GitHub - saleemrashid/ledger-mcu-backdoor: Proof of concept for Ledger MCU explo...
source link: https://github.com/saleemrashid/ledger-mcu-backdoor
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
README.md
Ledger MCU Backdoor
Proof-of-concept exploit for the Ledger Nano S that hides the non-genuine user interface confirmation. Intentionally unreliable to avoid weaponization.
It should be trivial to adapt to the Ledger Blue.
Install UX application
-
Build the modified application (
nanos-131
is for firmware 1.3.1)
git clone https://github.com/LedgerHQ/nanos-ui.git -b nanos-131
cd nanos-ui
git apply ../backdoor-recovery-seed-generation.patch
make
-
Turn on the Ledger Nano S with the right button held until "Recovery" is displayed
-
Install the modified application
make load
- (To remove the modified application)
make delete
Install MCU firmware
-
Turn on the Ledger Nano S with the left button held until "Bootloader" is displayed
-
Build and install the modified firmware
make vendor make load
- (To restore the official firmware)
make delete
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK