Extracting firmware from Dev Board via SWD

cancel
Showing results for 
Search instead for 
Did you mean: 

Extracting firmware from Dev Board via SWD

Jump to solution
449 Views
zxlyo
Contributor II

Hi, everyone! I want to extracting/downloading the binary file (firmware) that was flashed earlier in LPC1549 on my OM13056U via SWD. I learn a little bit about SWD, but how I can access it and its related APIs using MCUXpresso IDE? Thanks!

Tags (3)
0 Kudos
1 Solution
410 Views
zxlyo
Contributor II

Thanks to @ErichS , I bought a J-Link debugger which supports both J-Tag and SWD. After reading the schematic of the board, I find the SWD interfaces (P1) and connected them to the debugger. Then I installed the JFlash in the host PC. Click "connection" and "read back > entire chip", everything works like a charm. Finally, I get the firmware which is the same as the binary compiled by MCUXpresso.

View solution in original post

3 Replies
411 Views
zxlyo
Contributor II

Thanks to @ErichS , I bought a J-Link debugger which supports both J-Tag and SWD. After reading the schematic of the board, I find the SWD interfaces (P1) and connected them to the debugger. Then I installed the JFlash in the host PC. Click "connection" and "read back > entire chip", everything works like a charm. Finally, I get the firmware which is the same as the binary compiled by MCUXpresso.

View solution in original post

444 Views
ErichS
Senior Contributor IV

Hi @zxlyo ,

as long as you did not had read-out protection enabled (this depends on the chip used, see https://mcuoneclipse.com/2014/06/22/preventing-reverse-engineering-enabling-flash-security/ for the concept), you can connect and read the flash with a normal debug probe.

With MCUXpresso you simply could attach to the target, e.g. this way:

ErichS_0-1607951096354.png

 

And then you have full access and can for example export the memory (https://mcuoneclipse.com/2012/05/04/dump-my-device-memory/ ).

 

Another way is just to use the J-Link utility and read-out the whole chip (J-Flash, see https://mcuoneclipse.com/2019/05/26/reverse-engineering-of-a-not-so-secure-iot-device/ ).

That article shows how you even can reconstruct (limited) source code from the binary.

 

I hope this helps,

Erich

0 Kudos
438 Views
zxlyo
Contributor II

Thanks a LOT @ErichS. I will try these and keep you posted.

0 Kudos