Break IC, Recover MCU, Microcontroller Reverse Engineering

After the MCU has been switched to In-System Programming (ISP) Mode, Winbond W78ERD2 MCU Locked Program Recovery can be executed directly, The W78ERD2 equips one 64K byte of main MTP-ROM bank  for  application  program (called  APROM) and one 4K byte of auxiliary MTP-ROM bank for loader program (called LDROM).

In the normal operation, the microcontroller executes the code in the APROM. If  the content of APROM  needs to be modified, the W78ERD2 allows user to activate the In-System  Programming (ISP)  mode  by setting the CHPCON register.

The CHPCON is read-only by default, software must write two specific values 87H, then 59H sequentially to the CHPENR register to enable the CHPCON write attribute. Writing CHPENR register with the values except 87H and 59H will close CHPCON register write attribute.

The W78ERD2 achieves all in-system programming operations including enter/exit ISP Mode, program, erase, read …etc, during device in the idle mode. Setting the bit CHPCON.0 the device will enter in-system programming mode after a wake-up from idle mode from Winbond W78ERD2 MCU Locked Program Recovery.

Because device needs proper time to complete the ISP operations before awaken from idle mode, software may use timer interrupt to control the duration for wake-up from idle mode. This in-system programming feature makes the job easy and efficient in which the application needs to update firmware frequently. In some applications, the  in-system  programming feature make it possible that  the end-user is able to easily update the system firmware by themselves without opening the chassis.

SFRAH,SFRAL:

The objective address of on-chip MTP-ROM in the in-system programming mode.  SFRFAH contains the high-order byte of address, SFRFAL contains the low-order byte of address.

SFRFD:

The programming data for on-chip MTP-ROM in programming mode.

SFRCN:

The control byte of on-chip MTP-ROM programming mode.

SFRCN (C7)

Data Remanence IC Crack is a method to readout memory content from microcontroller embedded memory which include the program from flash and data from eeprom, the status of MCU can be reset through Focus ion beam tehcnique which is the most commonly used method for Microcontroller unlocking;

Data Remanence IC Crack is a method to recover memory content from microcontroller embedded memory which include the program from flash and data from eeprom, the status of MCU can be reset through Focus ion beam tehcnique which is the most commonly used method for Microcontroller unlocking

Security processors typically store secret key material in Static RAM, from which power is removed if the device is tampered with. It is widely known that, at temperatures below −20°C, the contents of SRAM can be ‘frozen’; therefore, many devices treat temperatures below this threshold as tampering events. We have done some experiments to establish the temperature dependency of data retention time in modern SRAM devices. Our experiments show that the conventional wisdom no longer holds and that data remanence can be a problem even at higher temperatures.

Data remanence affects not only SRAM but other memory types as well, like DRAM, UV EPROM, EEPROM and Flash. As a result, some information still can be extracted from MCU memory code that has been erased. This could create many problems for secure devices which assume that all the sensitive information is gone once the memory is erased.

Reverse Engineering Winbond W78E354 Microcontroller

Through Power glitch method we can find an effective way to Reverse Engineering Winbond W78E354 Microcontroller and get its program and data from both eeprom and flash effortlessly, as a result of that, it is important to have some knowledge about the power management:

Idle Mode
The idle mode is entered by setting the IDL bit in the PCON register. In the idle mode, the internal clock to the processor is stopped. The peripherals and the interrupt logic continue to be clocked. The processor will exit idle mode when either an interrupt or a reset occurs.

Power-down Mode
When the PD bit in the PCON register is set, the processor enters the power-down mode. In this mode all of the clocks are stopped, including the oscillator. To exit from power-down mode is by a hardware reset or external interrupts INT0 to INT3 when enabled and set to level triggered.

Reduce EMI Emission
The W78E354 allows user to diminish the gain of on-chip oscillator amplifier by using programmer to clear the B7 bit of security register. Once B7 is set to 0, a half of gain will be decreased. Care must be taken if user attempts to diminish the gain of oscillator amplifier from Reverse Engineering Winbond W78E354 Microcontroller, reducing a half of gain may affect the external crystal operating improperly at high frequency above 24 MHz. The value of R and C1,C2 may need some adjustment while running at lower gain.

W78E354 Special Function Registers (SFRs) and Reset Values

Reset
The external RESET signal is sampled at S5P2. To take effect, it must be held high for at least two machine cycles while the oscillator is running. An internal trigger circuit in the reset line is used to deglitch the reset line when the W78E62B is used with an external RC network.

The reset logic also has a special glitch removal circuit that ignores glitches on the reset line. During reset, the ports are initialized to FFH, the stack pointer to 07H, PCON (with the exception of bit 4) to 00H, and all of the other SFR registers except SBUF to 00H. SBUF is not reset.

Recover Winbond W78ERD2 Chip Eeprom Data

Clock and crystal oscillator are all playing the important roles in Recover Winbond W78ERD2 Chip Eeprom Data.

The W78ERD2 is designed to be used with either a crystal oscillator  or  an external clock. Internally,  the clock is divided by two before it is used by default. This  makes  the W78ERD2  relatively  insensitive to duty cycle variations in the clock.

Crystal Oscillator

The W78ERD2 incorporates a built-in crystal oscillator. To make the oscillator work, a crystal must be connected across pins XTAL1 and XTAL2. In addition, a load capacitor must be connected from each pin to ground, and a resistor must also be connected from XTAL1 to XTAL2 to provide  a DC  bias  when the crystal frequency is above 24 MHz.

External Clock

An external clock should be connected to pin XTAL1. Pin XTAL2 should be left unconnected. The XTAL1 input is a CMOS-type input, as required by the crystal oscillator. As a result, the external clock signal should have an input one level of greater than 3.5 volts.

Eight-source interrupt informations

Break Winbond W78E378 MCU Flash Memory

Timer manipulation can effectively decide the efficiency of Break Winbond W78E378 MCU Flash Memory,

Timers 0, 1, and 2 each consist of two 8-bit data registers. These are called TL0 and TH0 for Timer 0, TL1 and TH1 for Timer 1, and TL2 and TH2 for Timer 2. The TCON and TMOD registers provide  control functions for timers 0, 1. The T2CON register provides control functions for Timer 2. RCAP2H and RCAP2L are used as reload/capture registers for Timer 2.

The operations of Timer 0 and Timer 1 are the same as in the W78C51. Timer 2 is a 16-bit timer/counter that  is configured and controlled by the T2CON register. Like Timers 0 and 1, Timer 2  can operate as either an external event counter or as an internal timer, depending on the setting of bit C/T2 in T2CON. Timer 2 has three operating modes: capture, auto-reload, and baud rate generator. The clock speed at capture or auto-reload mode is the same as that of Timers 0 and 1.

Two additional external interrupts, INT2 and INT3 , whose functions are similar to those of external interrupt 0 and 1 in the standard 80C52. The functions/status of these interrupts are determined/shown by the bits in the XICON (External Interrupt Control) register. The XICON register is bit-addressable but is not a standard register in the standard 80C52. Its address is at 0C0H before Break Winbond W78E378 MCU Flash Memory.

To set/clear bits in the XICON register, one can use the “SETB ( CLR ) bit” instruction. For example, “SETB 0C2H” sets the EX2 bit of XICON.

PX3:      External interrupt 3 priority high if set EX3:         External interrupt 3 enable if set

IE3:        If IT3 = 1, IE3 is set/cleared automatically by hardware when interrupt is detected/serviced IT3:         External interrupt 3 is falling-edge/low-level triggered when this bit is set/cleared by software PX2:         External interrupt 2 priority high if set

EX2:      External interrupt 2 enable if set

IE2: If IT2 = 1, IE2 is set/cleared automatically by hardware when interrupt is detected/serviced IT2: External interrupt 2 is falling-edge/low-level triggered when this bit is set/cleared by software.

XICON – external interrupt control (C0H)

PIC16F84A Microcontroller Chip Attack

It is not always necessary for the power glitches to be outside the specified power supply voltage range. For example, in the same PIC16F84A microcontroller the protection mechanism can be defeated by applying a mere 50 mV glitch after the chip erase operation has started which will cause the failure of PIC16F84A Microcontroller Chip Attack. That causes termination of the program memory erase operation but not the fuse erase.

PIC16F84A Microcontroller Chip Attack

All the above examples of glitch attacks show how powerful such attacks can be unless special countermeasures are implemented. These could be voltage and clock monitor circuits which reset the CPU if the voltage or clock frequency go out of range. Clock-monitoring circuits are normally used in smartcards but very few microcontrollers have them.

Winbond MCU W78E365 Heximal Data Restoration means the content from both the eeprom and flash can be extracted and read out by the programmer directly,

The W78E365 architecture consists of a core controller surrounded by various registers, four general purpose I/O ports, one special purpose programmable 4-bits I/O port, 512 bytes of RAM, three timer/counters, a serial port, and an internal 74373 latch and 74244 buffer which can be switched to port2.

The processor supports 111 different opcodes and references both a 64K program address space and a 64 K data storage space.

The internal data RAM in the W78E62B is 512 bytes. It is divided into two banks: 256 bytes of scratchpad RAM and 256 bytes of AUX-RAM. These RAMs are addressed by different ways.

RAM 0H-127H can be addressed directly and indirectly as the same as in 8051. Address pointers are R0 and R1 of the selected register RAM 128H-255H can only be addressed indirectly as the same as in 8051 when Winbond MCU W78E365 Heximal Data Restoration.

Address pointers are R0, R1 of the selected registers internal program memory, an access to AUX-RAM will not affect the Ports P0, P2, WR and RD.
AUX-RAM 0H-255H is addressed indirectly as the same way to access external data memory with the MOVX instruction. Address pointer are R0 and R1 of the selected register bank and DPTR register.

An access to external data memory locations higher than 255H will be performed with the MOVX instruction in the same way as in the 8051. The AUX-RAM is disable after a reset.

Setting the bit 4 in CHPCON register will enable the access to AUX-RAM. When AUX-RAM is enabled the instructions of “MOVX @Ri” will always access to on-chip AUX-RAM after Winbond MCU W78E365 Heximal Data Restoration.

In the process of Break Microprocessor W78E052 Locked Program, first of all we should have a general understanding about Microprocessor W78E052.

The W78E052 is an 8-bit microcontroller which has an in-system programmable MTP-ROM for  firmware updating. The  instruction set of the  W78E62B is fully compatible with  the standard 8052.  The W78E052 contains a 64K bytes of main MTP-ROM and a 4K bytes of auxiliary MTP-ROM which allows the contents of the 64KB main MTP-ROM to be updated by the loader program located at the 4KB auxiliary MTP-ROM;

512 bytes of on-chip RAM; four 8-bit bi-directional and bit-addressable I/O ports; an additional 4-bit port P4; three 16-bit timer/counters; a serial port. These peripherals are supported by a eight sources two-level interrupt capability.

To facilitate programming and verification, the MTP-ROM inside the W78E052 allows the program memory to be programmed and read electronically after Break Microprocessor W78E052 Locked Program. Once the code is confirmed, the user can protect the code for security.

The W78E052 microcontroller has two power reduction modes, idle mode and power-down  mode,  both of which are software selectable. The idle mode turns off the processor clock but allows for continued peripheral operation.

The power-down mode stops the crystal oscillator for minimum power consumption. The external clock can be stopped at any time and in any state without affecting the processor.

Fully static design 8-bit CMOS microcontroller up to 40

64K bytes of in-system programmable MTP-ROM for Application Program (APROM).

4K bytes of auxiliary MTP-ROM for Loader Program (LDROM).

Low standby current at full supply before Break Microprocessor W78E052 Locked Program

512 bytes of on-chip RAM. (including 256 bytes of AUX-RAM, software selectable)

64K bytes program memory address space and 64K bytes data memory address

Four 8-bit bi-directional

One 4-bit multipurpose programmable

Build-in 74373 and 74244 logical functions on Port 2.(software programmable)

Three 16-bit timer/counters

One full duplex serial port

Eight-sources, two-level interrupt capability

Built-in power management

Code protection

Port 4, SFR P4 at address D8H, is a 4-bit multipurpose programmable I/O port. Each bit can be configured individually by software. The Port 4 has four different operation mode:
In mode 0, P4.0-P4.3 is a bi-directional I/O port which is same as port 1. P4.2 and P4.3 also serve as external interrupt INT3 and INT2 if enabled.

In mode 1, P4.0-P4.3 are read data strobe signals which are synchronized with  RD  signal  at  specified addresses. These signals can be used as chip-select signals for external peripherals.

Extract PIC16F84 MCU Firmware from Microcontroller PIC16F84 flash and eeprom memory, reset the microprocessor status to unlocked one by crack MCU fuse bit and copy MCU’s code to new one;

Another example is an old PIC16F84 microcontroller from Microchip. The chip erase operation removes the security protection but at the same time erases the contents of program and data memories on the chip. The hardware design of the security protection circuit is made such that the memory is always erased before the security fuse is reset to the initial state.

However it was found that if during the chip erase operation the power supply voltage is increased to about 10 V for a few milliseconds it causes the memory erase process to terminate but the security fuse reset finishes as usual making it possible to read the contents of the memory. Such a high voltage pulse should be applied carefully as increasing its length could permanently damage the chip. The later revision of this microcontroller, PIC16F84A, has protection against under- and over-voltage attacks. Any memory modification operations performed via the programming interface are immediately terminated if the power supply voltage goes below 3 V or above 6 V.

Reduce EMI Emmission can help us to better locate the status of Flash and Eeprom memory which provide a way to Break Nuvoton W78E054 MCU Flash Memory,

Because of on-chip Flash EPROM, when a program is running in internal ROM space, the ALE will be unused. The transition of ALE will cause noise, so it can be turned off to reduce the EMI emission if it is useless.

Turning off the ALE signal transition only requires setting the bit 0 of the AUXR SFR, which   is located at 08Eh. When ALE is turned off, it will be reactivated when the program accesses external ROM/RAM data or jumps to execute an external ROM code FROM Break Nuvoton W78E054 MCU Flash Memory.

The ALE signal will turn off again after it  has been completely accessed or the program returns to internal ROM code space. The AO bit in the AUXR register, when set, disables the ALE output. In order to reduce EMI emission from oscillation circuitry, W78E054 allows user to diminish the gain of on-chip oscillator amplifiers by  using  programmer to clear the B7 bit of security register.

Once B7 is set to 0, a half of gain will be decreased. Care must be taken if user attempts to diminish the gain of oscillator amplifier, reducing a half of gain may affect the external crystal operating improperly at high frequency above 24 MHz. The value of R  and C1, C2 may need some adjustment while running at lower gain.

The Watchdog timer is  a  free-running timer which can be programmed by the user to serve as a  system monitor, a time-base generator or an event timer. It is basically a set of dividers that divide the system clock. The divider output is selectable and determines the time-out interval if Break Nuvoton W78E054 MCU Flash Memory.

When the time-out occurs, a system reset can also be caused if it is enabled. The main use of the Watchdog timer is as a system monitor. This is important in real-time control applications. In case of power glitches or electro- magnetic interference, the processor may begin to execute errant code.

If this is left unchecked the entire system may crash. The watchdog time-out selection will result in different time-out values depending on the clock speed. The Watchdog timer will be disabled on reset. In general, software  should restart the Watchdog timer to put it into a known state. The control bits that support  the Watchdog timer are discussed below.

Watchdog Timer Control Register

ENW : Enable watch-dog if set.
CLRW : Clear watch-dog timer and prescaler if set. This flag will be cleared automatically
WIDL : If this bit is set, watch-dog is enabled under IDLE mode. If cleared, watch-dog is disabled under IDLE mode. Default is cleared.
PS2, PS1, PS0: Watch-dog prescaler timer select. Prescaler is selected when set PS2~0 as follows:

Enable watch-dog if set