Dumping the ST-LINK/V2-1: an exploration into buffer overflows and lack of input validation

I have recently been messing around with my Game & Watch: Super Mario Bros., which uses a STM32 MCU. As a part of trying to support others trying to get into modding it, I purchased a few different debug probes to test out. Two of them feature an on-board ST-LINK/V2-1 (herein called ST-Link)

I’m not the first to become curious about how the ST-Link works. I found two people whose explorations I found useful. The first is by Taylor Killian[1], who documented the encryption that the ST-Link uses when upgrading firmware. This offered some clues on what I might have to do with the payload if I was to send data to the firmware update system. The writeup also detailed a key string used for the encryption, which helped me find an open-source library[2] for communicating with the ST-Link’s bootloader, which would become a useful reference later. The second is by lujji[3], who detailed how they extracted the ST-Link bootloader through UART, which is the approach I decided to use later to extract the entire firmware.

Read more


Stop breadboarding and soldering – start making immediately! Adafruit’s Circuit Playground is jam-packed with LEDs, sensors, buttons, alligator clip pads and more. Build projects with Circuit Playground in a few minutes with the drag-and-drop MakeCode programming site, learn computer science using the CS Discoveries class on code.org, jump into CircuitPython to learn Python and hardware together, TinyGO, or even use the Arduino IDE. Circuit Playground Express is the newest and best Circuit Playground board, with support for CircuitPython, MakeCode, and Arduino. It has a powerful processor, 10 NeoPixels, mini speaker, InfraRed receive and transmit, two buttons, a switch, 14 alligator clip pads, and lots of sensors: capacitive touch, IR proximity, temperature, light, motion and sound. A whole wide world of electronics and coding is waiting for you, and it fits in the palm of your hand.

Join 28,000+ makers on Adafruit’s Discord channels and be part of the community! http://adafru.it/discord

Have an amazing project to share? The Electronics Show and Tell is every Wednesday at 7pm ET! To join, head over to YouTube and check out the show’s live chat – we’ll post the link there.

Join us every Wednesday night at 8pm ET for Ask an Engineer!

Follow Adafruit on Instagram for top secret new products, behinds the scenes and more https://www.instagram.com/adafruit/

CircuitPython – The easiest way to program microcontrollers – CircuitPython.org


Maker Business — To make it through a tough business cycle, layoffs should be a last resort

Wearables — Plastic discoloration? Don’t despair!

Electronics — Lower power!

Python for Microcontrollers — Python on Microcontrollers Newsletter: Happy 8th Birthday MicroPython, sponsorship and more! #Python #Adafruit #CircuitPython @micropython @ThePSF

Adafruit IoT Monthly — IoT Pool Monitor, Edge AI, and more!

Microsoft MakeCode — MakeCode Arcade Spring Update

EYE on NPI — Maxim’s Himalaya uSLIC Step-Down Power Module #EyeOnNPI @maximintegrated @digikey

New Products – Adafruit Industries – Makers, hackers, artists, designers and engineers! — New Products 5/6/2021 feat.Adafruit I2C QT Rotary Encoder with NeoPixel – STEMMA QT / Qwiic! @adafruit #adafruit #newproducts

Get the only spam-free daily newsletter about wearables, running a "maker business", electronic tips and more! Subscribe at AdafruitDaily.com !



No Comments

No comments yet.

Sorry, the comment form is closed at this time.