ヘルプ
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Extracting firmware from Dev Board via SWD

キャンセル
提案をオンにする
自動提案では、入力時に可能な一致が提案されるので検索結果を素早く絞り込むことができます。
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 
解決済み
ソリューションへジャンプ

Extracting firmware from Dev Board via SWD

ソリューションへジャンプ
‎12-14-2020 05:25 AM
6,498件の閲覧回数
zxlyo
Contributor II

Hi, everyone! I want to extracting/downloading the binary file (firmware) that was flashed earlier in LPC1549 on my OM13056U via SWD. I learn a little bit about SWD, but how I can access it and its related APIs using MCUXpresso IDE? Thanks!

タグ(3)
0 件の賞賛
返信
1 解決策

ソリューションへジャンプ
‎12-22-2020 04:06 AM
6,459件の閲覧回数
zxlyo
Contributor II

Thanks to @ErichStyger , I bought a J-Link debugger which supports both J-Tag and SWD. After reading the schematic of the board, I find the SWD interfaces (P1) and connected them to the debugger. Then I installed the JFlash in the host PC. Click "connection" and "read back > entire chip", everything works like a charm. Finally, I get the firmware which is the same as the binary compiled by MCUXpresso.

元の投稿で解決策を見る

返信
3 返答(返信)

ソリューションへジャンプ
‎12-22-2020 04:06 AM
6,460件の閲覧回数
zxlyo
Contributor II

Thanks to @ErichStyger , I bought a J-Link debugger which supports both J-Tag and SWD. After reading the schematic of the board, I find the SWD interfaces (P1) and connected them to the debugger. Then I installed the JFlash in the host PC. Click "connection" and "read back > entire chip", everything works like a charm. Finally, I get the firmware which is the same as the binary compiled by MCUXpresso.

返信

ソリューションへジャンプ
‎12-14-2020 06:07 AM
6,493件の閲覧回数
ErichStyger
Specialist I

Hi @zxlyo ,

as long as you did not had read-out protection enabled (this depends on the chip used, see https://mcuoneclipse.com/2014/06/22/preventing-reverse-engineering-enabling-flash-security/ for the concept), you can connect and read the flash with a normal debug probe.

With MCUXpresso you simply could attach to the target, e.g. this way:

ErichS_0-1607951096354.png

 

And then you have full access and can for example export the memory (https://mcuoneclipse.com/2012/05/04/dump-my-device-memory/ ).

 

Another way is just to use the J-Link utility and read-out the whole chip (J-Flash, see https://mcuoneclipse.com/2019/05/26/reverse-engineering-of-a-not-so-secure-iot-device/ ).

That article shows how you even can reconstruct (limited) source code from the binary.

 

I hope this helps,

Erich

0 件の賞賛
返信

ソリューションへジャンプ
‎12-14-2020 06:50 AM
6,487件の閲覧回数
zxlyo
Contributor II

Thanks a LOT @ErichStyger. I will try these and keep you posted.

0 件の賞賛
返信