Reversing

We are working on reversing the Huidu HD-R712 LED Display Full Color Receiving Card - a very cost-effective (~1000 INR) and widely available FPGA board. We draw inspiration from the https://github.com/q3k/chubby75 work. FPGA Blink Project Files 1 Random brain dump $ sudo openFPGALoader --cable dirtyJtag --freq 10000 --detect Jtag frequency : requested 10000Hz -> real 10000Hz index 0: idcode 0x4014c35 manufacturer anlogic family eagle d20 model EG4D20EG176 irlength 8 $ sudo openFPGALoader --cable dirtyJtag --detect Jtag frequency : requested 6000000Hz -> real 6000000Hz index 0: idcode 0x4014c35 manufacturer anlogic family eagle d20 model EG4D20EG176 irlength 8 JTAG pinout: V ┌───────────────────┐ │ 1 3 5 7 9 │ │ 2 4 6 8 10 │ └───────────────────┘ 9 => TCK 7 => TDO 5 => TMS 3 => NC (Not Connected) 1 => TDI The pin mapping work was done using a DMM, the datasheet, and an optical magnifier. ...

What This Article Covers This article presents a practical journey to add Linux support for the HOPERF CMT2300A Sub-GHz RF transceiver - starting from extracting register configuration tables out of vendor firmware, to building and testing a Linux driver on real hardware. You'll learn: How TP-Link's driver situation motivated this effort How firmware was extracted and analyzed How to build and load the custom driver on Raspberry Pi How to verify real on-air packet RX This is aimed at embedded Linux developers, reverse engineers, and RF hackers. It is not a beginner Linux kernel tutorial nor a full CMT2300A datasheet walkthrough; the focus is on practical bring-up and reproducibility. ...

While running https://github.com/fhoedemakers/pico-infonesPlus, I found that my SNES gaming pad was not fully supported. Specifically, the UP/DOWN and LEFT/RIGHT keys were not working. Let's debug this a bit: Plug in the gaming pad on a Linux box and run the following command (hidraw5 will need to be changed as needed): $ lsusb ... Bus 001 Device 063: ID 0810:e501 Personal Communication Systems, Inc. SNES Gamepad $ sudo hexdump -C /dev/hidraw5 ... 00004a50 01 80 80 7f 7f 0f 00 00 01 80 80 7f 00 0f 00 00 |................| 00004a60 01 80 80 7f 00 0f 00 00 01 80 80 7f 00 0f 00 00 |................| * 00004a80 01 80 80 7f 7f 0f 00 00 01 80 80 7f 7f 0f 00 00 |................| This is what I see when pressing the UP key. ...

Recently, I was stuck trying to understand how Firebase gRPC calls worked and how I could generate, modify, and replay them. Trapping and modifying existing gRPC traffic was not working well. Finally, I took a step back and spent some time learning how to build and debug simple Firebase applications. This approach helped me tremendously, and I was able to make further progress with my original task quickly. Solution You may find the following code sample useful when reversing/debugging Firebase applications. ...