~/results>

Security research, exploit development, and technical writeups

Filter by tag:

Enter the EFM32 Gecko

This new post presents a hardware exploit to unlock the debug port on the EFM32 Gecko MCUs Series 1 designed by Silicon Labs....

June 22, 2021•10 min read

Fault injectionnRF52Hardware

The PocketGlitcher

This blogpost presents a modding system, called **PocketGlicher**. It provides an automated way to perform voltage glitching, without any expensive electronic...

March 14, 2021•10 min read

nRF52Hardware HackingExploit

nRF52 Debug Resurrection (APPROTECT Bypass) Part 2

After **[the Part 1 describing the APPROTECT Bypass](https://limitedresults.com/2020/06/nrf52-debug-resurrection-approtect-bypass/)**, this new post presents ho...

June 14, 2020•7 min read

nRF52Hardware HackingExploit

nRF52 Debug Resurrection (APPROTECT Bypass) Part 1

**Yes, resurrection of JTAG/SWD interface on protected platforms has always been a sensitive topic in embedded security**....

June 10, 2020•14 min read

Fault injectionARMHardware

Nuvoton M2351 MKROM

**TrustZone is the last hardware security mechanism integrated to ARMv8-M. This article presents some Fault Injection results achieved on Nuvoton M2351 (Cortex-...

January 12, 2020•7 min read

ESP32Fault injectionHardware

Pwn the ESP32 Forever: Flash Encryption and Sec. Boot Keys Extraction

I wanted to close my investigation by targeting the two major security features:...

November 13, 2019•16 min read

ESP32Fault injectionHardware

Pwn the ESP32 Secure Boot

In this post, **I focus on the ESP32 Secure Boot** and I disclose a full exploit to bypass it during the boot-up, using low-cost fault injection technique....

September 1, 2019•13 min read

ESP32Fault injectionCrypto

Pwn the ESP32 crypto-core

A crypto-core (also called crypto-accelerator) is a dedicated piece of hardware inside the System-on-Chip. Its main role is to 'accelerate' cryptographic primit...

August 11, 2019•7 min read

ESP32Fault injectionCrypto