Dumping the original firmware/bootloader

[martonmiklos]

Hey @RadioOperator ,

In the past there were attempts to gather the STLink V2's firmware via downloading a dumper code through the official bootloader: https://lujji.github.io/blog/reverse-engineering-stlink-firmware/ https://lujji.github.io/blog/reverse-engineering-stlink-firmware-part2/

It might be useful to check whether it is possible with the V3 because using the factory bootloader for downloading custom code would be a great possibility I think. I do not have device at hand at the moment, but I will look after the possibilities later. I just opened this issue to give you a heads up.

[Disasm]

@martonmiklos this file is specific to your probe, as it contains probe-specific settings. Usually you need to download the contents from your probe, but I can send you file contents from mine if you need.

[martonmiklos]

@martonmiklos this file is specific to your probe, as it contains probe-specific settings. Usually you need to download the contents from your probe, but I can send you file contents from mine if you need.

Well that would be awesome because I have realized that file is needed after openocd flashed the bootloader (which erased the whole flash.)

[Disasm]

Oops :) I should have written the better instructions. Check your email.

[RadioOperator]

I think it's possible to make a "main" firmware that flashes this bootloader to the first sectors and then upload this firmware via stlink updater. The same procedure could be useful for unlocking the stock bootloader.

@Disasm Hi, Understand and thanks. My problem here is I can not make any working code successfully via stlink-updater.

1. disable all INTs at start of "main"
2. change SCB-VTOR to 0x08020000
3. generate a bin code based 0x08020000
4. st_decrypt it using "What are you doing".
5. "force" to write to device. then, successful, and Error(4) always as: Firmware version detected: V3J5M2B3S1 ......Upgrade is successful. Failure exiting upgrade mode (Error 4).

The code not run, please help.

[Disasm]

@RadioOperator please use the correct key to encrypt the firmware for stlinkv3 device.

[RadioOperator]

@Disasm Thanks, finally, all works.

[RadioOperator]

@Disasm @martonmiklos , My YAB fully updated: https://github.com/RadioOperator/Yet_Another_Bootloader The co-exist version, no need to destroy the Factory bootloader, and recover to STLINK-V3 very easy. Thanks for help.

[UweBonnes]

Shouldn't the original bootloader get replace by https://github.com/Krakenw/Stlink-Bootloaders/pull/3 to avoid locking of the device with recent ST Firmware?

[chaosAD]

I think the warning note here needs to be updated to indicate that if the original ST-Link bootloader is lost, it can be restored using Krakenw/Stlink-Bootloaders#3 copy.

[rayc345]

Hello everyone, I would like to get the configuration binary from my V3MODS so that we can add bridge functions into MINI, It would be helpful, I have a question, The STLINK V3 chip is protected by PCROP, reading of the protected FLASH part will result in the mass erase, is the configuration data(0x08010000~0x8010400) protected? It's very important, my V3MODS is V3J7 already when I got it.

[RadioOperator]

Hello everyone, I would like to get the configuration binary from my V3MODS so that we can add bridge functions into MINI, It would be helpful, I have a question, The STLINK V3 chip is protected by PCROP, reading of the protected FLASH part will result in the mass erase, is the configuration data(0x08010000~0x8010400) protected? It's very important, my V3MODS is V3J7 already when I got it.

Hi, rayc345, Please check your V3MODS, maybe it has all Bridge functions already, in ST product page, said:

The STLINK-V3MODS also provides a Virtual COM port interface enabling the host PC to communicate with the target microcontroller through one UART, and bridge interfaces (SPI, I2C, CAN, GPIOs) simplifying for instance the field programming through bootloader.

[martonmiklos]

@RadioOperator I think @rayc345 is trying to read the config from a V3MODS and put it to a V3MINI.

[rayc345]

I'm so stupid, the genuine STLINK firmware would read the configuration during DFU or normal working status, so the configuration is not protected by PCROP, I came across to it when I was in bed this morning. V3MODS has the bridge function already, I would like to read the config and add bridge functions into F723 chips in NUCLEO and MINI, It would be useful in some scenarios.

[rayc345]

Yes @martonmiklos is correct. And I wonder if there is any software based authentication such as check the config data and compute whether the UID matches it, if true, self-defined config would hardly work, If anyone knows, please tell us.

[RadioOperator]

Sorry. I have re-flashed my V3MINI booloader, and the bridge functions is ready, I cannot remove it even.

[rayc345]

@RadioOperator Hello, I guess that when you tried to read the firmware, the PCROP was triggered and caused a flash mass erase, when the bootloader is programmed to 0x08000000, and there is no config in Flash. the V3MINI behaves like the V3SET, as is shown in the picture above, is it correct?

[RadioOperator]

@rayc345 Hi, my V3MINI is old version 2 years ago, I re-flasshed bootloader via F723 SWD port, the port not disabled yet. In the newer version V3MINI, Is the SWD port still open? I donot know. (refer to above, level-2 lock) I did not study any related "config" part of the bootloader, maybe you are right.

[Disasm]

The SWD port gets locked after updating the firmware to the latest version, not because of the newer V3MINI hw version. Even in this case, it's still possible to flash you own firmware to dump config areas and bootloader.

[rayc345]

I bought V3MINI and V3MODS, shipped with firmware V3J7, and the SWD is already locked. But the nucleo boards seems to have old version firmware. You worries is right. @RadioOperator

[RadioOperator]

@Disasm Hi, you mean level-2 locked F723 SWD port could be recovered? or flash/dump by other way.

[Disasm]

@RadioOperator they cannot be recovered (downgraded to level-1 or -0), but you can flash you firmware the same way you update the official firmware. With a custom firmware you can dump data out of the device.

[RadioOperator]

@Disasm thanks, just like flash my YAB.

[rayc345]

I know this is a way, but it has a risk, if the PCROP is triggered and the chip gets scrapped. I would like to try on NUCLEO boards with old firmware first.

[Disasm]

It doesn't work like this. You need to explicitly mass-erase flash memory to remove PCROP, but if you connect with a debugger while PCROP is enabled, the device just stops working until you reset it again. Mass-erase shouldn't happen on its own.

[UweBonnes]

Has anybody an idea what is missing from a stlink-tool for V3? Stlink-tool https://github.com/UweBonnes/stlink-tool allows to flash a binary to an Stlink with original ST Bootloader. I use to switch between BMP and ST firmware on ST boards. Somebody needs to understand the security/obfuscation implemented on the V#

[rayc345]

@RadioOperator Hello, I have a question, I looked your CMSIS-DAP for STLINKv3 MINI, There is no config for set the project as execute only, if the generated code reads the data inside the protected area, mass-erase will be induced, I wonder why you didn't set the project as introducedhere http://www.51hei.com/bbs/dpj-57521-1.html

[RadioOperator]

@rayc345 Hi, PCROP protection stops other people read out some Bin code from flash rom, my project no need to do that.

[rayc345]

Sorry, I didn't understand, from my point of view, the PCROP is configured in sectors, you need to place the code where STLINK official firmware exist to let it get started, if the code has read data, it would induce a mass-erase. Though CMSIS_DAP for V3MINI does not need to get protected, but it could cause the PCROP in the chip.

[RadioOperator]

@rayc345 Hi, you are right, flash my CMSIS_DAP for V3MINI code (normally by SWD port), will trigger the mass-erase. And then, F723 becomes a blank chip, no any PCROP and ST factory firmware code/data in the chip. So new code can fully control the chip for DAP functions. I donot know howto bypass PCROP and dump out factory data from the original stlink-v3, someone did this before refer to above.

[rayc345]

@RadioOperator Yes, I need to be very careful, since the F723 here is locked already. If possible, I'd like to use blank STM32F733IET6 which is available on mouser for $14.61000 | ￥109.22715 if all STLINK v3 are locked.

[rayc345]

And I want to know your V3MINI is now treated as V3MODS, whether it's a software mistake(shown V3MODS, in reality V3MINI software) or the V3MODS firmware is truly running in your V3MINI? If it's convenient for you, I'd like to know what name your STLINK V3MINI is shown in STM32CubeProgrammer, is it still STLINK V3MINI?

And what the device ID is shown in Device Manager, 374E or 374F?

[RadioOperator]

@rayc345 Hi, my V3MINI on CubeProgrammer, Serial number block, display sn only, no STLINK... and the USB PID is 374F, Device Manager show ST-Link Bridge:

[GabyPCgeeK]

For those that don't have bridge did you try java -jar STLinkUpgrade.jar -d8_d32_msc_br -force_prog firmware file seems to be f3_2.bin for the bridge.

also the "What are you doing" key is used to encrypt chip flash size, chip id (in v3 otherwise 0xFFFF) and the stlink id to generate an anti-clone tag unique to every device (16 bytes on 0x08003C00 for V2, 0x08010000 for v3).

[bm16ton]

The newest firmware upgrader has new check/signatures so it wont upload the firmwares anymore like it used too. Unfortunately my newest came with the newest firmware and the updaters dont allow downgrades. I know nothing of java etc so non of my attempts to de-compile and recompile the updater (to change the firmware version numbers) could compile. I tried binary editing...yeah that was fun but useless. Has anyone else moded the updater or have a different fix?

[Disasm]

This is strange, I believe I downgraded one of my probes with the old version of the updater.

[RadioOperator]

@bm16ton Hi, what FW version in your new device, please try to use old version LINK007 downgrade it.

[bm16ton]

yeah my other ones didnt seem to care either as I recall, but now that i type this i guess it would be foolish to add those protections if we could just download the previous version lol. my firmware version is "Firmware version detected: V3J8M3" "Version read: V3.J8.M3.B0.S0.P0" When trying with older versions I get, "Unexpected device ID for ST-Link micro. Don't know how to upgrade.: I also tried adding -d8_d32_msc_br and flashing my other one and it says "The specified firmware type does not match the detected one: can not update." so no bridging IO for me yet.. If I could simply get a decompile that would recompile I think id have a shot, Ive seen where other people have binary edited it to downgrade the v2 but the tools they had where amazingly different/better then the few free one I tried. And i just want to take a second and say your bootloader for these is amazing! Your very talented and im much appreciative of your amazing work and skills, Thank you!

[RadioOperator]

Should be the bootloader changed new, to unlock the chip to old updater workable, maybe have to find a way for bootloader downgrade first.

[Disasm]

I tried upgrading my STLINK-V3MINI to V3J6M2, V3J7M2, V3J7M3, V3J8M3 and then downgrading to V3J4M2 after each upgrade and every time downgrade worked.

[RadioOperator]

@Disasm same on my old V3MINI, all worked, maybe our device using old bootload. I donot have new device.

[bm16ton]

confirmed using my older stlinkv3 I could goto V3J8M3 then downgrade but not This newer one. So I guess those extra signatures and checks maybe an issue moving forward, unless someone already figured out how to edit the newest updater and have it upload firmware?

[rayc345]

So for newer versions of STLINK-V2, the RDP is locked, and the firmware to update needs a sigital signature to be accepted? That would totally prevents the customized usage proposed in this issue.

[bm16ton]

So a lil more info my newest stlink will only take programming from en.stsw-link007_V2-38-27_v2.38.27.zip If I try the usual encrypt and replace files I get;

Firmware version detected: V3J8M3 Exception in thread "main" java.lang.SecurityException: SHA-256 digest error for com/st/stlinkupgrade/core/f3_1.bin at sun.security.util.ManifestEntryVerifier.verify(ManifestEntryVerifier.java:239) at java.util.jar.JarVerifier.processEntry(JarVerifier.java:243) at java.util.jar.JarVerifier.update(JarVerifier.java:230) at java.util.jar.JarVerifier$VerifierStream.read(JarVerifier.java:484) at java.io.FilterInputStream.read(FilterInputStream.java:133) at java.io.BufferedInputStream.fill(BufferedInputStream.java:246) at java.io.BufferedInputStream.read(BufferedInputStream.java:265) at com.st.stlinkupgrade.core.c.h(SourceFile:984) at com.st.stlinkupgrade.app.b.b(SourceFile:277) at com.st.stlinkupgrade.app.b.a(SourceFile:136) at com.st.stlinkupgrade.app.MainApp.main(SourceFile:16)

and inside the jar under META-INF/ is ST_EV_KP_RSA and ST_EV_KP.SF Im a noob and all but seems pretty clear it now checks the files its uploaading. Generating a new SHA-256 doesnt seem to work because (best guess from an idiot) it signs the entire jar as well so any chanes and the new checksum/hash whatever its called would need to be geneated for it. Im tempted to try a usb replay attack on it using the logs from previous versions. But im a little scared about people mentioning fooling around can cause an entire wipe of the chip leaving it erased and all programing pins/methods disabled? I know a few people have mentioned custom firmware to unlock the rdp2 and re-enable the swd pins? Id be super excited to hear more about that! Power fritzinf sems pssible except I dont have the skills to desolder all those decoupling caps and resolder them. So Im afraid Ill either need a hacked updater jar or an opensource replacement for the updater. :) Any other things I can post for info please let me know

[Disasm]

Could you try to update with an old unmodified updater? For example, with en.stsw-link007_v2.35.26.zip. I'm mostly interested in error messages and ideally in USB traffic capture.

[bm16ton]

Oh ive tried every release/version st has for download and even foolishly attempted decompile/recompiles on each hopiing one might play nice, but my brains short comings combined with the free tools i used didnt end in victory. I recently used wireshark and kernels usb snoop to log both a good firmware flashing from newest upgrader and failed attempts. I want to compare them to the v2 process and see if those open source v2 tools can be easily moded. Since The few people who posted how to binary hack the jar had waay nicer tools and talent Im hopeful for a updater wo a version check to try. I think my next attempt will be something like usbq and see if I can inject a fake version response via injection. If anyone is interested in my sniff logs I could probly throw them on my git.

[Disasm]

I'm interested!

[bm16ton]

Cool as soon as i get home tonight ill throw them up and post a link. Im not that familiar with usb so until i get sum reading down a fair amount of it is gibberish to me. I have sniffed my older one in a good firmware update the new one in a good firmware uodate and the new one in a bad update. If u can think of any other situations i should sniff please let me know. I also tried to save them in all the various pcap encoding not knowing what tools i might use wwould.need

On Sat, 6 Nov 2021, 4:38 pm Vadim Kaushan, @.***> wrote:

I'm interested!

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/RadioOperator/CMSIS-DAP_for_STLINK-V3MINI/issues/1#issuecomment-962506939, or unsubscribe https://github.com/notifications/unsubscribe-auth/ADAWMP2JYXCPRXOCI525KZDUKWG55ANCNFSM4JBU3CLA .

[Disasm]

Looks good to me. Please sniff "old good" and "new bad" with the same version of old firmware.

[suglover]

I published my fork of stlink-tool for v3 that worked for my stlink: https://github.com/suglover/stlink-tool Feel free to test and report problems if any.

[bm16ton]

so my logs here https://github.com/bm16ton/stlinkv3-usb-sniff-logs I screwed up and had a usb hubin middle so I quickly reid sum sniffs. Amazing job on stlink-tools for v3!! On my new stlink I get; Firmware version : V3J8S0 Loader version : 14157 ST-Link ID : 33001D000A50325636323120 Firmware encryption key : 7510B4EFCAF4AE8A1C0687870DFC7494 Current mode : 4 ST-Link dongle is not in the correct mode. Please unplug and plug the dongle again.

After I reset it into bootloader mode. and before I reset I get No ST-Link in DFU mode found. Replug ST-Link to flash!

I tried it on my old stlink after and it Firmware version : V3J5S0 Loader version : 14157 ST-Link ID : 260034001351383439393134 Firmware encryption key : BD8AB9925264815058B6E1335C62E375 Current mode : 3

I tried to upload with stlink-tool firmware.bin Firmware version : V3J5S0 Loader version : 14157 ST-Link ID : 260034001351383439393134 Firmware encryption key : BD8AB9925264815058B6E1335C62E375 Current mode : 3 Loaded firmware : firmware.bin, size : 132096 bytes Erasing... .................................................................................................................................

And afterwards It was blank (well still had stlink bootloader but no app) I assume I didnt do it correctly, Also It was YAB firmware which I believe comes pre encrypted and I dont have keil so I caint compile it yet. Could that be an issue? Does This tool auto encrypt or leave it to me? Just plain awesome, Im strictly arm64 these days so the extra 500mb and hassle of ST's x86 libs, plus java, and 86 libs I have chewing up space just to load my stlink is terrible.