Hacking a GE fridge with a hardened STM32: Bypassing new protections to extract flash memory. 🧊🪛👨💻🪠💾
Security researchers Mark Omo and James Rowley present how they bypassed flash readout protection on an STM32G0 microcontroller while researching a control board from a GE 25.1 CU refrigerator.
Directly reading flash causes a hard fault and locks the memory. Glitching attacks that worked on older STM32 chips were fixed in this newer G0 series. However, SRAM and CPU registers were still readable.
During boot, the firmware performs a CRC integrity check over flash memory, using registers for computation. By analyzing millions of captured CPU states and mapping CRC transitions forward and backward, the authors reconstructed 100% of the application flash memory. Wow!
Pretty cool, what do you think? :) Enjoy the talk, and please share it with your colleagues and friends!
More details:
Tracing the Untraceable: Extracting Protected Flash With STM32-TraceRip
Slides [PDF]: https://hardwear.io/usa-2025/presentation/TraceRip-Hardwear.pdf
Presentation [Youtube]: https://lnkd.in/dCe7NK8v
目录
最新
- Multiple vulnerabilities in [Censored] electric motorcycles: how to hack a vehicle without one. ⚡🏍️📱🔬🤭
- Hacking wireless security cameras with a laser: from 120 meters away with a 100% success rate! 🛜📹 🔫☠️🥷🏻
- Hack 3D printers into robots: cheap, easy-to-manage & modify lab automation. 📇🛠️🤖🦾🌟
- New attack on OpenClaw or similar AI agents that infects them with “malicious skills.” 🤖💉👾😵💫🤡
- Hacking the Freebox HD (TV/Internet box): how one can use the DooM to exploit a router. 📺📦🔌👨🏻💻💰
- Jamming and spoofing of GPS on ships: real-world attacks on global navigation systems 🛳️🧭😵💫👁️👽
- Hacking ECU of heavy-duty vehicles (trucks, buses, etc.): How to attack the J1939 protocol at scale. 🚜🔧👨🏻💻🦠🎉
- Hacking crypto (cryptography! 🤪) without hard math: how to find bugs in implementation.👨🏻💻🔏👩🏿💻🤔💥