diff --git a/README.txt b/README.md similarity index 50% rename from README.txt rename to README.md index a003fd3..0358b08 100644 --- a/README.txt +++ b/README.md @@ -1,5 +1,6 @@ +# Fusée Gelée - +``` * .--. / / ` + | | @@ -26,25 +27,39 @@ \ \| | | __// /\__ \\ V V /| | || (__| | | | __/ (_| | | |_| \___| | |___/ \_/\_/ |_|\__\___|_| |_|\___|\__,_| \_\ /_/ - /====================================================\ - /======================================================\ - || fusée gelée || - || || - || Launcher for the {re}switched cold/bootrom hacks-- || - || launches payloads above the Horizon || - || || - || discovery and implementation by @ktemkin || - || def. independently discovered by lots of others <3 || - || || - || special thanks to: || - || SciresM, motezazer -- guidance and support || - || hedgeberg, andeor -- dumping the Jetson bootROM || - || TuxSH -- for IDB notes that were || - || super nice to peek at || - || the team -- y'all are awesome || - || other teams -- y'all are awesome too! || - \======================================================/ - \====================================================/ +``` +## Fusée Launcher -The main launcher is "fusee-launcher.py". +The Fusée Launcher is a proof-of-concept arbitrary code loader for a variety +of Tegra processors, which takes advantage of CVE-2018-6242 ("Fusée Gelée") +to gain arbitrary code execution and load small payloads over USB. + +The vulnerability is documented in the 'report' subfolder; more details and +guides are to follow! Stay tuned... + +### Use Instructions + +The main launcher is "fusee-launcher.py". More instructions are to follow. + +### Credits +             +Fusée Gelée (CVE-2018-6242) was discovered and implemented by Kate Temkin (@ktemkin); +its launcher is developed and maintained by Mikaela Szekely (@Qyriad) and Kate Temkin (@ktemkin). + +CVE-2018-6242 was also independently discovered by fail0verflow member +shuffle2 as the "shofEL2" vulnerability-- so that's awesome, too. + +Credit goes to: + * Qyriad -- maintainership and expansion of the code + * SciresM, motezazer -- guidance and support + * hedgeberg, andeor -- dumping the Jetson bootROM + * TuxSH -- help with a first pass of bootROM RE + * the ReSwitched team + +Love / greetings to: + * Levi / lasersquid + * Aurora Wright + * f916253 + * MassExplosion213 + * Schala