Skip to content

Instantly share code, notes, and snippets.

View CTCaer's full-sized avatar
🔌

CTCaer

🔌
816 followers · 0 following
View GitHub Profile
@CTCaer
CTCaer / brcm_flash.c
Created September 22, 2017 02:08 — forked from shuffle2/brcm_flash.c
joycon command handling
unsigned __int8 *__fastcall process_cmd(struct_a1 *a1, int a2, int a3, unsigned __int8 *pkt, signed int pkt_len)
{
unsigned __int8 *pkt_; // r0@1 MAPDST
int v10; // r0@2
int v11; // r12@8
unsigned __int8 v12; // r0@13
signed int b0; // r0@15
int v14; // r0@38
unsigned __int8 v15; // r1@46
unsigned int v16; // r2@51
@CTCaer
CTCaer / brcm_patchram_spi_otp.txt
Created October 9, 2017 22:43
OTP PatchRAM. (SPI @0x0)
01[raw]: F000006208C05D89
FD[raw]: FFFFFFFF
40[raw]: 123456B9E698 // BD_ADDR
// Overwritten by DS# PatchRAM
0A: D03DC: D03E4 b'AA55F00F68E597D2' // Magic
// Overwritten by DS# PatchRAM
0A: D0200: D030C b'00F009F842F78EBE374900231A460860202174F77CB93549097801F00F0140EA01204FF44811096801F48051084370470EB56A460C2141F6F47074F7D7FB0C2809D108222A496846A2F76EFA002802D12849029808600EBD70B5284926484FF448140860206820F480502060A06E20F07F40A066A06E40F08240A066E06E00F07F40E066E06E1E490843E066D4F888001C490840C4F888001B4DD5F83801C0071BD0D5F83C01D5F8381180B24FF4E02202EAC13108434FF44D110A686FF312021043086000F053F8D5F8300110F4E06F03D04FF67F70C5F8B002206840F480502060BDE87040A3E75C7D210034282000DC030D00B87C21008FFE0D00607D210041414100FF0F00F000603300'
// Overwritten by DS# PatchRAM
@CTCaer
CTCaer / package1.py
Created January 22, 2018 13:27 — forked from SciresM/package1.py
from struct import unpack as up, pack as pk
from binascii import unhexlify as uhx, hexlify as hx
from Crypto.Cipher import AES
from Crypto.Util import Counter
import sys
pk11key = uhx('') # Insert key here.
def string_to_ctr(ctr):
return Counter.new(128, initial_value=int(hx(ctr), 16))
@CTCaer
CTCaer / scan_amiibo.log
Last active July 10, 2022 12:22
Legend:
WRI: Sent packet
RCV: Received packet
MCU: Received x31 packet. The first 49 bytes are truncated.
WRI: subcmd x22 - Set MCU state (suspend/resume)
RCV: 21 eb800000006a6878bed87500 8022 00000000000000000000000000000000000000000000000000000000000000000000
WRI: subcmd x21 - Write MCU
RCV: 21 f4800000006c5878bec87500 a021 0100ff00030005060000000000000000000000000000000000000000000000000062
WRI: subcmd x03 - Change input report format
@CTCaer
CTCaer / P2180_A00_LP4_DSC_204Mhz.cfg
Created January 19, 2019 03:06 — forked from roblabla/P2180_A00_LP4_DSC_204Mhz.cfg
# CFG Version 03
# Do not edit. Generated by t210_emc_reg_tool_P987.exe V9.8.7. Command:
# t210_emc_reg_tool_P987.exe -i Samsung_K4F6E304HB-MGCH_4GB.par 04.90196078431372549019
# -dram_board_cfg 37 -data_bus_to_0 1 -dsr_per_dev 0 -fly_by_time_ps 1833 -dbi_rd_en 1
# -is_bkv 1 -b P2180_A00_LP4_DSC_204Mhz.txt -o P2180_4GB_P987_configs\P2180_4GB_Samsung_4GB_lpddr4_204Mhz_P987.cfg
# Parameter file: Samsung_K4F6E304HB-MGCH_4GB.par, tck = 4.90 ns (204.00 MHz)
# bkv file: P2180_A00_LP4_DSC_204Mhz.txt
SDRAM[0].MemoryType = NvBootMemoryType_LpDdr4;
SDRAM[0].PllMInputDivider = 0x00000001;
SDRAM[0].PllMFeedbackDivider = 0x00000022;