"STM32 Read-Out Protection (RDP) secures flash memory through three levels (0, 1, 2) configured via option bytes. Level 0 allows full access (default). Level 1 restricts debugging and flash access, allowing regression to Level 0 by erasing flash. Level 2 permanently locks the device, disabling debug features, and cannot be reverted."
I actually have a half-defective device with an STM32 MCU that I would like to dump. Its a noise machine with a flash card containing the sounds, but the content is encrypted. I'd like to get at the decryption key to salvage it.
It's tricky because you have to chain multiple exploits, but yes. You can temporarily downgrade from RDP2 to RDP1 via glitching. At that point, you have to move directly into RDP1 techniques without causing a reset.
The protection levels are set in the RDP register. [listed out of order...] Level 0 = 0xAA, Level 2 = 0xCC, Level 1 = anything else. Flip just a single bit and you get out of RDP2.
RDP2 has been cracked by glitching. You first need to downgrade RDP2 to RDP1 then do the RDP1 bootloader glitch. It's not exactly easy but it's well documented and can be done given enough time. Though the STM32F4 targets do have a high chance of bricking during this attack.
"STM32 Read-Out Protection (RDP) secures flash memory through three levels (0, 1, 2) configured via option bytes. Level 0 allows full access (default). Level 1 restricts debugging and flash access, allowing regression to Level 0 by erasing flash. Level 2 permanently locks the device, disabling debug features, and cannot be reverted."
I actually have a half-defective device with an STM32 MCU that I would like to dump. Its a noise machine with a flash card containing the sounds, but the content is encrypted. I'd like to get at the decryption key to salvage it.
Has Level 2 been cracked?