just as a suggestion: first introduce the devices in video and mention them by typing their name beside them in the first scene of video,i enjoyed it ThanX
Great video. This is a process that I’ve never done myself, and I always wondered what it’s like. The explanation of the required tools (and why they’re needed) is really good as well.
Merhaba, izlediğim en faydalı video bu oldu diyebilirim. Detaylı ve dolu dolu içerikle hazırladığınız bu video için Allah sizden razı olsun. Çok çok çok sağolun, elinize sağlık.
loved your video. I watched the whole video. Funny thing is i actually had bought a usb to serial adapter a while ago. I had no idea what to do with. Now I know what kind of site quiz I can go on. 😁
13:29 "3: System Boot system code via Flash" - this is option 3 in the uboot boot menu. It is possible to send a different option via serial keyboard input - like boot to root shell. But this may not be always possible. But in this case, you get to a shell from the get-go.
Thank you for information. I have LPC1778 I i tried to read with Flash magic . And i get massage, security violation in device. What i can do ?! I Wann get the firmware.
PL2303 has the right voltage? I meaning 3.3 by default. I get confused about the right voltage, do you have another video about the voltage? If you test the PL2303 pins, what voltage do you get?
dunno if anyone cares but if you guys are bored like me during the covid times then you can watch all of the latest movies and series on instaflixxer. Been streaming with my girlfriend recently =)
Hey guys by any chance does anyone know how I can pipe all the output from the terminal into a txt file on Linux. I've tried tee, >, >>, and script and still have yet to get the terminal output into a txt file.
thanks a lot. how we can extract portable wireless modems firmware? (4G or TD/LTE) for example modems which is locked. i mean they restricted to work only with specific SIM Cards.
Well it depends on the modem. I don't know about your modem, but I have seen some that save all the required info on a config file. If you access it via UART, you can edit the file and bypass the limitations.
Pretty sure eeprom isn't even a ROM. Its and can be erased and flashed many times. Data can be modified by the device itself, so its also used in microcontrollers to store data after power off.
Usually ground is the easiest to identify (simply using a multimeter's continuity mode, with other known grounds). RX and TX can be identified using multiple methods: one is to simply try (there's no harm in using them in the wrong order), second is to use a logic analyzer to "see" what's happening on the wire. I think some UART tools also can auto-discover it. Usually one has lots of data/activity going on, while the other is simply quiet, which means even a voltmeter can be used to identify RX (using fluctuations in the voltage)
Hi, I used 115200 Baud rate for UART, which is connected to the IP camera board, but as soon as I give the power, the putty window displays garbage values, need your inputs/suggestion
@@JordanPlayz158I second this for anybody reading this for future reference. I'm new at this but have seen that the wrong baudrate will give you garbage.
Because the firmware contains the actual code, and it might be possible to find remote vulnerabilities and therefore attack other similar devices remotely. Another thing that you can try locally, is hardware fault injection (including voltage glitching, electromagnetic fault injection, etc)
سلام ضمن تشکر از آموزش و اطلاعاتی که منتشر کردید . من بخوام با ماژول uart از یک مودم 4g دامپ تهیه کنم و سپس این دامپ و برگردونم رو یک مودم دیگه از همین مدل آیا امکانش هست ؟ یا نیاز به پروگرامر مثل اونی که شما تو فیلم استفاده کردید دارم ؟ با تشکر
Dump or Extract U-Boot from the running board. OR Dump memory to a file from the U-Boot console using the Memory Display command. This will be helpful in debugging in the situation like you have a board with U-Boot running and don't have the same version of U-Boot binary and want to test on another board. ruclips.net/video/yDFMcBNGW3U/видео.html
@@MehdiHacks ok than tell me one thing which default programming language is there in that linux shell there. like in windows we have .VBS as default....... Except bash script
![[#2024MAMA] ROSÉ (로제), Bruno Mars - APT. | Mnet 241122 방송](http://i.ytimg.com/vi/dgGqD28J6aQ/mqdefault.jpg)
just as a suggestion: first introduce the devices in video and mention them by typing their name beside them in the first scene of video,i enjoyed it ThanX
Very well done. Clearly explained, step-by-step.
Great video. This is a process that I’ve never done myself, and I always wondered what it’s like. The explanation of the required tools (and why they’re needed) is really good as well.
It would be nice to have a video where you edit the firmware and you flash it back to the device!
Merhaba, izlediğim en faydalı video bu oldu diyebilirim. Detaylı ve dolu dolu içerikle hazırladığınız bu video için Allah sizden razı olsun. Çok çok çok sağolun, elinize sağlık.
loved your video. I watched the whole video. Funny thing is i actually had bought a usb to serial adapter a while ago. I had no idea what to do with. Now I know what kind of site quiz I can go on. 😁
Need more details video about this topic. You are great ❤. Love from Bangladesh.
Thx Mahdi jaan. Would u please upload more videos like this? Amazing bro.
Great information in this video. Louder audio would be great, as I struggled to hear everything when the volume was set to maximum value.
So grateful, it's a good tutoring video with so much detailed explanation.
Wonderful video. Hopefully you will have more of this.
Cheers mate
wow, this is the exact router I have. I'm actually surprised it works so well for such a cheap price
its cheap because it has zero security lol
@@myname-mz3lo and zero functionalities 😅
13:29 "3: System Boot system code via Flash" - this is option 3 in the uboot boot menu. It is possible to send a different option via serial keyboard input - like boot to root shell. But this may not be always possible. But in this case, you get to a shell from the get-go.
From the UK. Hi
Mehdi good introduction I need to go over the video again but it's a good start!!
Thank you very much😘. Looking forward to more practice hank-on work video.
it was so good , grateful for this tutorial
Plz make more thank u for making this type video
I will try my best. 👍 Please subscribe to get notified of my upcoming videos
I already subscribed you
Thank you Mr Mehdi so helpful
It was alot helpfull.
Thank you man
BROTHER, YOU ARE THE BEST!!! You oooh really helped me!! THANK YOU VERY
Thx you Mehdi, I learned a lot
Great video . Can you give other vulnerable devices list to practice
bahut badhiya dost.. great video,
Gee, this is very interesting and great way for troubleshooting a lot devices... thanks...:)
Legend Mehdi! Thanks for this
Thanks you (خیلی ممنون آقا مهدی)
Very well explained
using UART access, if the device have telnet, but disabled, can we enable it !
Thank you for information. I have LPC1778 I i tried to read with Flash magic . And i get massage, security violation in device. What i can do ?! I Wann get the firmware.
Thank you
that was a complete tutorial. thanks in advanced
PL2303 has the right voltage? I meaning 3.3 by default.
I get confused about the right voltage, do you have another video about the voltage?
If you test the PL2303 pins, what voltage do you get?
Hello, to to extract firmware from MCU with builtin flash memory such as Atmel ATSAMD21J?
impressive from Republic of Korea.
Great tutorial, thanks for sharing... just a question... I do not have the UART pins on the PCB. What options do I have?
Finding them is not very difficult. Do you have any pin headers on the board at all?
Hi
How can i reverse engineering dump any eeprom for example s2943 i try ghidra but iam not get any thing
Great video! Thanks a lot!
dunno if anyone cares but if you guys are bored like me during the covid times then you can watch all of the latest movies and series on instaflixxer. Been streaming with my girlfriend recently =)
@Drew Sam Definitely, have been watching on Instaflixxer for since november myself :D
Can you repack the bin again by making some changes
I am undable to enter into the shell, it keeps saying cmd is “echo “” > /etc/TZ”
Hey guys by any chance does anyone know how I can pipe all the output from the terminal into a txt file on Linux. I've tried tee, >, >>, and script and still have yet to get the terminal output into a txt file.
thanks a lot.
how we can extract portable wireless modems firmware? (4G or TD/LTE)
for example modems which is locked. i mean they restricted to work only with specific SIM Cards.
Well it depends on the modem. I don't know about your modem, but I have seen some that save all the required info on a config file. If you access it via UART, you can edit the file and bypass the limitations.
hello, is it possible to flash firmware in UART mode?
Great video, Mr electroboom
Pretty sure eeprom isn't even a ROM. Its and can be erased and flashed many times. Data can be modified by the device itself, so its also used in microcontrollers to store data after power off.
How do you identify which pin hole is for gnd, rx, tx, when there's nothing write on the pcb?
Usually ground is the easiest to identify (simply using a multimeter's continuity mode, with other known grounds). RX and TX can be identified using multiple methods: one is to simply try (there's no harm in using them in the wrong order), second is to use a logic analyzer to "see" what's happening on the wire. I think some UART tools also can auto-discover it. Usually one has lots of data/activity going on, while the other is simply quiet, which means even a voltmeter can be used to identify RX (using fluctuations in the voltage)
can we extract the firmware of tplink td-w8961n v3 ?
This is great, thanks a lot.
Hi, I used 115200 Baud rate for UART, which is connected to the IP camera board, but as soon as I give the power, the putty window displays garbage values, need your inputs/suggestion
Sounds like you may have the baud rate wrong, there are not many standard baud rates so it should not take too long to bruteforce the right one.
@@JordanPlayz158I second this for anybody reading this for future reference.
I'm new at this but have seen that the wrong baudrate will give you garbage.
what if i wanna save a project but i use free trial? can soone help
Flash file of other modems
From which site should I get it?
Free . Safe file .
آفرین مهندس
hallo bro can help me for my TPLINK re 450 v3 ..it briked ... thanks bro video
can CH341 also be used for UART?
Nice video, pal!!
I have this question rolling in my mind: why is it so important to work on the firmware?Can we "attack" another thing?
Because the firmware contains the actual code, and it might be possible to find remote vulnerabilities and therefore attack other similar devices remotely. Another thing that you can try locally, is hardware fault injection (including voltage glitching, electromagnetic fault injection, etc)
@@MehdiHacks Thank you for replying!. Dude, how can i contact you?. I need to ask you some more questions about UART and firmware! :)
@@toncho1986 You're welcome. You can reach me via Twitter: twitter.com/mehdi0x61
@@MehdiHacks Dude, have you got any email?. I do not use Twitter :/
@@toncho1986 DF2HF[at sign]pm.me
pues el firmware de tp-link se puede bajar sin compilar
Nice video.....u sound like electroboom
can i cahnge the ip address of this retour using this method?
سلام ضمن تشکر از آموزش و اطلاعاتی که منتشر کردید . من بخوام با ماژول uart از یک مودم 4g دامپ تهیه کنم و سپس این دامپ و برگردونم رو یک مودم دیگه از همین مدل آیا امکانش هست ؟ یا نیاز به پروگرامر مثل اونی که شما تو فیلم استفاده کردید دارم ؟ با تشکر
سلام. بسته به مدل فلش ممکنه بشه با UART روش بازنویسی کرد ولی سرراست ترین روش استفاده از پروگرمر هست.
More content about this
Dump or Extract U-Boot from the running board.
OR
Dump memory to a file from the U-Boot console using the Memory Display command.
This will be helpful in debugging in the situation like you have a board with U-Boot running and don't have the same version of U-Boot binary and want to test on another board.
ruclips.net/video/yDFMcBNGW3U/видео.html
Hi sir do you have dump file ac23 english ver?
Hey. Unfortunately not.
plz upload more videos
Is it possible to repair mi stick tv software with this method?
Hmmm. What do you mean? You can (re)write the firmware using SPI, if that's what you meant.
I liked it :)
Is python installed on that WiFi router terminal??? Plz anyone reply 🥺🥺🥺🥺🥺🥺🥺🥺🥺😭😭😭😭😭😭😭plz ?
To my knowledge, no.
@@MehdiHacks ok than tell me one thing which default programming language is there in that linux shell there. like in windows we have .VBS as default....... Except bash script
Is there a universal usb thing that supports jtag,spi,uart,rs232,i2c?
Yes. Bus pirate, Hydrabus, Shikra, Tigard, ...
Plz make more videos
Why not read the firmware via UART?
We found Electroboom's younger brother 🤣
That made me smile :D
You talk for long time out side the core of the address
Cute ^-^
why not use V pin in UART?
I could be wrong but the VCC pin from UART is only needed if the device doesn't have its own means of providing power.
اینتر کیبوردت سالمه هنوز؟
آقا مهدی توییتر نداری فالو کنیم؟ توی about چنل چیزی نبود
سلام. انتهای متن ویدیو لینک توییترم رو گذاشتم (mehdi0x61)
@@MehdiHacks اع چه جالب. فالوتون داشتم از قبل. متشکرم
IS THIS ELECTROBOOM ??? whats bro doing here
Haha. My name is Mehdi and I sound like him, but I'm not ElectroBOOM
@@MehdiHacks but youre still sus!! and also keep uploading vids
LOL i was thinking the same thing
عالی ولی حیف ادامه نمیدی چنلتو
my house almost burned down
bro sounds like electrobooooooooooom
خب ویدئو فارسی هم بذار☹️
derka derka
SIMlock code of Huawei B5318-42