From 191df36fb8ca66aa05461d629f8c414cbb39cd10 Mon Sep 17 00:00:00 2001 From: Hazel Levine Date: Tue, 26 May 2020 01:49:23 -0400 Subject: [PATCH] aaaaaaaaaaaaagh --- satellite-bus/magic-bus/README.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/satellite-bus/magic-bus/README.md b/satellite-bus/magic-bus/README.md index 1ca714b..8abf968 100644 --- a/satellite-bus/magic-bus/README.md +++ b/satellite-bus/magic-bus/README.md @@ -150,8 +150,8 @@ managed to break out at the previous region of memory... which is where gashapwn's *incredible* work came in. If the packet `^3b+00+00+00.` is sent, the bus *stops sending data*, which is -decidedly confirmation that the server accepts data. The following inject has -the same effect: +decidedly confirmation that the server accepts data. Each of the following +injects has the same effect: ``` ^3b+00+00+30+. ^3b+00+00+31+. @@ -163,7 +163,10 @@ the same effect: ^3b+00+00+36+. ^3b+00+00+37+. ``` -In practice, only this last packet is needed to shut down the server. +In practice, only this last packet is needed to shut down the server. Anything +of the form of `^3b+00+00+XX+.` where XX<38 shuts it down, but only 37 enables +dump mode. This can probably be done with a fuzzer. Why has God abandoned us? +What accursed malfunction did we do to deserve this fate? If you send the packet `^ca+00+44+79+20+44+61+74+61+20+30+31+00+52+01+1e+7b+81+47+00+c9+9d+e3+e7+c2+23+36+81+7c+fc+d9+9b+6b+3a+1f+68+f0+35+ce+dd+77+35+ca+dc+87+cc+.`, the same packet is sent back.