Skip to content
DEFCON 27 Badge firmware, with tooling for GNU GCC / Newlib and some minor tweaks
C C++ Other
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
dc27_badge LinkServer Debug.launch
dc27_badge LinkServer Release.launch

DEFCON 27 Badge Firmware

This repo contains a slightly modified copy of the official DEFCON 27 badge firmware, the original of which can be downloaded from the DEFCON Media Server.

For more information on the DC27 badge and the hacking efforts, see this blog post.

This repo has been modified in a few small ways:

  • Dependency on NXP-specific toolchain libraries have been removed.
    • Primarily, the Redlib libc has been swapped out for newlib-nano
  • Badges flashed with this firmware will cycle throigh broadcasting as all badge types (chameleon mode).
  • The extended rickroll has been enabled
  • The light pattern has been modified, so that badges with this firmware can be easily identified.

Building and flashing

To build, ensure that you have the GCC ARM toolchain installed:

sudo apt install binutils-arm-none-eabi gcc-arm-none-eabi gdb-arm-none-eabi

You can then build the badge easily with make:

cd Debug
make dc27_badge.axf

On success, you should get output like this:

Memory region         Used Size  Region Size  %age Used
   PROGRAM_FLASH:       58248 B        64 KB     88.88%
            SRAM:        5228 B        16 KB     31.91%
         USB_RAM:          0 GB        512 B      0.00%
Finished building target: dc27_badge.axf

To flash the badge, you can use a LPC-Link 2 or Black Magic Probe. Connect the probe to the SWD pins using a TagConnect TC-2050-IDC-NL-050-ALL cable, and then load up GDB and flash like so:

arm-none-eabi-gdb dc27_badge.axf
target extended-remote /dev/ttyACM0
monitor swdp scan
attach 1

You can then disconnect, and your badge should be running the new firmware.

You can’t perform that action at this time.