master
l_zenina 3 months ago
parent ab9d604c2f
commit 5794c43e6a
  1. 7
      README.md

@ -1,8 +1,10 @@
# balccon_txt # balccon_txt
Welcome to the Hardware quest! There are three levels of difficulty in it, but foe all of the tasks the main idea is to fine a password that unlocks the board. To do it, you need to dump the firmware from the board and than reverse engineer it.
## Dump firmware ## Dump firmware
You can use `OpenOCD` to dump firmware from STM32F103 mcu: You can use `OpenOCD` to dump the firmware from STM32F103 mcu:
```bash ```bash
openocd -f interface/stlink.cfg -f target/stm32f1x.cfg -c init -c "reset halt" -c "flash read_bank 0 firmware_gold.bin 0 0x10000" -c "reset" -c shutdown openocd -f interface/stlink.cfg -f target/stm32f1x.cfg -c init -c "reset halt" -c "flash read_bank 0 firmware_gold.bin 0 0x10000" -c "reset" -c shutdown
@ -10,7 +12,7 @@ openocd -f interface/stlink.cfg -f target/stm32f1x.cfg -c init -c "reset halt" -
## Ghidra ## Ghidra
1. You need to load bynary file to ghidra systems: 1. The following command may be used to dump the firmware from the board with the Ghidra software:
- Press `I` and add `firmware_gold.bin` - Press `I` and add `firmware_gold.bin`
- Choose `ARM-Cortex-32-little` - Choose `ARM-Cortex-32-little`
@ -19,3 +21,4 @@ openocd -f interface/stlink.cfg -f target/stm32f1x.cfg -c init -c "reset halt" -
![](2024-09-20_15-52.png) ![](2024-09-20_15-52.png)
- Analyze -> YES, select ALL options, press Apply and finaly press Analyze. - Analyze -> YES, select ALL options, press Apply and finaly press Analyze.

Loading…
Cancel
Save