Hacking the PIC 18F1320

Andrew “Bunnie” Huang is well known for his Xbox hacks. He wanted to try out some reversing techniques on programmed PIC 18F1320 chips he acquired in order to read the secured FLASH memory.

After having the PICs commercially decapped, he analyzed the silicon under an electron microscope revealing the location of security bits relative to the FLASH memory he sought to read. In this tutorial he reveals the further tedious steps he took to complete hacking the PIC 18F1320 to read the memory data.

Via J. Peterson in comments.

This entry was posted in hacks, how-to, reversed and tagged , .

Comments

  1. makomk says:

    Heh. Old page, but still a very clever hack. I seem to recall that recent AVR microcontrollers are designed so that exposing the lock fuses to UV enables code protection, as well as having metal shields protecting them; not sure about PICs.

  2. jone says:

    There is another great description of dumping flash and EEPROM from a protected PIC18F on http://www.openpcd.org/HID_iClass_demystified

    The full write up is in the PDF paper http://www.openpcd.org/images/HID-iCLASS-security.pdf

Leave a Comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Notify me of followup comments via e-mail. You can also subscribe without commenting.