The-Homebrew-Cloud/fusee-launcher
2
0
Fork 0
mirror of https://github.com/Qyriad/fusee-launcher.git synced 2024-11-22 15:59:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
1.0
fusee-launcher/README.md
Kate J. Temkin 265e8f3e19 update readme
2018-07-13 22:47:38 -06:00

67 lines
2.9 KiB
Markdown
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Fusée Gelée
```
* .--.
/ / `
+ | |
' \ \__,
* + '--' *
+ /\
+ .' '. *
* /======\ +
;:. _ ;
|:. (_) |
|:. _ |
+ |:. (_) | *
;:. ;
.' \:. / `.
/ .-'':._.'`-. \
|/ /||\ \|
_..--"""````"""--.._
_.-'`` ``'-._
__ __ _ __
/ _| /_/ | | /_/
| |_ _ _ ___ ___ ___ __ _ ___| | ___ ___
| _| | | / __|/ _ \/ _ \ / _` |/ _ \ |/ _ \/ _ \
| | | |_| \__ \ __/ __/ | (_| | __/ | __/ __/
|_| \__,_|___/\___|\___| \__, |\___|_|\___|\___|
__/ |
|___/
```
## Fusée Launcher
The Fusée Launcher is a proof-of-concept arbitrary code loader for a variety
of Tegra processors, which takes advantage of CVE-2018-6242 ("Fusée Gelée")
to gain arbitrary code execution and load small payloads over USB.
The vulnerability is documented in the 'report' subfolder; more details and
guides are to follow! Stay tuned...
### Use Instructions
The main launcher is "fusee-launcher.py". Windows, Linux, macOS and FreeBSD are all natively supported! Instructions for Windows specifically can be found on the [wiki](https://github.com/reswitched/fusee-launcher/wiki/Instructions-(Windows)).
With a Tegra device in RCM and connected via USB, invoke the launcher with the desired payload as an argument, e.g. `./fusee-launcher.py payload.bin`. Linux systems currently require either that the Tegra device be connected to an XHCI controller (used with blue USB 3 ports) or that the user has patched their EHCI driver.
### Credits            
Fusée Gelée (CVE-2018-6242) was discovered and implemented by Kate Temkin (@ktemkin);
its launcher is developed and maintained by Mikaela Szekely (@Qyriad) and Kate Temkin (@ktemkin).
Credit goes to:
* Qyriad -- maintainership and expansion of the code
* SciresM, motezazer -- guidance and support
* hedgeberg, andeor -- dumping the Jetson bootROM
* TuxSH -- help with a first pass of bootROM RE
* the ReSwitched team
Love / greetings to:
* Levi / lasersquid
* Aurora Wright
* f916253
* MassExplosion213
CVE-2018-6242 was also independently discovered by fail0verflow member
shuffle2 as the "shofEL2" vulnerability-- so that's awesome, too.
Reference in New Issue View Git Blame Copy Permalink