Bare-metal ARM firmware reverse engineering with Ghidra and SVD-Loader

The signal-to-noise ratio of your channel is off the charts! Congrats - keep it up.

ThanassisTsiodras

I've legit been looking for so long for content creators who just explain such things in detail without all the bs

mathiasensimon

As a mostly embedded programmer this is great, much easier to follow when there's no complicated OS to worry about.

teslatrooper

Great video! Would love to see some more embedded FW reverse engineering like this :D

seamasclerkin

great editing its cool that you dont pass on the technical aspects and not just the theoretical concepts

asafcohen

Now I ask myself why I didn't know this channel before. Great work!

matisec

Would just like to say, your videos inspired me to have a go at reverse engineering something, so I grabbed a Cisco 2501 router off ebay (because its got a Motorola 68030 in it), and used Ghidra to explore the boot ROMs (was amazed that it supported the m68k architecture!), figured out the memory map, and managed to get FreeRTOS running on it after creating a m68k port for it. :-)

Love your channel!

TomStorey

Excellent thanks for writing the SVD loader script. This video popped into my feed and ironically I am just waiting on some details of cortex M3 project which may require some reversing (although hopefully not from a work POV).

TheBrick

Excellent upload timing, my STM32 blue pill arrived but a couple days ago. Keep up the good work!

AlmightyGauss

I swear. You give better lectures than all my CA teachers together!

isso

IOT reversing from Ghidra Ninja? I absolutely love it!! 😍

rakeshchowdhury

it's 2023 and again im coming back to this video! epic!
some advice for memory map:
Set 'flash' and 'flash_mirror' sections as non-writable (only read 'R' and executable 'X'). This may fix a lot of decompiler wierdness.

viteosen

I am really impressed and grateful. This was the most useful jump start I've gotten.

purduephotog

One thing I'd suggest with regards to memory mapping is to clear the write flag in the flash regions. That way Ghidra automatically dereferences constants and show strings as quoted strings rather than a pointer to a string. Do keep in mind it also removes what it considers to be extraneous reads and writes and unreachable code based on constants, so if there's some configurable options in the firmware, it may remove code from the decompilation for other options that it sees as unreachable.

caralynx

This is so valuable! Thank you for making this!

thogameskanaal

Thank you sir. As a beginner in reverse engineering that's starting with a bare metal firmware, this video is very helpful. Please do more

turbotoblast

I don't have this device nor do RE for a living. But damn this is getting me close to trying this out. Always found integrated boards and chipsets fascinating

Troxilitis

Very good information. This is the exact microcontroller we used in our embedded systems courses in university!

dexterdormain

Outstanding! Thanks for continuing to share your dedicated work

scottwilliams

I just started to reverse some code for STM32F2 and you just make my life easier, ty <3

Aveneid