Android Hardware Reverse Engineering

Advanced Techniques for Dumping Exynos S-Boot ROM & Protected Regions via JTAG/UART

By Antigravity Research Published May 29, 2026 ⏱️ 7 Min Read
Google AdSense Native Placement - Horizontal Top-Post banner

Introduction: Unveiling the S-Boot Mysteries

Samsung Exynos System Boot (S-Boot) is the initial software executed by Exynos SoCs, playing a critical role in establishing the device’s Root of Trust. It initializes essential hardware components, verifies subsequent boot stages, and configures security features like TrustZone. Accessing and analyzing S-Boot’s code, especially from protected regions, is fundamental for low-level security research, vulnerability discovery, and understanding the platform’s hardware-backed security mechanisms. This article delves into advanced techniques for dumping Exynos S-Boot ROM and other protected memory regions, primarily utilizing JTAG and UART interfaces, acknowledging the inherent challenges posed by modern SoC security.

Prerequisites and Setup

Before attempting to dump Exynos S-Boot, a robust setup is crucial. This typically includes:

  • Target Device: A Samsung device with an Exynos SoC, preferably an older or less secured model for initial attempts.
  • JTAG Debugger: A high-quality JTAG debugger (e.g., Segger J-Link, Lauterbach TRACE32, or a compatible OpenOCD-supported adapter like FT2232H, Bus Pirate) capable of communicating with ARM Coresight debug access ports.
  • UART Adapter: A USB-to-TTL serial adapter (e.g., FTDI FT232R, CP2102) for asynchronous serial communication.
  • Probing Equipment: Fine-tipped probes, soldering station, microscope for connecting to small test points or directly to SoC pads.
  • Software Tools: OpenOCD for JTAG control, a serial terminal (e.g., minicom, PuTTY, RealTerm), and a disassembler/decompiler (e.g., IDA Pro, Ghidra).

Locating JTAG and UART Test Points

Identifying JTAG (TCK, TMS, TDI, TDO, nTRST, nRESET) and UART (TX, RX, GND) test points on a device PCB is often the first and most challenging step. This typically involves:

  • Schema analysis (if available).
  • X-ray inspection for hidden vias.
  • Continuity testing from known SoC balls to test pads.
  • Visual inspection for common JTAG/UART footprints.

Understanding Exynos S-Boot and Memory Protections

Exynos S-Boot typically involves several stages: the Boot ROM (BL0/iROM), BL1 (first stage bootloader), and BL2 (second stage bootloader/S-Boot). The Boot ROM is immutable, etched into the silicon, and responsible for loading BL1. BL1, often stored in eMMC/UFS, performs initial setup and verifies BL2. S-Boot (BL2) then initializes more peripherals and hands off to the operating system bootloader. Modern Exynos SoCs extensively leverage ARM TrustZone for security, creating a ‘Secure World’ and a ‘Non-Secure World’. Memory regions containing S-Boot code and sensitive data are often protected by:

  • Memory Management Unit (MMU): Restricting access based on privileges and memory attributes.
  • TrustZone Address Space Controller (TZASC): Hardware module enforcing secure/non-secure memory access.
  • e-fuses: One-time programmable fuses that permanently configure security features, including debug disablement or memory region locks.
  • Write Protection Registers: Preventing modification of critical control registers or memory regions.

JTAG-Based Initial Access and CPU Halt

With JTAG pins identified and connected, the primary goal is to establish communication and halt the CPU at an opportune moment.

OpenOCD Configuration Example

A basic OpenOCD configuration for an Exynos target might look like this, assuming a specific JTAG adapter and target CPU:

# Source your JTAG adapter configuration (e.g., FTDI-based)file adapter.cfg# Configure the target CPU for Exynos (ARMv7/ARMv8)set CHIPNAME exynosset BOARDNAME samsung_exynostarget create $CHIPNAME.cpu arm -endian little -chain-position $CHIPNAME.cpu -variant cortex-a# Adjust for specific CPU architecture and debug capabilities (e.g., A7, A15, A53)# For example, cortex_a.cfg typically handles generic ARM Cortex-A targets# If a specific target config exists, use it:source [find target/samsung_exynosXXX.cfg]# Initialize OpenOCD and halt the targetinitreset halt

Upon successful connection, you should see OpenOCD messages indicating a target connection and potentially a CPU halt. The `reset halt` command attempts to halt the CPU immediately after a reset, providing a window before full OS initialization or advanced security features become active.

Memory Dumping via JTAG

Once halted, OpenOCD’s `dump_image` command can be used to read memory. However, this often only works for non-protected, accessible memory regions.

# Dump 0x10000 bytes starting from address 0x0 to sboot_dump.binmdw 0x0 0x1000# This reads memory word by word, use for small regions, then piece togetherdump_image sboot_full.bin 0x0 0x1000000 # Attempt to dump larger regions

Protected memory will typically return read errors or garbage data. Overcoming this requires more advanced techniques.

UART for Debug and Data Exfiltration

UART is invaluable for observing boot messages, interacting with bootloaders that expose debug consoles, or exfiltrating data if code execution is achieved.

Connecting and Monitoring UART

Connect your UART adapter’s RX to the device’s TX, TX to RX, and GND to GND. Use a serial terminal with appropriate baud rates (common ones include 115200, 9600).

minicom -b 115200 -o -D /dev/ttyUSB0

Monitoring UART during boot can reveal bootloader versions, memory maps, and sometimes even debug prompts that allow limited interaction or display of device state.

Advanced Techniques for Bypassing Protections

Race Conditions and Timed Access

Some memory protection mechanisms are not instantly active. There might be a brief window during boot before MMU or TZASC configurations are finalized. By repeatedly resetting the device and attempting to dump memory very early via JTAG, it might be possible to catch a vulnerable state.

  • Automated JTAG Resets: Script OpenOCD to perform `reset halt` followed by `dump_image` repeatedly.
  • Cold Boot Attacks: For specific architectures, sometimes a cold reboot can temporarily expose memory contents before full security re-initialization.

Exploiting Early Bootloader Vulnerabilities

If the BL1 or S-Boot has a vulnerability (e.g., buffer overflow, format string bug) that can be triggered via UART or other early interfaces, it might be possible to inject and execute custom code. This custom payload could then be designed to:

  • Disable memory protections (if registers are accessible).
  • Remap memory regions.
  • Read protected memory and print its contents via UART.

Example pseudo-C payload for UART dumping (if code execution is achieved):

#define UART_DR_REG 0xXXXXXXXX // Address of UART Data Register#define TARGET_MEM_START 0xYY000000 // Start of protected region#define DUMP_SIZE 0x100000 // Size to dump (1MB)volatile unsigned int* uart_dr = (volatile unsigned int*)UART_DR_REG;void putc(char c) {    while (!(*uart_dr & (1 << 5))); // Wait for TX FIFO to be empty    *uart_dr = c;}void puts(const char* s) {    while (*s) {        putc(*s++);    }}void dump_memory() {    unsigned char* ptr = (unsigned char*)TARGET_MEM_START;    unsigned int i;    for (i = 0; i > 4) > 4) + '0' : (byte >> 4) - 10 + 'a';        hex_buf[1] = (byte & 0xF) < 10 ? (byte & 0xF) + '0' : (byte & 0xF) - 10 + 'a';        hex_buf[2] = 0;        puts(hex_buf);    }    puts("nDump Completen");}int main() {    dump_memory();    return 0;}

DMA Abuse and Peripheral Reconfiguration

Some peripherals, particularly those with Direct Memory Access (DMA) capabilities, operate in the Secure World and have broad memory access. If a vulnerability allows reconfiguring such a peripheral (e.g., modifying its DMA transfer descriptor), it might be possible to trick it into reading protected S-Boot regions and writing them to an accessible non-secure buffer, which can then be dumped via JTAG or UART.

Analyzing the Dumped S-Boot Image

Once a memory dump is obtained, even if partial, the next crucial step is analysis. Load the raw binary into tools like IDA Pro or Ghidra. Key analysis steps include:

  • Architecture Identification: Set the correct ARM architecture (e.g., AArch32/Thumb or AArch64).
  • Entry Point Analysis: Identify the reset vector and initial execution flow.
  • String and Data References: Look for readable strings, function names, or interesting data structures.
  • Security Feature Identification: Locate code responsible for TrustZone configuration, e-fuse checks, signature verification, and debug disablement.
  • Vulnerability Hunting: Analyze critical functions for common vulnerabilities such as buffer overflows, integer overflows, or improper input validation.

Conclusion

Dumping Exynos S-Boot ROM and protected memory regions is a challenging but rewarding endeavor in hardware reverse engineering. It requires a deep understanding of ARM architecture, TrustZone, and the specific security implementations of Exynos SoCs. While direct JTAG access to secure regions is often blocked, combining JTAG with UART, exploiting transient race conditions, or leveraging early bootloader vulnerabilities can provide pathways to access this critical code. The insights gained from such dumps are invaluable for security research, ultimately contributing to a better understanding and hardening of embedded systems.

Android Mobile Specs & Compare Directory

Are you researching mobile hardware properties, processor SoCs, GPU chipsets, or RAM configurations? Access our complete specs catalog to compare up to 5 devices side-by-side!

Compare Devices Specs →
Google AdSense Inline Placement - Content Footer banner
Tags: #Exynos #JTAG #Reverse Engineering #S-Boot #UART

Related Technical Guides

Real-Time SWD Data Injection & Manipulation on Android MCUs: A Security Research Deep Dive

May 29, 2026

Troubleshooting UFS Data Extraction: Common Challenges and Solutions in Android Forensics

May 29, 2026

Troubleshooting NAND Read Errors: Practical Steps for Successful Data Recovery from Android

May 30, 2026