Close

Does this project spark your interest?

Become a member to follow this project and don't miss any updates

Hardware Reverse Engineering Learning Platform

a hardware version of your crackme and reverseme games for learning hardware reverse engineering techniques without expensive tools

2.9k 3 69 48

This project was created on 06/20/2014 and last updated 2 months ago.

Description
I enjoy trying to reverse engineer the famous crackme and reverseme executables in my spare time. After reading the xbox reverse engineering book by bunnie I went looking at the my options for learning and experimenting with hardware reverse engineering. Unfortunately the options are few and expensive.

This is my attempt at creating an opensource inexpensive learning platform that can be used to learn various RE techniques without spending too much money on expensive tools. By slowing things down you can use cheap tools such as the buspirate and logicpirate

Details

The hardware reverse engineering platform is basically a shield for the new stm32 nucleo boards using the st-morpho connectors. It contains two arduino compatible microcontrollers and an eeprom. There are 9 data lines connected between the two microcontrollers and there is also i2c lines connecting the mcu's with an eeprom. The nucleo board handles loading the reverse engineering scenario on the shield (firmware on the avr's and data on the eeprom). 

Design Overview

This allows anyone to easily create firmware that depicts a possible RE situation. For example the two mcu's can communicate with each other using a certain protocol.

Test pins are added on all the data lines for connection to RE tools. There are also jumpers for breaking connecting between the two mcu's or to connect your own tools for inserting data to 'crack' the scenario. 

Arduino was chosen for the target mcu's because anyone needs to be able to create new RE scenario's without having to spend too much time getting the hardware to work. It's all about the reverse engineering and not firmware development.

The nucleo shield handles the setup of each RE scenario, basically on the pc side it will accept the firmware files and setup the avr mcu's with the new code for reverse engineering.

So it's re-usable for different scenario's and slow enough to use cheap tools :)

For updates you can also join the mailinglist.

Components
  • 2 × atmega328 Microprocessors, Microcontrollers, DSPs / ARM, RISC-Based Microcontrollers
  • 1 × AT24C256 Memory ICs / EEPROMs
  • 1 × NUCLEO-F401RE STM32 Nucleo development board for STM32 F4 series
  • 2 × 16 Mhz Crystal Crystal
  • 13 × Red Led 0603 LED
  • 4 × 18pF ceramic capacitor 0603 Ceramic Capacitor
  • 6 × 220E Resistor 0603 Resistor
  • 2 × 4K7 Resistor 0603 Resistors
  • 7 × 68E Resistor 0603 Resistors
  • 2 × 10K Resistor 0603 Resistors

See all components

Project logs
  • Hack-A-Day Prize Entry Ready

    2 months ago • 0 comments

    So I woke up this morning without any idea of the what I'm going to do for a video (ok, lots of ideas but nothing practical). I had a little bit of time during my lunch break so decided to give it a quick go and create something using VideoScribe. It's not the prettiest video out there, but it fulfills the entry requirements of a 2 min video.

    Entry Requirements: (for 20 Aug)

    (1) System Design Pic ... Check

    (2) 4+ Project Logs ... Check

    (3) 2 min video ... Check

    (4) Explain how your project is connected? .... uhm

    Well, I was hoping it was kinda obvious but a closer look at everything I've written and I'm not sure if the reader would understand how it's connected. In simple words, the main concept of this project is to be able to reverse engineer communication between two connected microcontrollers... aah see what I did there ? ;)

    I'm not sure if my project is really worthy of winning a prize such as going to space, but it's something that I've wanted to do for a long time (this project, not go to space ... ok, going to space as well but that's not what I meant... right?) and the contest has been motivation to get this project off the ground.

    Let's hope I didn't miss a requirement somewhere ?

  • v1.1 is alive!

    2 months ago • 0 comments

    I soldered up the new board, hooked it up onto the nucleo and loaded some test programs and all seems good. Communication to the two RE processors work and all led's go blinky. Time to write some real code now. Both the RE processors (the two atmega328's) are loaded with the arduino bootloader. Next step is to write code for the nucleo board that can upgrade both RE processors using the bootloader to setup the RE scenario.

  • New PCB V1.1

    3 months ago • 0 comments

    Haven't had time to do a lot of updates, but received the new pcb's today and I'm very happy with how they turned out. I'm not always happy with the quality of the silkscreen so I tried to do some stuff with the copper layer. Looks great :)

View all 8 project logs

Discussions

Tom Van den Bon wrote 4 months ago null point

Hi Adam,

Well, I'm trying to make it as userfriendly and inexpensive as possible so I don't see any reason why it can't be used for both?

T

Are you sure? [yes] / [no]

Adam Fabio wrote 4 months ago null point

Sounds good to me! We need more learning tools like this.

Are you sure? [yes] / [no]

Adam Fabio wrote 4 months ago null point

Hardware hacking for the masses! Thanks for entering The Hackaday Prize, Tom! Do you think this board will be more of a tool for hackers at home, or a classroom device?

Are you sure? [yes] / [no]

Similar projects