Comments (3)
Looks like this is just because the 6P-based attack wasn't fully implemented. LMP_MONITOR_BUFFER_BASE_ADDRESS was never defined in fw_6p.py
If I comment out the log statement, things still fail badly:
[!] Received Stack-Dump Event (contains 10 registers):
[!] pc: 0x00201cc8 lr: 0x000464d3 sp: 0x002002a8 r0: 0x00201f55 r1: 0x00000000
r2: 0x00000001 r3: 0x00212848 r4: 0x00000010 r5: 0x00000000 r6: 0x00000010
[!] Stack dump @0x00200000 written to internalblue_stackdump.bin!
[!] recvThreadFunc: The controller send a stack dump. stopping..
[*] Shutdown complete.
[!] Not running. call connect() first!
[!] Not running. call connect() first!
[CRITICAL] Uncaught exception ('NoneType' object has no attribute '__getitem__'). Abort.
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/internalblue-0.1-py2.7.egg/internalblue/cli.py", line 71, in commandLoop
if(not cmd_instance.work()):
File "/usr/local/lib/python2.7/dist-packages/internalblue-0.1-py2.7.egg/internalblue/cmds.py", line 420, in work
monitorController.startMonitor()
File "/usr/local/lib/python2.7/dist-packages/internalblue-0.1-py2.7.egg/internalblue/cmds.py", line 339, in startLmpMonitor
self.internalblue.startLmpMonitor(self._callback)
File "/usr/local/lib/python2.7/dist-packages/internalblue-0.1-py2.7.egg/internalblue/core.py", line 642, in startLmpMonitor
if not self.patchRom(fw.LMP_MONITOR_LMP_HANDLER_ADDRESS, patch):
File "/usr/local/lib/python2.7/dist-packages/internalblue-0.1-py2.7.egg/internalblue/core.py", line 1066, in patchRom
self.patchRom(address - alignment, orig[:alignment] + patch[:4-alignment], slot)
File "/usr/local/lib/python2.7/dist-packages/internalblue-0.1-py2.7.egg/internalblue/core.py", line 1070, in patchRom
table_addresses, table_values, table_slots = self.getPatchramState()
File "/usr/local/lib/python2.7/dist-packages/internalblue-0.1-py2.7.egg/internalblue/core.py", line 1021, in getPatchramState
table_addresses.append(u32(table_addr_dump[i*4:i*4+4])<<2)
TypeError: 'NoneType' object has no attribute '__getitem__'
from knob.
Hey @JosiahOne
My repo provides the PoC of the KNOB attack only for the Nexus 5.
from knob.
Okay, I figured. Thanks for the quick response!
from knob.
Related Issues (7)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from knob.