This class teaches how to extract complete firmware images from devices once UART access has been gained. The instructor first demonstrates leveraging built-in MCU bootloaders, showing how vendors like STMicroelectronics, NXP, TI, Espressif, and others expose UART-based programming interfaces that can be repurposed for firmware dumping. The second technique uses captured UART logs: a firmware hexdump streamed to the terminal can be reconstructed into a binary file using a simple Python script. By the end, students will know how attackers recover entire firmware images for offline reverse engineering, analysis, and implant development.

Learning Objective
Perform firmware extraction from MCUs and embedded devices using UART access.

Training Outcomes

• Use built-in UART bootloaders of popular MCUs to dump firmware

• Capture firmware hexdumps via UART logs and reconstruct them into binaries

• Apply extracted firmware for vulnerability research and exploit development

Hands-On Experience

• Connect to MCU bootloaders (STM32, ESP32, MSP430, AVR, etc.) and dump firmware images

• Capture UART log hexdumps and rebuild them into binary firmware with the provided Python script

• Analyze recovered binaries as a foundation for reverse engineering and further exploitation