CalvinBackup/Embedded-Hacking
1
0
Fork 0
mirror of https://github.com/mytechnotalent/Embedded-Hacking.git synced 2026-05-20 06:44:41 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
Embedded-Hacking/WEEK02/slides/WEEK02-IMG09.svg
T
Kevin Thomas 7c956ee514 Updated WEEK02
2026-05-03 15:08:34 -04:00

77 lines
3.5 KiB
XML
Raw Permalink Blame History

<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1200 800">
<style>
.bg{fill:#0a0a0f}.pnl{fill:#12121a;stroke:#1a1a2e}.hdr{fill:#12121a}
.title{font:bold 42px 'Courier New',monospace;fill:#00ff41}
.sub{font:bold 28px 'Courier New',monospace;fill:#00d4ff}
.txt{font:24px 'Courier New',monospace;fill:#c0c0c0}
.dim{font:20px 'Courier New',monospace;fill:#888}
.grn{font:bold 24px 'Courier New',monospace;fill:#00ff41}
.red{font:bold 24px 'Courier New',monospace;fill:#ff0040}
.cyn{font:bold 24px 'Courier New',monospace;fill:#00d4ff}
.amb{font:bold 24px 'Courier New',monospace;fill:#ffaa00}
.badge{stroke:#00ff41;rx:14}
</style>
<rect class="bg" width="1200" height="800"/>
<!-- Title -->
<text x="600" y="52" text-anchor="middle" class="title">Register Hijack</text>
<text x="600" y="88" text-anchor="middle" class="dim">Control Flow Attack</text>
<!-- Left Panel: Before Hijack -->
<rect x="30" y="105" width="540" height="675" class="pnl" rx="8"/>
<text x="300" y="148" text-anchor="middle" class="sub">Before Hijack</text>
<line x1="50" y1="163" x2="550" y2="163" stroke="#1a1a2e"/>
<text x="55" y="205" class="dim">r0 loaded by LDR:</text>
<rect x="55" y="225" width="490" height="55" rx="5" fill="#0f0f1a" stroke="#00d4ff" stroke-width="2"/>
<text x="70" y="260" class="cyn">r0 = 0x10001234</text>
<text x="55" y="320" class="dim">Points to flash:</text>
<rect x="55" y="340" width="490" height="55" rx="5" fill="#0a0a0f" stroke="#1a1a2e"/>
<text x="70" y="375" class="txt">"hello, world\r\n"</text>
<text x="55" y="440" class="dim">printf will read r0</text>
<text x="55" y="472" class="dim">and print that string</text>
<line x1="50" y1="510" x2="550" y2="510" stroke="#1a1a2e"/>
<text x="55" y="555" class="grn">The Hijack Command</text>
<rect x="55" y="575" width="490" height="55" rx="5" fill="#1a0f0f" stroke="#ff0040" stroke-width="2"/>
<text x="300" y="610" text-anchor="middle" class="red">set $r0 = 0x20040000</text>
<text x="300" y="680" text-anchor="middle" class="txt">Now r0 points to</text>
<text x="300" y="712" text-anchor="middle" class="txt">OUR string in SRAM</text>
<text x="300" y="744" text-anchor="middle" class="dim">instead of flash</text>
<!-- Right Panel: After Hijack -->
<rect x="600" y="105" width="570" height="675" class="pnl" rx="8"/>
<text x="885" y="148" text-anchor="middle" class="sub">After Hijack</text>
<line x1="620" y1="163" x2="1150" y2="163" stroke="#1a1a2e"/>
<text x="625" y="205" class="dim">r0 now contains:</text>
<rect x="625" y="225" width="520" height="55" rx="5" fill="#1a0f0f" stroke="#ff0040" stroke-width="2"/>
<text x="640" y="260" class="red">r0 = 0x20040000</text>
<text x="625" y="320" class="dim">Points to SRAM:</text>
<rect x="625" y="340" width="520" height="55" rx="5" fill="#0f1a0f" stroke="#00ff41" stroke-width="2"/>
<text x="640" y="375" class="grn">"hacky, world"</text>
<line x1="620" y1="430" x2="1150" y2="430" stroke="#1a1a2e"/>
<text x="625" y="470" class="amb">Then: continue</text>
<text x="625" y="510" class="txt">printf reads r0</text>
<text x="625" y="542" class="txt">Follows pointer</text>
<text x="625" y="574" class="txt">to 0x20040000</text>
<text x="625" y="606" class="txt">Finds "hacky, world"</text>
<text x="625" y="638" class="txt">Prints it!</text>
<line x1="620" y1="678" x2="1150" y2="678" stroke="#1a1a2e"/>
<text x="885" y="720" text-anchor="middle" class="grn">Output changed</text>
<text x="885" y="752" text-anchor="middle" class="grn">without touching code</text>
</svg>
Reference in New Issue View Git Blame Copy Permalink