Failed to initialize MPSSE: device not found
nikhilh-20 opened this issue · comments
I'm new to IoT firmware RE and I'm trying to extract the firmware from a Winbond W25Q64JVSSIQ memory chip which supports SPI. I've connected it to a BeagleBone Black micro-controller which is connected to my Kali Linux VMware VM.
Device information:
root@malnet:/dev# ls -l ttyACM0
crw-rw---- 1 root dialout 166, 0 Nov 25 01:25 ttyACM0
root@malnet:~# udevadm info --attribute-walk --name=/dev/ttyACM0
Udevadm info starts with the device specified by the devpath and then
walks up the chain of parent devices. It prints for every device
found, all possible attributes in the udev rules key format.
A rule to match, can be composed by the attributes of the device
and the attributes from one single parent device.
looking at device '/devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb2/2-1/2-1:1.2/tty/ttyACM0':
KERNEL=="ttyACM0"
SUBSYSTEM=="tty"
DRIVER==""
looking at parent device '/devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb2/2-1/2-1:1.2':
KERNELS=="2-1:1.2"
SUBSYSTEMS=="usb"
DRIVERS=="cdc_acm"
ATTRS{bInterfaceClass}=="02"
ATTRS{supports_autosuspend}=="1"
ATTRS{iad_bInterfaceCount}=="02"
ATTRS{iad_bFunctionClass}=="02"
ATTRS{bInterfaceSubClass}=="02"
ATTRS{iad_bFirstInterface}=="02"
ATTRS{bAlternateSetting}==" 0"
ATTRS{bInterfaceProtocol}=="01"
ATTRS{bmCapabilities}=="2"
ATTRS{authorized}=="1"
ATTRS{bInterfaceNumber}=="02"
ATTRS{bNumEndpoints}=="01"
ATTRS{iad_bFunctionProtocol}=="01"
ATTRS{iad_bFunctionSubClass}=="02"
ATTRS{interface}=="CDC Abstract Control Model (ACM)"
looking at parent device '/devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb2/2-1':
KERNELS=="2-1"
SUBSYSTEMS=="usb"
DRIVERS=="usb"
ATTRS{idVendor}=="1d6b"
ATTRS{maxchild}=="0"
ATTRS{configuration}=="Multifunction with RNDIS"
ATTRS{removable}=="unknown"
ATTRS{bDeviceClass}=="ef"
ATTRS{product}=="BeagleBoneBlack"
ATTRS{bmAttributes}=="c0"
ATTRS{avoid_reset_quirk}=="0"
ATTRS{bDeviceSubClass}=="02"
ATTRS{quirks}=="0x0"
ATTRS{bNumConfigurations}=="1"
ATTRS{bDeviceProtocol}=="01"
ATTRS{bNumInterfaces}==" 5"
ATTRS{ltm_capable}=="no"
ATTRS{busnum}=="2"
ATTRS{serial}=="C0-3516BBBK253B"
ATTRS{devpath}=="1"
ATTRS{urbnum}=="1061"
ATTRS{authorized}=="1"
ATTRS{speed}=="480"
ATTRS{version}==" 2.00"
ATTRS{bConfigurationValue}=="1"
ATTRS{idProduct}=="0104"
ATTRS{devnum}=="3"
ATTRS{bMaxPacketSize0}=="64"
ATTRS{bMaxPower}=="2mA"
ATTRS{bcdDevice}=="0308"
ATTRS{tx_lanes}=="1"
ATTRS{rx_lanes}=="1"
ATTRS{manufacturer}=="Circuitco"
looking at parent device '/devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb2':
KERNELS=="usb2"
SUBSYSTEMS=="usb"
DRIVERS=="usb"
ATTRS{maxchild}=="6"
ATTRS{authorized_default}=="1"
ATTRS{configuration}==""
ATTRS{bmAttributes}=="e0"
ATTRS{interface_authorized_default}=="1"
ATTRS{bConfigurationValue}=="1"
ATTRS{bNumInterfaces}==" 1"
ATTRS{rx_lanes}=="1"
ATTRS{busnum}=="2"
ATTRS{bMaxPacketSize0}=="64"
ATTRS{bDeviceSubClass}=="00"
ATTRS{quirks}=="0x0"
ATTRS{devnum}=="1"
ATTRS{bMaxPower}=="0mA"
ATTRS{bDeviceClass}=="09"
ATTRS{devpath}=="0"
ATTRS{version}==" 2.00"
ATTRS{serial}=="0000:02:03.0"
ATTRS{speed}=="480"
ATTRS{bNumConfigurations}=="1"
ATTRS{removable}=="unknown"
ATTRS{authorized}=="1"
ATTRS{avoid_reset_quirk}=="0"
ATTRS{tx_lanes}=="1"
ATTRS{bcdDevice}=="0419"
ATTRS{product}=="EHCI Host Controller"
ATTRS{idVendor}=="1d6b"
ATTRS{ltm_capable}=="no"
ATTRS{idProduct}=="0002"
ATTRS{bDeviceProtocol}=="00"
ATTRS{urbnum}=="58"
ATTRS{manufacturer}=="Linux 4.19.0-kali5-amd64 ehci_hcd"
looking at parent device '/devices/pci0000:00/0000:00:11.0/0000:02:03.0':
KERNELS=="0000:02:03.0"
SUBSYSTEMS=="pci"
DRIVERS=="ehci-pci"
ATTRS{enable}=="1"
ATTRS{device}=="0x0770"
ATTRS{consistent_dma_mask_bits}=="32"
ATTRS{msi_bus}=="1"
ATTRS{class}=="0x0c0320"
ATTRS{local_cpus}=="00000000,00000000,00000000,00000003"
ATTRS{local_cpulist}=="0-1"
ATTRS{label}=="ehci"
ATTRS{d3cold_allowed}=="0"
ATTRS{broken_parity_status}=="0"
ATTRS{uframe_periodic_max}=="100"
ATTRS{driver_override}=="(null)"
ATTRS{dma_mask_bits}=="32"
ATTRS{companion}==""
ATTRS{vendor}=="0x15ad"
ATTRS{revision}=="0x00"
ATTRS{irq}=="17"
ATTRS{acpi_index}=="16777752"
ATTRS{ari_enabled}=="0"
ATTRS{subsystem_device}=="0x0770"
ATTRS{numa_node}=="-1"
ATTRS{subsystem_vendor}=="0x15ad"
looking at parent device '/devices/pci0000:00/0000:00:11.0':
KERNELS=="0000:00:11.0"
SUBSYSTEMS=="pci"
DRIVERS==""
ATTRS{msi_bus}=="1"
ATTRS{vendor}=="0x15ad"
ATTRS{secondary_bus_number}=="2"
ATTRS{numa_node}=="-1"
ATTRS{class}=="0x060401"
ATTRS{revision}=="0x02"
ATTRS{enable}=="1"
ATTRS{d3cold_allowed}=="0"
ATTRS{irq}=="0"
ATTRS{subsystem_device}=="0x0790"
ATTRS{local_cpulist}=="0-1"
ATTRS{consistent_dma_mask_bits}=="32"
ATTRS{broken_parity_status}=="0"
ATTRS{driver_override}=="(null)"
ATTRS{subordinate_bus_number}=="2"
ATTRS{device}=="0x0790"
ATTRS{local_cpus}=="00000000,00000000,00000000,00000003"
ATTRS{subsystem_vendor}=="0x15ad"
ATTRS{ari_enabled}=="0"
ATTRS{dma_mask_bits}=="32"
looking at parent device '/devices/pci0000:00':
KERNELS=="pci0000:00"
SUBSYSTEMS==""
DRIVERS==""
I cloned this repository, followed the installation instructions and executed the following command:
root@malnet:/opt/libmpsse/src/examples# ./spiflash -s 15000000 -r firmware.bin
Failed to initialize MPSSE: device not found
I expected the above command to dump 15MB of firmware from the Winbond memory chip into a file, firmware.bin
on my Kali VM. What am I doing wrong here?
System information:
root@malnet:/opt/libmpsse/src/examples# uname -a
Linux malnet 4.19.0-kali5-amd64 #1 SMP Debian 4.19.37-5kali1 (2019-06-20) x86_64 GNU/Linux
root@malnet:/opt/libmpsse/src/examples# python -V
Python 2.7.17
Provide strace -f ./spiflash -s 15000000 -r firmware.bin
output.
root@malnet:/opt/libmpsse/src/examples# strace -f ./spiflash -s 15000000 -r firmware.bin &> ~/straceLogs.txt
straceLogs.txt
The Linux kernel can't be old. It's at 4.19
which was released in 2018.
root@malnet:~# uname -r
4.19.0-kali5-amd64
For libusb
:
root@malnet:~# dpkg -l libusb-1.0*
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==================-============-============-=================================
ii libusb-1.0-0:amd64 2:1.0.22-2 amd64 userspace USB programming library
libusb
is at 1.0.22
which was released in 2018. That's not too old; the latest is 1.0.23
, but upgrading may break my system. Comments?
I also tried on a fresh install of Ubuntu 18.04.3 x64
and the error still remains
iot@ubuntu:~$ uname -r
5.0.0-23-generic
iot@ubuntu:~$ sudo dpkg -l libusb-1.0*
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-=============================================-===========================-===========================-===============================================================================================
ii libusb-1.0-0:amd64 2:1.0.21-2 amd64 userspace USB programming library
iot@ubuntu:/opt/libmpsse/src/examples$ sudo strace -f ./spiflash -s 15000000 -r firmware.bin &> ~/straceLogs.txt
If you don't know how to resolve this, can you point me to a different repo / library which I can execute and extract the firmware from the Winbond SPI memory chip?
This project is for USB devices from the manufacturer FTDI. Does the Beaglebone Black have such a chip? It does not look like it from your device information.