Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Practical Hardware Pentesting

You're reading from   Practical Hardware Pentesting A guide to attacking embedded systems and protecting them against the most common hardware attacks

Arrow left icon
Product type Paperback
Published in Apr 2021
Publisher Packt
ISBN-13 9781789619133
Length 382 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Jean-Georges Valle Jean-Georges Valle
Author Profile Icon Jean-Georges Valle
Jean-Georges Valle
Arrow right icon
View More author details
Toc

Table of Contents (20) Chapters Close

Preface 1. Section 1: Getting to Know the Hardware
2. Chapter 1: Setting Up Your Pentesting Lab and Ensuring Lab Safety FREE CHAPTER 3. Chapter 2: Understanding Your Target 4. Chapter 3: Identifying the Components of Your Target 5. Chapter 4: Approaching and Planning the Test 6. Section 2: Attacking the Hardware
7. Chapter 5: Our Main Attack Platform 8. Chapter 6: Sniffing and Attacking the Most Common Protocols 9. Chapter 7: Extracting and Manipulating Onboard Storage 10. Chapter 8: Attacking Wi-Fi, Bluetooth, and BLE 11. Chapter 9: Software-Defined Radio Attacks 12. Section 3: Attacking the Software
13. Chapter 10: Accessing the Debug Interfaces 14. Chapter 11: Static Reverse Engineering and Analysis 15. Chapter 12: Dynamic Reverse Engineering 16. Chapter 13: Scoring and Reporting Your Vulnerabilities 17. Chapter 14: Wrapping It Up – Mitigations and Good Practices 18. Assessments 19. Other Books You May Enjoy

Chapter 10

  1. It is a test interface and protocol that allows us to talk with an internal test engine. The behavior of the test engine is not defined in JTAG itself but is engine-specific.
  2. TCLK, TDI, TDO, and TMS. They respectively are Test Clock, Test Data In, Test Data Out, and Test Mode Select. TCLK clocks the debug engine; the data comes in from TDI, out from TDO, and TMS manages the state transition of the debug engine.
  3. No, it was made to test the soldering of chips and PCBs; chip debugging was added later as an afterthought.
  4. Since IDCODE is present on the DR by default, the JTAGulator doesn't have to send data to the chip to receive an IDCODE! A BYPASS scan finds it since it puts the chip in BYPASS mode and sends a test pattern through it.
  5. http://openocd.org/doc/html/General-Commands.html: mwd, mww, mwh, and mwb. For example, it can be used to stop a watchdog. Look at the stm32f1x.cfg file in OpenOCD!
  6. Yes it is! Now you can execute your own TCL and...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime