Firmware Reverse Engineering & Exploitation

Transcript

1. @VaibhavXX95/NullHumla

2. None

3.  What is Firmware  Analysis Firmware  How to

   get firmware from any device  Extracting Firmware  Firmware scanning Tool

4. • Binwalk • Attify OS • Firmware Analysis Toolkit •

   Fimware Scanning Tool • Qemu • Firmwalker

5. Firmware is nothing but just a piece of code residing

   on the non-volatile section of the device to perform different tasks required for the functioning of the device. Components • Kernel • Boot loader • File System

6. Most popular attack on IoT devices: • Mirai Botnet infects

7. File system in the Embedded or IoT device can be

   of different types, depending on the manufacturer’s requirements and the device functionality. Each of the different file system types have their own unique signature headers which we will later use to identify the location where file system starts in the entire firmware binary. The common file systems which we typically encounter in IoT devices: 1. Squashfs 2. Cramfs 3. JFFS2 4. YAFFS2 5. ext2

8. • Getting it online • Extracting from the device •

   Sniffing OTA • Reversing applications
9. None

10. Damn Vulnerable Router Firmware

11. None
12. None
13. None
14. None
15. None
16. None
17. None
18. None

19. readelf –h bin/busybox

20. Reference :https://idafchev.github.io/crypto/2017/04/13/crypto_part1.html

21. None
22. None

23. • It’s used to access the device remotely. Example like

    baby monitor having telnet access enabled with a hard-coded password. • Now we have to find the word telenet in the entire firmware folder.
24. None
25. None
26. None
27. None
28. None