From d4eb56a35f953470f3f594221cc82bff1dddaa9e Mon Sep 17 00:00:00 2001 From: "Such Meme, Many Skill" Date: Tue, 20 Aug 2019 19:39:30 +0200 Subject: [PATCH] Implement broken:tm: firmware dumping --- source/meme/external_utils.c | 14 +++---- source/meme/external_utils.h | 2 +- source/meme/main.c | 17 +++++---- source/meme/mainfunctions.c | 72 +++++++++++++++++++++++++++++++++++- source/meme/mainfunctions.h | 4 +- source/meme/utils.c | 35 ++++++++++++------ source/meme/utils.h | 5 ++- 7 files changed, 118 insertions(+), 31 deletions(-) diff --git a/source/meme/external_utils.c b/source/meme/external_utils.c index 52d1e83..bd092b3 100644 --- a/source/meme/external_utils.c +++ b/source/meme/external_utils.c @@ -91,7 +91,7 @@ int launch_payload(char *path, bool update){ return 4; } -void dump_biskeys(u8 bis_key[4][32]){ +int dump_biskeys(u8 bis_key[4][32]){ u8 temp_key[0x10], device_key[0x10] = {0}; tsec_ctxt_t tsec_ctxt; @@ -106,7 +106,7 @@ void dump_biskeys(u8 bis_key[4][32]){ const pkg1_id_t *pkg1_id = pkg1_identify(pkg1); if (!pkg1_id) { EPRINTF("Unknown pkg1 version."); - return; + return -1; } bool found_tsec_fw = false; @@ -119,7 +119,7 @@ void dump_biskeys(u8 bis_key[4][32]){ } if (!found_tsec_fw) { EPRINTF("Failed to locate TSEC firmware."); - return; + return -1; } u8 tsec_keys[0x10] = {0}; @@ -150,7 +150,7 @@ void dump_biskeys(u8 bis_key[4][32]){ if (res < 0) { gfx_printf("ERROR %x dumping TSEC.\n", res); - return; + return -1; } u32 sbk[4] = {FUSE(FUSE_PRIVATE_KEY0), FUSE(FUSE_PRIVATE_KEY1), @@ -209,15 +209,15 @@ void dump_biskeys(u8 bis_key[4][32]){ system_part = nx_emmc_part_find(&gpt, "SYSTEM"); if (!system_part) { gfx_printf("Failed to locate SYSTEM partition."); - return; + return -1; } __attribute__ ((aligned (16))) FATFS emmc_fs; if (f_mount(&emmc_fs, "emmc:", 1)) { gfx_printf("Mount failed."); - return; + return -1; } - return; + return pkg1_id->kb; } static void _generate_kek(u32 ks, const void *key_source, void *master_key, const void *kek_seed, const void *key_seed) { diff --git a/source/meme/external_utils.h b/source/meme/external_utils.h index 729fe18..a90c7f9 100644 --- a/source/meme/external_utils.h +++ b/source/meme/external_utils.h @@ -15,7 +15,7 @@ #include "../utils/types.h" int launch_payload(char *path, int update); -void dump_biskeys(u8 bis_key[4][32]); +int dump_biskeys(u8 bis_key[4][32]); static const u8 zeros[0x10] = {0}; diff --git a/source/meme/main.c b/source/meme/main.c index c3f80e0..9cf4982 100644 --- a/source/meme/main.c +++ b/source/meme/main.c @@ -7,21 +7,19 @@ #include "main.h" #include "mainfunctions.h" #include "../libs/fatfs/ff.h" -#include "../storage/sdmmc.h" #include "../utils/util.h" -#include "../sec/se.h" #include "graphics.h" #include "external_utils.h" extern bool sd_mount(); extern void sd_unmount(); -static u8 bis_keys[4][0x20]; +static u32 bis_keys[4][8]; void meme_main(){ utils_gfx_init(); //dump_keys(); - + /* sdmmc_storage_t storage; sdmmc_t sdmmc; @@ -29,7 +27,8 @@ void meme_main(){ sdmmc_storage_init_mmc(&storage, &sdmmc, SDMMC_4, SDMMC_BUS_WIDTH_8, 4); sdmmc_storage_set_mmc_partition(&storage, 1); */ - dump_biskeys(bis_keys); // add succeed check + int firmver = -1; + firmver = dump_biskeys(bis_keys); // add succeed check char *options[6]; char *itemsinfolder[1000]; @@ -77,8 +76,8 @@ void meme_main(){ meme_clearscreen(); addchartoarray("Back", options, 0); addchartoarray("\nPrint BISKEYS", options, 1); - if (!sd_mounted) addchartoarray("Mount SD", options, 2); - ret = gfx_menulist(32, options, 2); + addchartoarray("Dump firmware", options, 2); + ret = gfx_menulist(32, options, 3); switch(ret){ case 2: meme_clearscreen(); @@ -90,6 +89,10 @@ void meme_main(){ gfx_hexdump(0, bis_keys[2], 0x20 * sizeof(u8)); btn_wait(); break; + case 3: + ret = messagebox("\nThis will dump your firmware to your sd!\nThis might take a while\n\nVol-/+ to cancel\nPower to continue..."); + if (ret == 0) wtf(itemsinfolder, muhbits); + break; } } else { diff --git a/source/meme/mainfunctions.c b/source/meme/mainfunctions.c index e7f04b6..3ac8ed5 100644 --- a/source/meme/mainfunctions.c +++ b/source/meme/mainfunctions.c @@ -1,4 +1,5 @@ #include +#include #include "../gfx/di.h" #include "../gfx/gfx.h" #include "../utils/btn.h" @@ -68,12 +69,81 @@ int _openfilemenu(char *path, char *clipboardpath){ return ret; } +int dumpfirmware(char *items[], unsigned int *muhbits){ + DIR dir; + FILINFO fno; + char path[28] = "emmc:/Contents/registered"; + char sdpath[28] = "sd:/tegraexplorer/firmware"; + char tempnand[100] = ""; + char tempsd[100] = ""; + int ret = 0, i = 0, foldersize = 0; + + meme_clearscreen(); + gfx_printf("\nStarting copy of firmware\n\n"); + + f_mkdir("sd:/tegraexplorer"); + f_mkdir("sd:/tegraexplorer/firmware"); + + readfolder(items, muhbits, path); + + if (f_opendir(&dir, path)) { + messagebox("Failed to open directory!"); + return -1; + } + + while (!f_readdir(&dir, &fno) && fno.fname[0]){ + addchartoarray(fno.fname, items, foldersize); + mallocandaddfolderbit(muhbits, foldersize, fno.fattrib & AM_DIR); + foldersize++; + } + + f_closedir(&dir); + + for (i = 0; i <= foldersize; i++){ + if (muhbits[i] & AM_DIR){ + sprintf(tempnand, "%s/%s", path, items[i]); + if(f_opendir(&dir, tempnand)){ + messagebox("Failure opening folder"); + return -2; + } + sprintf(tempnand, "%s/%s/00", path, items[i]); + sprintf(tempsd, "%s/%s", sdpath, items[i]); + //messagebox(tempnand); + //dumptosd(tempnand); + //btn_wait(); + //messagebox(tempsd); + ret = copy(tempnand, tempsd, 0); + if (ret != 0) { + messagebox("Copy failed! (infolder)"); + return 1; + } + f_closedir(&dir); + } + else { + sprintf(tempnand, "%s/%s", path, items[i]); + sprintf(tempsd, "%s/%s", sdpath, items[i]); + ret = copy(tempnand, tempsd, 0); + if (ret != 0) { + messagebox("Copy failed! (infile)"); + return 1; + } + } + gfx_printf("Copied %d / %d nca files\r", i + 1, foldersize + 1); + } + return 0; +} + +void wtf(char *items[], unsigned int *muhbits){ + dumpfirmware(items, muhbits); // DOESNT WORK +} + void sdexplorer(char *items[], unsigned int *muhbits, char *rootpath){ + //dumpfirmware(items, muhbits); // WORKS ?!?!?!?! int value = 1; int copymode = -1; int folderamount = 0; char path[PATHSIZE] = ""; - char clipboard[PATHSIZE] = ""; + static char clipboard[PATHSIZE + 1] = ""; strcpy(path, rootpath); char app[20], rpp[20]; int temp = -1; diff --git a/source/meme/mainfunctions.h b/source/meme/mainfunctions.h index ab1fe19..453a366 100644 --- a/source/meme/mainfunctions.h +++ b/source/meme/mainfunctions.h @@ -1,3 +1,5 @@ #pragma once -void sdexplorer(char *items[], unsigned int *muhbits, char *rootpath); \ No newline at end of file +void sdexplorer(char *items[], unsigned int *muhbits, char *rootpath); +int dumpfirmware(char *items[], unsigned int *muhbits); +void wtf(char *items[], unsigned int *muhbits); \ No newline at end of file diff --git a/source/meme/utils.c b/source/meme/utils.c index b097b2a..0bbab7f 100644 --- a/source/meme/utils.c +++ b/source/meme/utils.c @@ -9,6 +9,7 @@ #include "../libs/fatfs/ff.h" #include "../storage/sdmmc.h" #include "graphics.h" +#include "external_utils.h" void utils_gfx_init(){ display_backlight_brightness(100, 1000); @@ -40,7 +41,7 @@ int dumptosd(const char *path){ sprintf(pathname, "%s%s", "sd:/tegraexplorer/nanddump", foldername); f_mkdir(pathname); sprintf(pathname, "%s%s%s%s", "sd:/tegraexplorer/nanddump", foldername, "/", fno.fname); - res = copy(path, pathname); + res = copy(path, pathname, 1); return res; } @@ -90,7 +91,7 @@ void addchartoarray(char *add, char *items[], int spot){ strlcpy(items[spot], add, size); } -void _mallocandaddfolderbit(unsigned int *muhbits, int spot, bool value){ +void mallocandaddfolderbit(unsigned int *muhbits, int spot, bool value){ muhbits[spot] = (unsigned int) malloc (sizeof(int)); if (value) muhbits[spot] |= (OPTION1); //ff.h line 368 @@ -102,8 +103,8 @@ int readfolder(char *items[], unsigned int *muhbits, const char *path){ int i = 2; addchartoarray("Current folder -> One folder up", items, 0); addchartoarray("Clipboard -> Current folder", items, 1); - _mallocandaddfolderbit(muhbits, 0, true); - _mallocandaddfolderbit(muhbits, 1, true); + mallocandaddfolderbit(muhbits, 0, true); + mallocandaddfolderbit(muhbits, 1, true); if (f_opendir(&dir, path)) { @@ -113,7 +114,7 @@ int readfolder(char *items[], unsigned int *muhbits, const char *path){ else { while (!f_readdir(&dir, &fno) && fno.fname[0]){ addchartoarray(fno.fname, items, i); - _mallocandaddfolderbit(muhbits, i, fno.fattrib & AM_DIR); + mallocandaddfolderbit(muhbits, i, fno.fattrib & AM_DIR); i++; } } @@ -121,15 +122,21 @@ int readfolder(char *items[], unsigned int *muhbits, const char *path){ return i; } -int copy(const char *src, const char *dst){ +int copy(const char *src, const char *dst, int print){ FIL in; FIL out; + unsigned int res = 0; + char temp[100]; if (strcmp(src, dst) == 0){ //in and out are the same, aborting! return 2; } - if (f_open(&in, src, FA_READ) != FR_OK){ + res = f_open(&in, src, FA_READ | FA_OPEN_EXISTING); + if (res != FR_OK){ //something has gone wrong + //sprintf(temp, "%s %d", src, res); + //messagebox(temp); + return 1; } if (f_open(&out, dst, FA_CREATE_ALWAYS | FA_WRITE) != FR_OK){ @@ -143,8 +150,10 @@ int copy(const char *src, const char *dst){ void *buff = malloc(BUFFSIZ); int mbwritten = 0, percentage = 0; bool abort = false; - meme_clearscreen(); - gfx_printf("press VOL- to abort the file transfer!\n\n"); + if (print == 1) { + meme_clearscreen(); + gfx_printf("press VOL- to abort the file transfer!\n\n"); + } while(size > BUFFSIZ){ int res1, res2; res1 = f_read(&in, buff, BUFFSIZ, NULL); @@ -154,9 +163,11 @@ int copy(const char *src, const char *dst){ mbwritten = kbwritten / 1024; percentage = (mbwritten * 100) / ((totalsize / 1024) / 1024); - gfx_printf("Written %dMB [%k%d%k%%]\r", mbwritten, COLOR_GREEN, percentage, COLOR_WHITE); size = size - BUFFSIZ; - if (btn_read() & BTN_VOL_DOWN) size = 0, abort = true; + if (print == 1){ + gfx_printf("Written %dMB [%k%d%k%%]\r", mbwritten, COLOR_GREEN, percentage, COLOR_WHITE); + if (btn_read() & BTN_VOL_DOWN) size = 0, abort = true; + } } if(size != 0){ @@ -184,7 +195,7 @@ int copywithpath(const char *src, const char *dstpath, int mode, char *app){ if (strcmp(dstpath, app) != 0) strcat(dst, "/"); strcat(dst, fno.fname); int ret = -1; - if (mode == 0) ret = copy(src, dst); + if (mode == 0) ret = copy(src, dst, 1); if (mode == 1) f_rename(src, dst); return ret; } \ No newline at end of file diff --git a/source/meme/utils.h b/source/meme/utils.h index 2ac12a1..d311ae3 100644 --- a/source/meme/utils.h +++ b/source/meme/utils.h @@ -11,9 +11,10 @@ void utils_gfx_init(); void removepartpath(char *path, char *root); void addpartpath(char *path, char *add, char *root); int readfolder(char *items[], unsigned int *muhbits, const char *path); -int copy(const char *src, const char *dst); +int copy(const char *src, const char *dst, int print); void addchartoarray(char *add, char *items[], int spot); int copywithpath(const char *src, const char *dstpath, int mode, char *app); void return_readable_byte_amounts(unsigned long int size, char *in); int getfilesize(const char *path); -int dumptosd(const char *path); \ No newline at end of file +int dumptosd(const char *path); +void mallocandaddfolderbit(unsigned int *muhbits, int spot, bool value); \ No newline at end of file