Search results
Jump to navigation
Jump to search
- ! BootROM Interrupt is all infloop in BootROM, Also all no handler in second_loader3 KB (481 words) - 06:59, 10 September 2023
- === Bootrom exploit ===5 KB (815 words) - 23:37, 16 July 2023
- == Bootrom SLSK loading process == ...egisters at all. It uses some registers that are never seen outside of the bootrom. Even though it is logically separate from the SPI ports, it could be physi8 KB (1,251 words) - 23:45, 16 July 2023
- | Bootrom is seen to use Reserved bits3 KB (400 words) - 14:28, 17 January 2024
- To trigger Kermit Bootrom Jig mode, first enable [[Syscon UART RPC]] then do a handshake with [[Kermi3 KB (471 words) - 21:13, 6 January 2024
- === BootROM === * The BootROM's first page (0xFFFF0000-0xFFFF0FFF) is not identity mapped but points to D12 KB (1,872 words) - 18:32, 8 January 2024
- The root is Cmep's bootrom (First Loader). This is where root keys are seeded and wiped from memory. s6 KB (1,004 words) - 08:27, 4 August 2023
- ...ll points to our payload, we can execute cmep code at bootrom time (before bootrom is unmapped). This is a very desirable glitching target because it almost r59 KB (8,666 words) - 18:39, 13 October 2023