Single chip decryption is a very loaded thing, the first need to oxidise the chip's encapsulated surface layer, and decrypt it with professional equipment. The first is to completely dissolve off the chip package, exposing the metal connecting wires. It is necessary to bind the chip to the test fixture and operate it with the help of a binding table. The second is to remove only the plastic package on top of the silicon core.
Add the chip protection programme to the chip's program, EMXXX such as pin 2 voltage input will clear all the contents of the chip... ; 6: It is better to use a bare chip for the product; 7: Fuse some ports with high current ....
The attacker took advantage of the loophole in the design of the timing of the erase operation of this series of microcontrollers, using a self-programmed program to stop the next step of erasing the data of the on-chip program memory after erasing the encryption lock locus, thus turning the encrypted microcontroller into an unencrypted microcontroller, and then using a programmer to read out the on-chip program.
1, chip probe directly read if the decryption of the use of chip probe directly read the chip inside the flash or rom, the above method is not guaranteed, and this level is also very professional, the general decryption of the people do not have this condition.
2. Determine the number of pins and arrangement of the chip: First of all, you need to understand the number of pins and arrangement of the chip used, so that you can correctly connect the chip. Determine the function of the chip and the input/output ports: Before connecting the chip, you need to be clear about the function of the chip and the role of each pin, as well as the location of the input/output ports.
3, power connection: the chip needs to be connected to the positive and negative power supply, generally VCC and GND. if the power supply is not connected correctly, the chip can not work properly. Input and output connections: The inputs and outputs of the chip need to be connected to other devices. The connection can be determined by checking the chip manual.
4, to determine the chip pin connection: each digital logic chip has a different pin connection, you need to determine the function of each pin and connection, in order to connect correctly. Connecting power and ground: Logic chips need to receive power supply and need to be connected to ground, which is the first step in connecting the chip.
5, choose the right package: According to the type of chip you use and the design of the board, choose the right chip package. Common package forms include DIP (dual in-line package), SOP (small size package), QFN (bare package), etc. Connecting Power and Ground: Connect the power pins and ground pins of the chip.
The plastic on top of the chip can be uncovered with a knife, and the epoxy resin around the chip can be corroded away with concentrated nitric acid. Hot concentrated nitric acid will dissolve the chip package without affecting the chip and wiring.
The first method requires the chip to be bound to a test fixture and operated with the aid of a binding station. The second method requires personal ingenuity and patience in addition to a certain level of knowledge and necessary skills on the part of the attacker, but it is relatively easy to operate.
The inserted bytes are capable of executing the instruction to send the on-chip programme to the off-chip, which is then intercepted with a decryption device so that the programme inside the chip is decrypted and finished.
1, the first is to completely dissolve off the chip package, exposing the metal connecting lines. It is necessary to bind the chip to the test fixture, with the help of the binding table to operate. The second is to remove only the plastic package on top of the silicon core.
2. The first method requires the chip to be bound to a test fixture and operated with the help of a binding station. The second method requires personal wisdom and patience in addition to having certain knowledge and necessary skills of the attacker, but it is relatively easy to operate.
3. The first method requires the chip to be bound to the test fixture and operated with the help of a binding station. The second method requires personal wisdom and patience in addition to having a certain knowledge of the attacker and the necessary skills, but it is relatively easy to operate, completely home in the operation.
4, the use of high-grade programmers, burn part of the internal pins, specifically how to burn, you can refer to: microcontroller pin burning method and crack.
5, on the basis of other encryption methods, you can research some of the equipment, with certain software, to do software attacks.
6, microcontroller chip crack is through certain equipment and methods, directly get encrypted microcontroller in the burn file, you can copy the burn chip or disassemble their own reference research.
1, pin wiring pins and pins, hand in hand together. Before the pin connection, you need to understand the chip's "preferences" and "habits" to ensure that the voltage and power supply are good, so that the chip and the circuit board get along. The bus connection method is suitable for large data transfer and can be easily done.
2, in fact, the best way to prevent fraud is to go directly to their company to see if there is decryption equipment. If they have it, it's real, if they don't, it's fake. No matter how far away, if you do decryption for the first time, I suggest you'd better go to the other company to see. If it is real, we can have long term co-operation in the future.
3, backdoor crack Because of the FAE chip analysis, many vendors put a backdoor inside the IC, through the fancy timing into the test mode, and then you can read out the user program. There are also chips that have another storage area hidden inside the chip, when necessary, write a piece of code into it, and then use this code to read out the user programme.
4, probe technology, the technology is directly exposed to the chip's internal wiring, and then observe, manipulate, interfere with the microcontroller to achieve the purpose of the attack. Invasive chip decryption of the general process of invasive attacks on the first step is to remove the chip package (referred to as "open cover" sometimes called "open", the English "DECAP", "decapsulation"). The first step in an intrusive attack is to remove the chip package (sometimes called "decapsulation", or "DECAP" in English).