Updated text

rlangoy · Sep 28, 2023 · 1204e74 · 1204e74
1 parent fcea3ab
commit 1204e74
Show file tree

Hide file tree

Showing 2 changed files with 61 additions and 31 deletions.
diff --git a/...oints/SOLN_Fault 2_2B - Voltage Glitching with CWNano to Bypass Password-checkpoint.ipynb b/...oints/SOLN_Fault 2_2B - Voltage Glitching with CWNano to Bypass Password-checkpoint.ipynb
@@ -25,17 +25,17 @@
     "\n",
     "**LEARNING OUTCOMES:**\n",
     "\n",
-    "* Applying glitch to breaj password check\n",
+    "* Applying glitch to break password check\n",
     "* Checking for success and failure when glitching"
    ]
   },
   {
    "cell_type": "markdown",
    "metadata": {},
    "source": [
-    "The function password returns the vallue of passok.<br>\n",
-    "If password is wrong   0 is rerurned <br>\n",
-    "If password is correct 1 is rerurned <br>\n",
+    "The function password returns the value of the int  passok .<br>\n",
+    "If password is wrong   0 is returned <br>\n",
+    "If password is correct 1 is returned <br>\n",
     "\n",
     "```C\n",
     "/*src: https://github.com/newaetech/chipwhisperer/blob/develop/hardware/victims/firmware/simpleserial-glitch/simpleserial-glitch.c*/\n",
@@ -146,9 +146,17 @@
    "metadata": {},
    "outputs": [],
    "source": [
-    "#Do glitch loop\n",
+    "#Reboot and flush input\n",
     "reboot_flush()\n",
-    "pw = bytearray([0x74, 0x6F, 0x75, 0x63, 0x68])\n",
+    "\n",
+    "#Set false password :)\n",
+    "#pw = bytearray('aouch'.encode('ascii'))\n",
+    "\n",
+    "#Set correct password :)\n",
+    "pw = bytearray('touch'.encode('ascii'))\n",
+    "\n",
+    "print(\"Sending the  password: \" + str(pw)+ \" To the microcontroller's function 'uint8_t password(uint8_t* pw, uint8_t len)'\\n\")\n",
+    "\n",
     "target.simpleserial_write('p', pw)\n",
     "\n",
     "val = target.simpleserial_read_witherrors('r', 1, glitch_timeout=10)#For loop check\n",
@@ -157,8 +165,20 @@
     "    response = val['payload']\n",
     "    raw_serial = val['full_response']\n",
     "    error_code = val['rv']\n",
+    "print(\"Full response from chipwhisper:\")\n",
+    "print(val)\n",
     "\n",
-    "print(val)"
+    "print(\"\\nreturn from microcontroller function : uint8_t password(uint8_t* pw, uint8_t len)\\n\")\n",
+    "print(response)\n",
+    "\n"
+   ]
+  },
+  {
+   "cell_type": "markdown",
+   "metadata": {},
+   "source": [
+    "CWbytearray(b'01') returned indicates correct password while <br>\n",
+    "CWbytearray(b'00') returned indicates wrong password"
    ]
   },
   {
@@ -216,7 +236,8 @@
     "        break\n",
     "    for i in range(50):\n",
     "        scope.arm()\n",
-    "        target.simpleserial_write('p', bytearray([0]*5))\n",
+    "        #sends password 0x00 0x00 0x00 0x00 0x00  (not correct :) \n",
+    "        target.simpleserial_write('p', bytearray([0]*5)) \n",
     "        ret = scope.capture()\n",
     "        \n",
     "        if ret:\n",
@@ -241,7 +262,8 @@
     "                    gc.add(\"success\", (scope.glitch.repeat, scope.glitch.ext_offset))\n",
     "                    print(val)\n",
     "                    print(val['payload'])\n",
-    "                    print(scope.glitch.repeat, scope.glitch.ext_offset)\n",
+    "                    print(\"Password chek was broken at :)\")\n",
+    "                    print(\"repeat : \" + str(scope.glitch.repeat)+ \"  offset: \" + str( scope.glitch.ext_offset))\n",
     "                    print(\"🐙\", end=\"\")\n",
     "                    plt.plot(scope.glitch.ext_offset, scope.glitch.repeat, '+g', alpha=1)\n",
     "                    fig.canvas.draw()\n",
@@ -268,13 +290,6 @@
    "source": [
     "assert broken is True"
    ]
-  },
-  {
-   "cell_type": "code",
-   "execution_count": null,
-   "metadata": {},
-   "outputs": [],
-   "source": []
   }
  ],
  "metadata": {

diff --git a/jupyter/SOLN_Fault 2_2B - Voltage Glitching with CWNano to Bypass Password.ipynb b/jupyter/SOLN_Fault 2_2B - Voltage Glitching with CWNano to Bypass Password.ipynb
@@ -33,9 +33,9 @@
    "cell_type": "markdown",
    "metadata": {},
    "source": [
-    "The function password returns the vallue of passok.<br>\n",
-    "If password is wrong   0 is rerurned <br>\n",
-    "If password is correct 1 is rerurned <br>\n",
+    "The function password returns the value of the int  passok .<br>\n",
+    "If password is wrong   0 is returned <br>\n",
+    "If password is correct 1 is returned <br>\n",
     "\n",
     "```C\n",
     "/*src: https://github.com/newaetech/chipwhisperer/blob/develop/hardware/victims/firmware/simpleserial-glitch/simpleserial-glitch.c*/\n",
@@ -146,9 +146,17 @@
    "metadata": {},
    "outputs": [],
    "source": [
-    "#Do glitch loop\n",
+    "#Reboot and flush input\n",
     "reboot_flush()\n",
-    "pw = bytearray([0x74, 0x6F, 0x75, 0x63, 0x68])\n",
+    "\n",
+    "#Set false password :)\n",
+    "#pw = bytearray('aouch'.encode('ascii'))\n",
+    "\n",
+    "#Set correct password :)\n",
+    "pw = bytearray('touch'.encode('ascii'))\n",
+    "\n",
+    "print(\"Sending the  password: \" + str(pw)+ \" To the microcontroller's function 'uint8_t password(uint8_t* pw, uint8_t len)'\\n\")\n",
+    "\n",
     "target.simpleserial_write('p', pw)\n",
     "\n",
     "val = target.simpleserial_read_witherrors('r', 1, glitch_timeout=10)#For loop check\n",
@@ -157,8 +165,20 @@
     "    response = val['payload']\n",
     "    raw_serial = val['full_response']\n",
     "    error_code = val['rv']\n",
+    "print(\"Full response from chipwhisper:\")\n",
+    "print(val)\n",
     "\n",
-    "print(val)"
+    "print(\"\\nreturn from microcontroller function : uint8_t password(uint8_t* pw, uint8_t len)\\n\")\n",
+    "print(response)\n",
+    "\n"
+   ]
+  },
+  {
+   "cell_type": "markdown",
+   "metadata": {},
+   "source": [
+    "CWbytearray(b'01') returned indicates correct password while <br>\n",
+    "CWbytearray(b'00') returned indicates wrong password"
    ]
   },
   {
@@ -216,7 +236,8 @@
     "        break\n",
     "    for i in range(50):\n",
     "        scope.arm()\n",
-    "        target.simpleserial_write('p', bytearray([0]*5))\n",
+    "        #sends password 0x00 0x00 0x00 0x00 0x00  (not correct :) \n",
+    "        target.simpleserial_write('p', bytearray([0]*5)) \n",
     "        ret = scope.capture()\n",
     "        \n",
     "        if ret:\n",
@@ -241,7 +262,8 @@
     "                    gc.add(\"success\", (scope.glitch.repeat, scope.glitch.ext_offset))\n",
     "                    print(val)\n",
     "                    print(val['payload'])\n",
-    "                    print(scope.glitch.repeat, scope.glitch.ext_offset)\n",
+    "                    print(\"Password chek was broken at :)\")\n",
+    "                    print(\"repeat : \" + str(scope.glitch.repeat)+ \"  offset: \" + str( scope.glitch.ext_offset))\n",
     "                    print(\"🐙\", end=\"\")\n",
     "                    plt.plot(scope.glitch.ext_offset, scope.glitch.repeat, '+g', alpha=1)\n",
     "                    fig.canvas.draw()\n",
@@ -268,13 +290,6 @@
    "source": [
     "assert broken is True"
    ]
-  },
-  {
-   "cell_type": "code",
-   "execution_count": null,
-   "metadata": {},
-   "outputs": [],
-   "source": []
   }
  ],
  "metadata": {