# balccon_txt

Welcome to the Hardware quest! There are three levels of difficulty in it, but foe all of the tasks the main idea is to fine a password that unlocks the board. To do it, you need to dump the firmware from the board and than reverse engineer it.

## Dump firmware

You can use `OpenOCD` to dump the firmware from STM32F103 mcu:

```bash
openocd -f interface/stlink.cfg -f target/stm32f1x.cfg -c init -c "reset halt" -c "flash read_bank 0 firmware_gold.bin 0 0x10000" -c "reset" -c shutdown
```

## Ghidra

1. The following command may be used to dump the firmware from the board with the Ghidra software:

- Press `I` and add `firmware_gold.bin`
- Choose `ARM-Cortex-32-little`
- And:

![](2024-09-20_15-52.png)

- Analyze -> YES, select ALL options, press Apply and finaly press Analyze.