Extracting Firmware from Embedded Devices (SPI NOR Flash) ⚡

Flashback Team
Flashback Team
559,324
0
Published 2022-09-09
Learn tricks and techniques like these, with us, in our amazing training courses!
flashback.sh/training

One of the first things you have to do when hacking and breaking embedded device security is to obtain the firmware. If you're lucky, you can download it from the manufacturer's website or, if you have a shell, you can just copy it over to your computer.

But what if none of these options are available?

In this video, we will show you how you can connect directly to a NOR flash chip with the SPI protocol to dump the firmware and find your vulns, even if off the shelf tools don't work!

00:00 Intro
00:40 Technical Introduction
01:55 Flash Memory Types
03:51 NOR Flash
06:25 SPI Protocol
07:55 Our Training
09:27 Logic Analyzer
12:04 How SPI Works
13:53 Firmware Extraction

Did you enjoy this video? Then follow us on Twitter, and subscribe to our channel for more awesome hacking videos.

~ Flashback Team
flashback.sh/
twitter.com/FlashbackPwn
All Comments (21)
  • @TheFlatronify
    Really informative video, thank you! Sadly I see there will be fewer and fewer devices "hackable" in the near future as more and more manufacturers (especially of routers / e.g. DOCSIS 3.1) start using hardware based encryption technology for their ROM. With little to no possibility to ever read extracted data. What do you think about this?
  • @jakesweany2939
    Everything is explained clearly without wasting time or over-explaining. Well done.
  • @MoisesCaster
    Please never delete this video, it's very helpful.
  • @noambergauz2806
    Damn this channel is so underrated.. just stumbled upon this while scrolling but definitely gonna stay for more .. Thanks for explaining this so well!
  • @billclark5943
    Very helpful for someone like myself just beginning to understand this stuff. Explaining the function and description of terminology is something i would normally have to do significant research for.
  • @StarsManny
    What an entertaining channel! I've been watching some pluralsight and udemy courses recently, and I wish the presenters of those courses had the same style and pace as you guys. You are always interesting. Well done!
  • @terminaltears
    Your videos are the best! Please don't stop making the tutorials! Thank you.
  • @idiotwithasolderingiron
    I will use this information to fix my kitchen stove as it had a rom checksum error. $400 is way to much for a control board. HACK THE PLANET. RIGHT TO REPAIR.
  • @pawel753
    wow.... this is one of the most fascinating videos I've ever seen on YT....
  • @bradrickrobinson7452
    Thank you for explaining this for those who are trying to get into this line of work but find it difficult to do so. Keep up the great work!!!
  • @johncooper7636
    So dope that you guys put this out for free. If it was near me I would totally attend your in-person training. A paid virtual event would also be awesome.
  • @electrolabs337
    What a beautiful work!. Thank you for sharing your time and effort.
  • @stevekoehn1675
    Perfect! Not to simple, not to complicated, with practical information.. Thank You
  • @ZeekSuds
    impressive stuff guys. I'm just getting started with electrical engineering. I've been seeing that a lot of intelligence agencies like to play games with each other at this level. It's all really fascinating.
  • @EmongTimothy
    More information than from my technical degree in a few minutes
  • @PcParamedics868
    WOW mind blow stunmbled on this channel and glued to the screen...
  • @kevinwydler7305
    I just discovered your team, thank you so much for this interesting content!