FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Possible to read program stored in STM32F103C8T6 ?

Math86
Associate II

‎2021-06-01 06:43 AM

Hello everyone,

I bought a tool that uses a STM32F103C8T6 with a program on it to transmit some CAN data. I would like to read the program that is currently on the tool and edit it.

Is it feasible ? Or is the memory protected ?

Thanks in advance for your help ! :grinning_face:

Labels:
0 Kudos
21 REPLIES 21
Math86
Associate II
In response to Andrew Neil

‎2021-06-02 12:28 AM

The problem is that the code sends some CAN messages that I need to know. It's impossible to find out by myself which ID and data needs to be included in there.

0 Kudos
Math86
Associate II
In response to Javier1

‎2021-06-02 12:37 AM

Indeed this looks very complicated. I read online that there are some "disassemblers" that can partly retrieve some code or at least make some sense of the compiled code. Do you think this could work here ?

0 Kudos
Javier1
Principal
In response to Math86

‎2021-06-02 12:48 AM

@Math86​ 

Take this as an opportunity to learn about it, if it were up to me i would find another way.

With dissasembler tools you can translate compiled machine code back into Simple assembly languaje

Is the programm you want to reverse engineer very simple?

Because this languaje is Harsh, and you would need to have an advanced knowledge about your hardware

we dont need to firmware by ourselves, lets talk
0 Kudos
Math86
Associate II

‎2021-06-02 01:42 AM

The micro controller is embedded on a PCB that is connected to the ODB port of a car to read and transmit CAN messages.

I expect the program to read the can messages carrying the details of the car and based on that send a predefined set of CAN messages (probably 3-4 scenarios depending on the details of the car).

It will also read the VIN number and store it to block usage on another car. Accessing and changing that VIN number would already a good achievement for me.

But if I understand all of this is only possible if the read protection is off so I'll already try to figure out if that's the case or not.

0 Kudos
Javier1
Principal
In response to Math86

‎2021-06-02 03:40 AM

So you just want to code your own programm and flash it in the microcontroller?

It would be easyer than reverse engineering binaries and then add your code

I have no experience with read protections, you should try , are the SW pins of the microcontroller accesible to you?

we dont need to firmware by ourselves, lets talk
0 Kudos
Math86
Associate II
In response to Javier1

‎2021-06-02 04:10 AM

I need to keep the CAN messages that are stored in the program as I have no idea what ID and data they contain.

Let's say that for now I want to keep the exact same program but I just want to remove the lock on a certain VIN number to be able to use that tool on multiple cars.

​

The tool has been connected to a car once, it read the ​VIN number of the car, then it sent certain CAN messages that triggered an action on the car.

​

Now, if the tool is connected to another car, it'll see that the VIN number doesn't match the one that he registered at the first use and it won't do anything.

​

I tried connecting through UART without any success. Here is the thread where I explain my setup : ​https://community.st.com/s/question/0D53W00000qvHtNSAU/help-connecting-to-stm32-on-cube-programmer

​

Thanks a lot for your time that you spend helping me.​

0 Kudos
Javier1
Principal
In response to Javier1

‎2021-06-02 06:10 AM

What about contacting the company who manufactured those?

At the begining i tought you were trying to hack some obscure deprecated pcb, but now it looks more like youre trying to get your hands into some propietary not opensource automotive software and hack out the protection.

we dont need to firmware by ourselves, lets talk
0 Kudos
Math86
Associate II
In response to Javier1

‎2021-06-02 06:24 AM

Those are small OBD dongles sold on AliExpress, I contacted many sellers to get the details of the supplier but no one could help me.

​

The tool is unbranded and already exists in many shapes but none display a brand I could contact.

​

I also tried searching based on image on Google and Chinese search engines but not luck.​

0 Kudos
Andrew Neil
Evangelist III
In response to Math86

‎2021-06-02 08:49 AM

There are plenty of open-source projects for doing this - I think that'd be a far easier route than trying to reverse-engineer this thing.

https://learn.sparkfun.com/tutorials/getting-started-with-obd-ii/all

https://community.st.com/s/question/0D50X0000B6P853/can-interface-with-obd

http://openxcplatform.com/

https://sourceforge.net/projects/openobd/

http://www.obdtester.com/pyobd

0 Kudos
Math86
Associate II
In response to Andrew Neil

‎2021-06-02 12:47 PM

Thanks ! I'll have a look !

0 Kudos
Top