-
Notifications
You must be signed in to change notification settings - Fork 34
Home
A tool for passive data capture and reconnaissance of flash chips. It is used in conjunction with a Saleae logic analyzer to reconstruct flash memory contents and extract contextual information about device operations.
Currently it supports SPI flash chips, which are commonly found in embedded devices. These chips generally store bootloaders, operating systems, filesystems, configuration data, cryptographic secrets, etc.
The Saleae Logic software comes with various protocol analyzers such as Serial Peripheral Interface (SPI), allowing the user to export command-aware data to a comma-separated value (csv) file.
sniffROM parses the output generated by the Saleae Logic software to extract useful data. Specifically:
- Sniff the contents of the flash memory chip via READ and WRITE commands
- Intercept metadata such as manufacturer IDs or chip IDs
- Intercept security-related commands and data
Due to the passive nature of this tool's operation, it can recover flash contents and other data in cases where direct in-situ probing of the chip is unreliable, and desoldering of the chip is not desired.
Go to Getting Started