Description
Logic analyzers capture and decode digital signals from electronic circuits. Essential for hardware hacking, firmware extraction, and IoT device analysis. Sigrok/PulseView is the open-source software for analysis.
Installation
BASH
# PulseView (GUI) + sigrok-cli
sudo apt install pulseview sigrok-cli
# For Saleae Logic (commercial)
# Download from https://www.saleae.com/downloads/
# For Bus Pirate
sudo apt install screen minicomBasic Usage
BASH
# Identify test points on target PCB
# Common protocols:
# UART: TX, RX, GND (3 wires)
# SPI: MOSI, MISO, SCK, CS, GND (5 wires)
# I2C: SDA, SCL, GND (3 wires)
# JTAG: TDI, TDO, TCK, TMS, TRST, GND (6 wires)
# Using sigrok-cli
sigrok-cli --driver fx2lafw --config samplerate=1m --samples 1000000
# Using PulseView
pulseview
# 1. Select device
# 2. Set sample rate
# 3. Add protocol decoder (UART/SPI/I2C)
# 4. Capture and analyzeAdvanced Usage
BASH
# UART dumping (most common IoT attack)
# 1. Find UART pins (TX, RX, GND)
# 2. Determine baud rate
sigrok-cli --driver fx2lafw -P uart:baudrate=115200:rx=D0
# Common baud rates: 9600, 19200, 38400, 57600, 115200
# Connect with screen/minicom
screen /dev/ttyUSB0 115200
minicom -D /dev/ttyUSB0 -b 115200
# SPI flash dumping
flashrom -p buspirate_spi:dev=/dev/ttyUSB0 -r firmware.bin
# I2C EEPROM reading
i2cdump -y 1 0x50 # Dump EEPROM at address 0x50Common Workflows
BASH
# IoT device analysis
# 1. Open device, identify debug ports
# 2. Connect logic analyzer
# 3. Identify protocol (UART most common)
# 4. Determine baud rate
# 5. Get shell access via UART
# 6. Extract filesystem, credentials