ctxz / stm32f1-picopwner Goto Github PK

Dump read-out protected STM32F1's with a Pi Pico - A Pi Pico implementation of @JohannesObermaier's, Marc Schink's and Kosma Moczek's Glitch and FPB attack to bypass RDP (read-out protection) level 1 on STM32F1 chips

CMake 9.84% C 28.41% Python 46.52% Makefile 7.07% Assembly 8.16%

dump firmware pi pi-pico pico pwn stm32f1 attack exploit glitching

stm32f1-picopwner's Introduction

STM32F1 Pico Pwner

A Pi Pico implementation of Johannes Obermaier's, Marc Schink's and Kosma Moczek's Glitch and FPB attack to bypass RDP (read-out protection) level 1 on STM32F1 chips.

The paper describing the attack can be found here along with its original implementation here

Usage
How does the attack work?

Usage

What you'll need to get started

A PC running Linux
A Raspberry Pi Pico (or any other RP2040 devboard)
A debug probe (e.g. a ST-Link V2)
An STM32F1 target board (in this repo's case a RDP locked Blue Pill is used)

Pre-requisites

Please ensure the following dependencies are installed on your system:

OpenOCD (v0.11.0 or higher)
Python3
PySerial

Furthermore, install these additional dependencies if you intend to build the attack board and target board exploit firmware yourself:

The instructions also require that you have a basic understanding of how to build Pico SDK based projects. It also pre-supposes that you have a basic understanding of how to connect your Pi Pico and debug probe to your target STM32F1 board.

Cloning the repository

To get started, clone this repository and enter it:

$ git clone https://github.com/CTXz/stm32f1-picopwner.git
$ cd stm32f1-picopwner

Building and flashing the attack firmware onto the Pi Pico

If you wish to skip the build process and just flash the attack firmware onto your Pi Pico, you can download the latest pre-built attack firmware from the releases page

Start out be entering the attack directory:

$ cd attack

Next, edit the CMakelists.txt file to point to the location of your Pico SDK installation. For that you'll need to edit the following line:

set(PICO_SDK_PATH "/usr/share/pico-sdk")

Replace /usr/share/pico-sdk with the path to your Pico SDK installation.

Next, create a build directory and run cmake and make:

$ mkdir build
$ cd build
$ cmake ..
$ make

If everything went well, you should now have a attack.uf2 file in your build directory. Put your Pi Pico into bootloader mode and copy the attack.uf2 file onto it.

Building the target board exploit firmware

If you wish to skip the build process and just flash the target board exploit firmware onto your target STM32F1 board, you can download the latest pre-built target firmware binaries from the releases page

The attack relies on the target STM32F1 board getting a exploit firmware temporarily flashed onto its SRAM. This firmware contains a two-stage exploit that will dump the target board's flash memory to the serial port upon completion.

To compile the target firmware, enter the target directory and run make:

$ cd target
$ make

This will output multiple binaries with the name target_nnn_usartx.bin. The nnn part of the filename refers to the SRAM entry point offset, and the x part of the filename refers to the target boards USART peripheral used to dump the flash memory contents. The dump script will automatically detect the correct SRAM entry point offset and prompt you to select a USART peripheral in order to know which binary to flash onto the target board.

Allowing to chose the USART peripheral provides the big advantage of being able to use the most convenient/accessable USART pins on the target board.

Hardware Setup

Prior to connecting your Pi Pico to your target board, ensure that the BOOT1 pin (typically PB2, but please refer to your chips datasheet) on your target board is permanently set high by using a Pull-Up resistor (1k - 100k) to 3.3V. Neglecting to use a pull-up resistor to drive BOOT1 high can have severe consequences, potentially damaging the pin. This is because the BOOT1 pin is also used as a GPIO pin, and driving it as a low output without a pull-up resistor could cause a direct short.

Next, connect your Pi Pico to your target board as shown in the table below:

Pi Pico	STM32F1
GND	GND
~~GPIO0 / UART0_TX~~ NO LONGER USED	~~USARTx_RX~~ NO LONGER USED
GPIO1 / UART0_RX	USARTx_TX
GPIO2	VDD
GPIO4	NRST
GPIO5	BOOT0

Where USARTx_TX refers to the TX pin of a selected USART peripheral on the STM device, which will be utilized for transmitting the flash memory contents.

The USART TX pins for STM32F1-series chips are assigned as follows:

USART Peripheral	TX
USART1	PA9
USART2	PA2
USART3	PB10

Below is a picture that shows the hardware setup using a Blue Pill board as the target board with USART1 used to dump the flash memory:

Executing the attack

Begin by connecting the Pi Pico to your PC via USB. Your Pi Pico as well as the target board should now be powered on.

Note: Depending on the target board, it may not be obvious whether the STM32F1 is powered on or not. One way to confirm that the targeted STM32F1 is receiving power is to check if the NRST pin is being pulled high. Another method to confirm whether the targeted STM32F1 is receiving power is to connect a debug probe without the 3.3V pin connected and check if communication through OpenOCD is possible.

Note: If you are confident that the power-related pins are connected correctly, but the target board still does not appear to be powered on, then the target board may be drawing too much current from the Pi Pico's GPIO. In this case, you will need to buffer the GPIO responsible for providing power (GPIO2) with a BJT or MOSFET.

Create a new terminal window in the top of this repository and run the dump script:

$ python3 dump.py -p /dev/ttyACMx -o dump.bin

Where /dev/ttyACMx is the serial port that your Pi Pico is connected to. If left unspecified, the script will attempt to use /dev/ttyACM0 by default. dump.bin is the file that the target board's flash memory will be dumped to. If left unspecified, the script will not write the dump to a file and only print its content to the terminal.

Note: If you decided to use release binaries instead of building the target firmware yourself, you will need to specify the path to the directory holding the target firmware binaries using the -t flag. By default, the script will attempt to look for the binaries in the target/ directory of the cloned repository.

From this point on, simply follow the instructions printed by the script.

If the dump script worked, you should now have a complete dump of the target board's flash memory in the dump.bin file (or whatever you named it). Please note that it is normal for the dump to contain a lot of 0xFF bytes at the end due to unused flash typically being erased to 0xFF.

Troubleshooting

Should the dump script time out and fail, it could be the result of one of the following issues:

The debug probe is still connected to the target board
The BOOT1 pin on the target board is not set high
The Pi Pico has not been connected properly to the target board (Ensure the GNDs are connected!)
The Pi Pico has not been flashed with the attack firmware
The wrong serial port was selected (See -p flag)
The wrong target USART peripheral was selected
The power draw of the target board is too high for the Pi Pico to handle (Try buffering the power pin with a BJT or MOSFET)
The power board has a too high capacitance on the power and/or reset pins (Try removing any power and/or reset capacitors)
The STM32F1 board is not genuine or maybe too new (there are rumors that the exploit has been patched in 2020+ revisions of STM32F1 chips)

How does the attack work?

Relevant STM32F1 properties

Due to the attacks complexity, we must first introduce a couple of the STM32F1's properties that make the attack possible.

Read-Out Protection (RDP)

Given that this whole repository is about circumventing RDP Level 1, we will skip explaining the difference between RDP Level 0, 1 and 2 (does not apply to F1 chips) and instead focus on the properties of RDP Level 1 that make the attack possible.

When RDP Level 1 is set, the device will lock down access to flash memory as soon as either of the following conditions are met:

Condition 1: A debug probe is connected to the device
Condition 2: The device is booted into System Memory Mode (BOOT0 pin is set high, BOOT1 pin is set low), aka. "Bootloader Mode"
Condition 3: The device boots from SRAM (BOOT0 and BOOT1 pins are set high), starting execution at address 0x20000000

It is important to know, that the read-out protection lock caused by condition 1 will persist even after the debug probe is disconnected and even after a device reset has occurred! In other words, it persists until the next power cycle after the probe has been disconnected. The read-out protection lock caused by condition 2 and 3 will only persist until the next device reset.

As we'll see later, the attack uses a glitching exploit to ridden the lock of condition 1 and then uses a 2-stage firmware exploit to get rid of the locks caused by condition 2 and 3.

The Flash Patch and Breakpoint Unit (FPB)

The Arm Cortex-M3 (which the STM32F1 series uses) features something called the Flash Patch and Breakpoint Unit (FPB). The FPB possesses comparators that enable the setup of "patches" which redirect execution to a specified address when a particular memory address is accessed. It is important to know that these "patches" conveniently persist even after a device reset. Furthermore, the FPB lacks protection, allowing it to be configured even from code executed in SRAM.

The FPB is used in the attack to trick the device into executing code from SRAM when it supposed to execute code from flash memory. More details on this will be given further below where we discuss the whole attack in detail.

SRAM

A critical part of the attack is the ability to execute exploit code from SRAM. Unlike flash memory, the contents of SRAM are lost as soon as the device loses power. Well, see, this is not entirely true. The SRAM of the STM32F1 suffers from data retention which means that the contents of SRAM will persist for a very short period of time even after the device loses power.

Example of measured data retention conducted on 6T SRAM and 3T DRAM in 65mm bulk CMOS. Source

This property of the SRAM will be exploited in the attack to preserve SRAM contents even after power cycling the STM32F1 in order to ridden the RDP lock caused by the debug probe.

2-Stage Exploit Firmware

The last part that needs a separate explanation is the 2-Stage exploit firmware that will be loaded into the STM32F1's SRAM. The code for the target exploit firmware can be found in the target directory.

Stage 1

The initial phase of the exploit firmware involves configuring the FPB (Flash Patch and Breakpoint unit) to intercept the retrieval of a reset interrupt. This is achieved by patching the reset vector fetch located at 0x00000004, thus redirecting the execution flow to the entry point of the exploit firmware's second stage. Consequently, when the STM32F1 is reset and set to boot from flash memory, the RDP lock is effectively removed and since a reset interrupt triggers a reset fetch, the execution immediately proceeds to the second stage entry point situated in the SRAM. In short, stage one cleverly deceives the STM32F1 into executing code from the SRAM instead of its intended execution from flash memory.

Stage 2

By the time stage-2 has been entered, the read-out protection has been completely circumvented. The second stage of the exploit firmware simply reads and dumps the contents of the flash memory to the serial port, where it is then read by the Pi Pico and further directed to the host computer via USB.

The Attack

With all of the above explained, we can now finally explain the attack in detail. The steps below assume the hardware setup described in the Hardware Setup section.

Step 1: Preparation

During the first step, the debug probe is connected to the target STM32F1 board. This will cause condition 1 of the RDP lock to be triggered. The debug probe is then used to load the exploit firmware into SRAM and is then disconnected from the target board. Remember that condition 1 of the RDP lock will persist until the device is power cycled!

Step 2: Power Glitching

The goal here is to get rid of the RDP lock caused by condition 1, as well as booting into SRAM. To achieve this without wiping the exploit firmware from SRAM, we will use a power glitching attack. The attack board (Pi Pico) will first prepare BOOT0 high and then toggle the power of the target board off. After switching the power off, the attack board will monitor the NRST pin's logic state and immediately restore power once it the NRST pin drops low. Due to the short time it takes for the NRST pin to drop low, the SRAM contents will remain preserved (due to data retention) and the STM32F1 will boot into SRAM since BOOT0 and BOOT1 are now both high. The RDP lock caused by condition 1 will also be ridden since the debug probe is not connected to the target board anymore and a power cycle has occurred.

Source

Step 3: Exploit Firmware - Stage 1

The STM32F1 has now booted into SRAM and the exploit firmware's first stage is executed. Although we have gotten rid of the RDP lock caused by condition 1, we are now faced with the RDP lock caused by condition 3. As already described above, the first stage of the exploit firmware will patch the reset vector fetch address to jump to the second stage of the exploit firmware. Once the patch has been applied, the attack board pulls the BOOT0 pin low and resets the target board using the NRST pin. The STM32F1 will receive a reset interrupt and execute a reset vector fetch which will cause it to jump to the second stage of the exploit firmware. Simultaneously the rdp lock caused by condition 3 has been ridden since the STM32F1 believes is now booting from flash memory again (BOOT0 is low).

Step 4: Exploit Firmware - Stage 2

The STM32F1 is now executing the second stage of the exploit firmware. The second stage simply reads and dumps the contents of the flash memory to the serial port, where it is then read by the Pi Pico and further directed to the host computer via USB. Once the dump is complete, the exploit firmware will stop sending data to the serial port and the attack is complete.

stm32f1-picopwner's People

Contributors

Stargazers

Watchers

stm32f1-picopwner's Issues

another potential issue on the connection picture

Connection picture doesn't imply a seperate debug probe is to be used. I know it's a silly mistake to be done on the user side but I spent 2 hours on searching fixes for "waiting for a debug probe to be connected..." screen due to my sheer lack of knowledge. I just assumed that the pico with the attack firmware is now somehow magically a debug probe. After telling my self "could this debug probe be an st-link?" I finally got this worked and dumped the firmware lol

Silly mistake, connection picture is wrong lol

I just noticed the bluepill picture is wrong!
https://github.com/CTXz/stm32f1-picopwner/blob/main/img/BPExample.png

STM32: RX=PA10 TX=PA9

So, it should be:

PICO: GPIO0 (TX)-->PA10 GPIO1 (RX)-->PA9

Connected STLink to BluePill

Hello!!! I am testing script on BluePill with STM32F103C8T6. I Installed WSL2 and Ubuntu on Windows 10. I connected Pico as shown in the diagram and run the script. The script reached the step: "Waiting for debug probe (e.g. ST-Link) to be connected...". Do I need to connect to BluePill ST-Link without 3.3V (only connected SWIO. SWCLK and GND)? If yes, then I do it but nothing happens.

stm32f105vct6

OpenOCD version detection problem

Hello. I have problem with OpenCD version detection :
My version OpenCD:
Open On-Chip Debugger 0.12.0+dev-00559-g04154af5d (2024-04-14-21:15)
Licensed under GNU GPL v2
For bug reports, read
http://openocd.org/doc/doxygen/bugs.html

But when i start dump.py i have error:
Traceback (most recent call last):
File "dump.py", line 356, in
if not openocd_version_geq(MIN_OPENOCD_VERSION):
File "dump.py", line 179, in openocd_version_geq
current = get_openocd_version()
File "dump.py", line 161, in get_openocd_version
result = subprocess.run(["openocd", "-v"], capture_output=True, text=True)
File "/usr/lib/python3.6/subprocess.py", line 423, in run
with Popen(*popenargs, **kwargs) as process:
TypeError: init() got an unexpected keyword argument 'capture_output'

How i can fix it?

BluePill: Timeout: No data received from target

@hello,

I am trying to get this to work on a standard bluepill board without success.
Getting "Timeout: No data received from target" Error

What I tried so far:
-Using the precompiled firmware files
-Compiling attack and also target firmware
-Changing pcs and operation system: Windows WSL (Ubuntu), Virtualbox (Kali), Clean Linux PC (Ubuntu)
-Changed attack.c sleep.ms(15) to 30ms
-Changed Bluepill boards
-Changed PiPico W with PiPico
-Tried with unlocked stm32 firmware
-Tried every uart combination
-Tried with shorter cables and connecting directly to the bluepill without a breadboard

Nothing of the above helped, always the same error.

What I have noticed is that the GP25 LED is not powered or blinking in any state of the process.
Hope someone can help me out in finding the root of this issue.

Thanks

eychei

STM32F100

Hi there,

I have STM32F100 value line with rdp desoldered from original board and transferred to blue pill.

After various difficulties I am able to get through to the last stage where dumping firmware should be possible but I am not getting any data. I am trying to understand the problem here.

When I stop cpu after failed script I have following result:

Target stopped by debug request, current mode: Handler HardFault
xPSR: 0x61000003 pc: 0x200003a8 msp: 0x20004fe0

The program counter seems to be pointing to SRAM. By dumping part of the SRAM I've confirmed that there is a correct target firmware (1cc_usart1.bin). Perhaps the target fw is failing?

Should I be looking for a software problem e.g. target firmware? Or power glitching failure / reset / hw is possible issue here?

Thanks for your help, great job!

STM32F103C8T6 Serial dump does not stop

Hello I would like to thank you for sharing this utility and also ask a question about an issue I am having I have an STM32F103C8T6 Rev X
the process works fine but when I get to the serial dumping part it keeps dumping data forever ... if anyone has an idea please let me know

Could GD32F103 support be possible ?

Hey, thanks for your work and implementation.

I'm facing the same problem as described in #27.
I tried to dump the firmware of an STM32 clone (GD32F103).
Due to multiple failed attempts, I ordered a genuine STM32 blue pill and built a rig to be able to quickly swap microcrontrollers for testing.

The first attempt with a STM32F103 worked flawlessly.
So my guess is, right now it will not work with a GD32F103, but:

I found the CVE and original paper, the conference presentation @ WOOT '20 and another repository with an exploit for CKS and GD32 clones.

The attack between STM32F103 and GD32F103 seems to be similar.
Do you think it could be implemented ?

Compilation error attack.uf2 file

Hello. When compiling the attack.uf2 file I get the following error and file attack.uf2 does not compile in build directory.

What could be the problem?

Blank in path name occurs error loading

I installed stm32f1-picopwner on a dualboot Notebook using a folder on sda1 (Linux)/drive E:(Windows) which has a blank in it's foldername. When executing

  python3 dump.py -p /dev/ttyACM0 -o dump.bin

i get this error:

Traceback (most recent call last):
File "/...[...].../stm32f1-picopwner/dump.py", line 479, in <module>
    upload_target_fw(get_target_fw_bin(args.targetfw, sram_entry_point, usart))
File "/media/...[...].../stm32f1-picopwner/dump.py", line 295, in upload_target_fw
    raise Exception(
Exception: Failed to load target firmware to SRAM
openocd output: Error: Invalid command argument

After removing the blank or moving the stm32f1-picopwner directory to another directory without a space in the pathname, it works as expected.

Please add test for spaces in path name and escape sequence for spaces in path names.

STM32F427 read

stm32f1-picopwner Can it read the firmware? what needs to be changed in src. Point in the right direction

STM32F4xx RDP 2

I came across this project which looks promising and I was wondering if it was able to remove the write protection RDP 2 so stm32 can be flashed. Thanks

Stm32f105rbt6 usart1

I succesfully tested out a bluepill (works great) but ive been trying the Stm32f105rbt6 to no success. Tried thru usart1 and usart2 but get no response.

rp2040 zero is possible?

I tried to execute the procedure with rap2040 zero but it is not working, the script is executed but it does not find rp2040. Is there anything that can be done to work on the rp2040 zero or does it only work on the pi pico?

Script Version: 1.4
Requires Attack-Board Firmware Version: 1.x

Instructions:

1. Flash the attack firmware to the Pi Pico

2. Connect the Pi Pico to the STM32F1 target as follows (left Pico, right STM):
     GND     -> GND      
     GPIO 0  -> NO LONGER USED (previously USARTx_RX)
     GPIO 1  -> USARTx_TX
     GPIO 2  -> VDD      
     GPIO 4  -> NRST     
     GPIO 5  -> BOOT0    

Where:
     USART1_TX = PA9
     USART2_TX = PA2
     USART3_TX = PB10

3. Follow further instructions provided by this script
For more detailed steps, see the README.md file.

**Waiting for Pi Pico to be connected... (Looking for /dev/ttyACM0)**

Error: 'stdio_usb' undeclared (first use in this function)

Hi all! The problem is this. When it comes to compiling with the cmake command, I have this in the report:

[ 22%] Building C object CMakeFiles/attack.dir/attack.c.obj
/home/************/Downloads/stm32f1-picopwner/attack/attack.c: In function 'main':
/home/************/Downloads/stm32f1-picopwner/attack/attack.c:70:35: error: 'stdio_usb' undeclared (first use in this function); did you mean 'stdio_flush'?
   70 |         stdio_set_translate_crlf(&stdio_usb, false);
      |                                   ^~~~~~~~~
      |                                   stdio_flush
/home/************/Downloads/stm32f1-picopwner/attack/attack.c:70:35: note: each undeclared identifier is reported only once for each function it appears in
make[2]: *** [CMakeFiles/attack.dir/build.make:76: CMakeFiles/attack.dir/attack.c.obj] Ошибка 1
make[1]: *** [CMakeFiles/Makefile2:1491: CMakeFiles/attack.dir/all] Ошибка 2
make: *** [Makefile:91: all] Ошибка 2
                                                                                                                                
************@************:~/Downloads/stm32f1-picopwner/attack/build$ git submodule add https://github.com/mordae/pico-stdio-usb-simple.git

**error: 'stdio_usb' undeclared ((((((((**

Hack stm8

thanks CTXz, I have success with stm32f103c8t6, can I edit the project to apply with stm8 without CTXz, please help me

Strange SRAM entry point

Hi, i'm using stm32F103C8T6 blue pill.

I'm getting the following error,

raise Exception("Could not determine SRAM entry point\nopenocd output: " + line)

Exception: Could not determine SRAM entry point
openocd output: xPSR: 0x01000000 pc: 0x08000150 msp: 00000000

I find it strange pc: 0x08000150. Its supposed to be 0x20000150.

Additional info, I'm running bare metal led blink example with RDP enabled. Is it necessary to run any specific application to make the exploit work?

Thanks!

STM32F105RBT6 SRAM entry point

Hi, what might be wrong?

Debug probe already connected, please disconnect the debug probe for now
Device already connected to /dev/ttyACM0
Please press the reset button on the Pi Pico or reconnect it to ensure a clean state
Waiting for Pi Pico to be connected... (Looking for /dev/ttyACM0)
Device connected to serial port /dev/ttyACM0
Waiting for debug probe to be connected...
Debug probe connected to STM32F1 target
STM32F1 target is confirmed to be read protected
Traceback (most recent call last):
  File "/home/einar/pico/stm32f1-picopwner/dump.py", line 442, in <module>
    sram_entry_point = get_sram_entry_point()
  File "/home/einar/pico/stm32f1-picopwner/dump.py", line 284, in get_sram_entry_point
    raise Exception("Could not determine SRAM entry point\nopenocd output: " + line)
Exception: Could not determine SRAM entry point
openocd output: xPSR: 0x01000000 pc: 0x1fffe9c0 msp: 0x20000ff0

[Solved - Only for OpenOCD 0.10 ] All I get is "Debug probe already connected, please disconnect the debug probe for now"

Edit: This only happens if OpenOCD is outdated. It works with OpenOCD 0.12 right away without any modifications!

My system was using OpenOCD 0.10, so these were the fixes.

Update: It's solved now. Here's the procedure, problems and how I fixed them.

Flash the Pico: Press Boot button, connect to PC, paste attack_v_xx.uf2 file into the new drive.
I'm using VirtualBox Debian 20 VM, it recognizes the Pico and creates /dev/ttyACM0.
Clone the repo: git clone https://github.com/CTXz/stm32f1-picopwner
Extract target_firmware_v_xx.tar.gz into ./target folder.
My Python version: 3.7.3.
Ran pip3 install pySerial, it should install the module.
Install OpenOCD with sudo apt update && sudo apt install -y openocd.

The problem:

I'm executing python3 dump.py -p /dev/ttyACM0 -o dump.bin, but all I get is:

Instructions:

1. Flash the attack firmware to the Pi Pico

2. Connect the Pi Pico to the STM32F1 target as follows (left Pico, right STM):
    GND -> GND      
     0  -> USARTx_RX
     1  -> USARTx_TX
     2  -> VDD      
     4  -> NRST     
     5  -> BOOT0    

Where:
     USART1_RX = PA10, USART1_TX = PA9
     USART2_RX = PA3,  USART2_TX = PA2
     USART3_RX = PB11, USART3_TX = PB10

3. Follow further instructions provided by this script
For more detailed steps, see the README.md file.

Debug probe already connected, please disconnect the debug probe for now

I'm getting this message no matter what, even if /dev/ttyACM0 doesn't exist or specifying a non-existing port like /dev/asdfg.

All the capacitors from VDD and nRST were removed.
My connections are as follows:

    GND -> GND      
     0  -> USART1_RX = PA10
     1  -> USART1_TX = PA9
     2  -> VDD      
     4  -> NRST     
     5  -> BOOT0

Failure to load target firmware to SRAM

Hi, I'm not sure where I'm going wrong, was testing this on a Blue pill board- followed all directions and it goes smoothly until after choosing USART 1,2 or 3, I choose USART 1 as this is how I've wired it, but when loading target firmware to SRAM, I get -

Exception: Failed to load target firmware to SRAM
openocd output: Error: couldn't open /c/Users/ME/Desktop/stm32f1hack/target/target_108_usart1.bin

Anyone able to help me with this?

0x618

STM32F1 target is confirmed to be read protected
Detected SRAM entry point offset: 0x618 (0x20000618)
SRAM entry point offset 0x618 is not supported, expected: 0x108, 0x1CC or 0x1E
If you believe this is a valid entry point, please submit an issue

Bluepill STM32F103 - waiting for Pico...

Hi,
I tried to read read-protected Bluepill with Pico Pwner. I got all connections properly set and firmware prepared.
After running script i only got this:

Restaring Pico with RUN pin or reconnecting USB does not work.

I've checked common issues in readme but this one was not there.

Am I doing something wrong?

Images:

Bluepill:
https://imgur.com/egfpyQL
https://imgur.com/J13AtL2
https://imgur.com/KBCYHS4

Pi Pico:
https://imgur.com/1HCmUFY
https://imgur.com/vRPP7AO
https://imgur.com/qiAk7io

Tried all versions with no luck.

Could not determine SRAM entry point

Hi I have an STM32F103RET6
Device connected to serial port COM10
Waiting for debug probe to be connected...
Debug probe connected to STM32F1 target
STM32F1 target is confirmed to be read protected

Traceback (most recent call last):
  File "C:\stm32f1\dump.py", line 428, in <module>
    sram_entry_point = get_sram_entry_point()
                       ^^^^^^^^^^^^^^^^^^^^^^
  File "C:\stm32f1\dump.py", line 269, in get_sram_entry_point
    raise Exception("Could not determine SRAM entry point\nopenocd output: " + line)
Exception: Could not determine SRAM entry point
openocd output: xPSR: 0x01000000 pc: 0x1ffff020 msp: 0x200001fc

The date Code is 133
Is this a newer chip?

[Idea] Universal loader. Also: Fix for devices with smaller RAM.

This should remove the need of making different loaders for each RAM entry point.
Also, setting 20KB RAM will cause a hardfault in any other STM32 with smaller RAM (102, 101, 100).
So, limit RAM to 4KB to make it work with all.

ram_universal.ld
Isolate ISR and Entry Vector in their own section, reserve 0x000-0x300 for them.

MEMORY
{
  FLASH (rx)	: ORIGIN = 0x08000000, LENGTH = 64K
  RAM_ISR (xrw)	: ORIGIN = 0x20000000, LENGTH = 768                                         /* Reserve 0x000-0x300 for isr and entry point */
  RAM (xrw)	: ORIGIN = ORIGIN(RAM_ISR)+LENGTH(RAM_ISR), LENGTH = 4K-LENGTH(RAM_ISR)     /* Limit RAM usage to 4KB for best compatibility */
}

SECTIONS
{
                                            /* The startup code goes first into FLASH */
  .isr_vector :
  {
    . = ALIGN(4);
    KEEP(*(.isr_vector))                    /* Startup code */
    . = ALIGN(4);
    . = 0x100;
    *(.entryVec)                            /* entry vector position for SRAM execution */
  } >RAM_ISR

test.S
Set the stack to 4KB to avoid possible hard faults.
Fill ram 0x100-0x300 with jumps. Wherever the ram boots to, it'll jump to the correct place.

.section .isr_vector
isrVectors:
	.word 0x20001000                    /* Set stack to 4KB */
	.word _start+1
	.word vecNMI+1
	.word vecHardfault+1
	.word vecMemMan+1
	.word 0
	.word 0
	.word 0
                                            /* These is the stage 2 entry point */
	.word stage2+1

.section .entryVec
.rept 256                                   /* Fill 0x100-0x300 with jumps */
        b _start
.endr

dump.py

def sram_entry_offset_supported(entry_addr: int):
    return ((entry_addr >= 0x100) and (entry_addr < 0x300))
    

if sram_entry_offset_supported(sram_entry_point) == False:
    print(
        "SRAM entry point offset "
        + str(hex(sram_entry_point))
        + " is not supported, expected: 0x100-0x2FF"
    )

STM32F4xx Implementation

Nice work, I'm interested in adding changes to script and do dumping on F4, please check this https://github.com/lolwheel/stm32f4-rdp-workaround.git implementation for F4, same as your work but uses esp8266 instead of Pico.

Guide me general direction on how to add the same function to your project. Thanks!