balccon_txt/README.md

# balccon_txt

Welcome to the Hardware quest! There are three levels of difficulty in it, but foe all of the tasks the main idea is to fine a password that unlocks the board. To do it, you need to dump the firmware from the board and than reverse engineer it.

## Dump firmware

You can use `OpenOCD` to dump the firmware from STM32F103 mcu:

```bash
openocd -f interface/stlink.cfg -f target/stm32f1x.cfg -c init -c "reset halt" -c "flash read_bank 0 firmware_gold.bin 0 0x10000" -c "reset" -c shutdown
```

## Ghidra

1. The following command may be used to dump the firmware from the board with the Ghidra software:

- Press `I` and add `firmware_gold.bin`
- Choose `ARM-Cortex-32-little`
- And:

![](2024-09-20_15-52.png)

- Analyze -> YES, select ALL options, press Apply and finaly press Analyze.
Initial commit 4 weeks ago			`# balccon_txt`

little fix 4 weeks ago			`Welcome to the Hardware quest! There are three levels of difficulty in it, but foe all of the tasks the main idea is to fine a password that unlocks the board. To do it, you need to dump the firmware from the board and than reverse engineer it.`

Изменил(а) на 'README.md' 4 weeks ago			`## Dump firmware`

little fix 4 weeks ago			You can use `OpenOCD` to dump the firmware from STM32F103 mcu:
add more 4 weeks ago
Изменил(а) на 'README.md' 4 weeks ago			```bash
			`openocd -f interface/stlink.cfg -f target/stm32f1x.cfg -c init -c "reset halt" -c "flash read_bank 0 firmware_gold.bin 0 0x10000" -c "reset" -c shutdown`
add more 4 weeks ago			```

			`## Ghidra`

little fix 4 weeks ago			`1. The following command may be used to dump the firmware from the board with the Ghidra software:`
add more 4 weeks ago
			- Press `I` and add `firmware_gold.bin`
			- Choose `ARM-Cortex-32-little`
			`- And:`

			`![](2024-09-20_15-52.png)`

little fix 4 weeks ago			`- Analyze -> YES, select ALL options, press Apply and finaly press Analyze.`