning hoy to code this bugger, and is fun.
Also, using the attached file you can get your RP-2040-Zero unique Flash ID.
Connect rp-2040-zero to the PC. Look at the COM port of the chip in the device manager.
Just drug-and-drop .uf2 to your chip and then connect to the COM port using PuTTY or KiTTY (or whatever you use). Strings with a Flash ID of your chip will appear in the console (Flash ID: XX XX XX XX XX XX XX XX).
I have some info about PicoFly so i'll share it with you.
1) Yes, it's really exist.
2) Yes, it can glitch (at least it definetely works with Switch Lite and Switch Oled).
3) Yes, you still need a cpu ribbon cable (V2 or higher).
4) The firmware is unique for each chip. Each chip has its own ID, and the firmware uses it for verification.
Example ID - Flash ID: D6 28 60 B8 1C 55 6A 25
5) You need three resistors (probably for protection?), ~45 ohm each.
Switch lite Solder scheme is attached (yes, it's low quality, but who cares?)
3) Yes, you still need a cpu ribbon cable (V2 or higher).
Anyone have that flex on the desk and can check this one trace where go?
the code is on C, I am not getting there yet.I think this is the right one
https://github.com/raspberrypi/pico-examples/blob/master/system/unique_board_id/unique_board_id.c
#include "pico/unique_id.h"
String cadena;
String cadenaHex;
void setup() {
Serial.begin(115200);
while (!Serial) {
; // wait for serial port to connect. Needed for native USB port only
}
// send an intro:
Serial.println("\n\nPico Unique Board ID example:");
Serial.println();
pixels.begin();
}
void loop() {
pico_unique_board_id_t board_id;
pico_get_unique_board_id(&board_id);
cadena = "";
cadenaHex = "";
for (int i = 0; i < PICO_UNIQUE_BOARD_ID_SIZE_BYTES; ++i) {
//Serial.write(board_id.id[i]);
//Serial.write(13);
//Serial.write(10);
cadena += " ";
cadena += board_id.id[i];
cadenaHex += " ";
cadenaHex += String(board_id.id[i], HEX);
}
Serial.println("Flash ID (int): " + cadena);
Serial.println("Flash ID (hex): " + cadenaHex);
delay(250);
}