Skip to content
master
Go to file
Code

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

README.md

Ledger MCU Backdoor

Proof-of-concept exploit for the Ledger Nano S that hides the non-genuine user interface confirmation. Intentionally unreliable to avoid weaponization.

It should be trivial to adapt to the Ledger Blue.

More information

Install UX application

  1. Set up the ARM toolchain

  2. Build the modified application (nanos-131 is for firmware 1.3.1)

git clone https://github.com/LedgerHQ/nanos-ui.git -b nanos-131
cd nanos-ui
git apply ../backdoor-recovery-seed-generation.patch
make
  1. Turn on the Ledger Nano S with the right button held until "Recovery" is displayed

  2. Install the modified application

make load
  1. (To remove the modified application)
make delete

Install MCU firmware

  1. Set up the ARM toolchain

  2. Turn on the Ledger Nano S with the left button held until "Bootloader" is displayed

  3. Build and install the modified firmware

make vendor
make load
  1. (To restore the official firmware)
make delete

About

Proof of Concept for Ledger Nano S MCU exploit

Resources

License

Releases

No releases published

Packages

No packages published