zen
/
balccon_txt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
147 KiB
Tag: Branch: Tree: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
l_zenina 5794c43e6a
little fix 		2 months ago
2024-09-20_15-52.png add more 2 months ago
README.md little fix 2 months ago

README.md

balccon_txt

Welcome to the Hardware quest! There are three levels of difficulty in it, but foe all of the tasks the main idea is to fine a password that unlocks the board. To do it, you need to dump the firmware from the board and than reverse engineer it.

Dump firmware

You can use OpenOCD to dump the firmware from STM32F103 mcu:

openocd -f interface/stlink.cfg -f target/stm32f1x.cfg -c init -c "reset halt" -c "flash read_bank 0 firmware_gold.bin 0 0x10000" -c "reset" -c shutdown

Ghidra

  1. The following command may be used to dump the firmware from the board with the Ghidra software:
  • Press I and add firmware_gold.bin
  • Choose ARM-Cortex-32-little
  • And:

  • Analyze -> YES, select ALL options, press Apply and finaly press Analyze.