Like the Raspberry π SoC is based on a television tuner box. The vast majority of the die is related to the TV tuner functions that are completely undocumented. What techniques exist to explore undocumented physical hardware? Are we limited to reverse engineering code to find when and how these undocumented areas are used, or are there other fuzzing type techniques to find relationships between memory, flags, and potential byte instructions?

This is an abstract thought and generalization that potentially patches a hole in my understanding. There is no broader purpose in asking.

  • @over_clox
    link
    22
    edit-2
    21 days ago

    Sometimes it’s just educated guesswork.

    Back in 2009, I picked up a copy of reverse engineered source code for the original PSP Chotto Shot camera. Once I got it to actually compile (code formatting issues), I proceeded to read through what had already been reversed engineered, looking for the unknown/reserved variables.

    And sure enough, when I went fiddling with a few supposedly reserved variables, I discovered that one of them triggered super slow exposure mode, basically poor man’s night vision!

    I never had a chance to share those findings with the PSPHacks community at the time though, it wasn’t long after when their site got shut down ☹️