GitHubDiscordLinkedInX

Extract Firmware using SPI

Requirements:

  • external SPI flash, which has firmware stored

  • SPI capable reader (Buspirate, RaspberryPi, Xgecu T56, etc.)

Let's say you find an external flash memory on a PCB: chances are good that it will store interesting information like the bootloader or the root-filesystem.

Steps to Extract Firmware:

  1. Identify the used flash chip by Google the chip description printed on it

    1. in the datasheet of the chip you should find the pinout of the chip (the dot on the chip specifies the upper left corner

    2. Example Pinout:

      Example pinout of a flash chip

  2. Connect your Flash reader probes to the pins of the chip:

The quickest and easiest way to connect to a flash chip is by using a clamp, like these:

Clamps can be used to connect to pins on chip

Attach the clamp to the chip and the end to your programmer/debugger like the Bus Pirate or an Xgecu T56.

clamps connected to an SPI flash
PreviousSPINextJTAG/SWD

Last updated

Was this helpful?