Explore advanced applications of OpenOCD beyond simple software debugging in this informative conference talk. Delve into unconventional use cases, including utilizing Boundary Scan for software configuration testing, hardware troubleshooting techniques, and combining OpenOCD with tools like IDA Pro or radare2 for reverse engineering and debugging. Gain insights into the history of JTAG, learn how to explore JTAG ports on various platforms, and discover methods for finding the right TAP, instruction, and bits. Follow along as the speaker demonstrates practical examples using STM32, PIC32, and IMX6 devices, providing inspiration and ideas for embedded developers and hackers to expand their OpenOCD toolkit.
Overview
Syllabus
Intro
The target group
Why I use OpenOCD?
My reverse engineering rules
Short investigation: History of JTAG
boundary scan
BSDL Example 1
The road map
Exploring JTAG port (time frames)
Exploring JTAG port (Allwinner JTAG/SD)
Exploring JTAG port (Open Sesame)
Exploring the internals
Find the right TAP
Find the right Instruction
Find the right Bits
Exploring JTAG port (BS on STM32)
Exploring JTAG port (GPIO + BS on STM32)
Exploring JTAG port (GPIO + BS on PIC32)
Exploring JTAG port (GPIO + BS on IMX6)
Exploring JTAG on iMX6
Taught by
Linux Foundation
