amlogic-usbdl : unsigned code loader for Amlogic bootrom
You will be solely responsible for any damage caused to your hardware/software/warranty/data/cat/etc...
Amlogic bootrom supports booting from USB. This method of boot requires an USB host to send a signed bootloader to the bootrom via USB port.
This tool exploits a vulnerability in the USB download mode to load and run unsigned code in Secure World.
- Khadas VIM3L (S905D3) (Secure boot is disabled anyway)
- Chromecast with Google TV (S905D3G)
./amlogic-usbdl <input_file>
input_file: payload binary to load and execute
Payloads are raw binary AArch64 executables. Some are provided in directory payloads/.
Please see LICENSE.