HIP19: Introduction to IoT Reverse Engineering - V. Di Giampietro
Introduction to IoT Reverse Engineering by Valerio Di Giampietro
https://hackinparis.com/talks/#talk-2019-introduction-to-iot-reverse-engineering-with-an-example-on-a-home-router
Introduction to firmware reverse engineering process of IoT devices. The process, described with an example on a home router, is based on Information Gathering of hardware and software, Building of an Emulation Environment to run binaries, and Techniques to analyze, hack and modify the firmware.
The introduction to firmware reverse engineering process is described with a real example, done by the author, on a recent home router with the target to load a modified firmware overcoming the router protection that doesn’t allow loading of unsigned firmware.
The process described is based on:
Information Gathering
- identify main device components (CPU, Flash, SDRAM, main components)
- locate UART and JTAG interfaces
- hw tools: Bus Pirate, OpenOCD, Jtagulator
- get os image file or firmware file
- sw tools: strings, file, binwalk, dd, jefferson, uncramfs etc.
- identification of CPU, Flash, RAM, kernel version, C library, toolchain used etc.
- identification of Original Manufacturer and Original Firmware Manufacturer
Emulation Environment using QEMU
- select a QEMU machine and CPU reasonably similar to the IoT device (same CPU, similar kernel version, similar modules and libraries)
- select a tool to build the kernel and the root file system (brief description of Yocto Project, Buildroot and OpenWRT build system). Buildroot will be used in the example and described in more detail
- Buildroot and kernel configuration, generation of root file system with binaries and libraries with debugging information
- Overcoming obstacles created by the firmware manufacturer
- Running interesting binaries in the emulated environment
- Use tools like strace, ltrace, gdb to reverse engineer the most interesting binaries
Analyze how the device works
- the firmware upgrade process
- CLI and Web interface analisys
- main processes analisys
- finding vulnerabilities
- hacking into the system
- hack the firmware upgrade process
- replace the original firmware
Create a Firmware Modification Kit to simplify the firmware modification process
Видео HIP19: Introduction to IoT Reverse Engineering - V. Di Giampietro канала Hack in Paris
https://hackinparis.com/talks/#talk-2019-introduction-to-iot-reverse-engineering-with-an-example-on-a-home-router
Introduction to firmware reverse engineering process of IoT devices. The process, described with an example on a home router, is based on Information Gathering of hardware and software, Building of an Emulation Environment to run binaries, and Techniques to analyze, hack and modify the firmware.
The introduction to firmware reverse engineering process is described with a real example, done by the author, on a recent home router with the target to load a modified firmware overcoming the router protection that doesn’t allow loading of unsigned firmware.
The process described is based on:
Information Gathering
- identify main device components (CPU, Flash, SDRAM, main components)
- locate UART and JTAG interfaces
- hw tools: Bus Pirate, OpenOCD, Jtagulator
- get os image file or firmware file
- sw tools: strings, file, binwalk, dd, jefferson, uncramfs etc.
- identification of CPU, Flash, RAM, kernel version, C library, toolchain used etc.
- identification of Original Manufacturer and Original Firmware Manufacturer
Emulation Environment using QEMU
- select a QEMU machine and CPU reasonably similar to the IoT device (same CPU, similar kernel version, similar modules and libraries)
- select a tool to build the kernel and the root file system (brief description of Yocto Project, Buildroot and OpenWRT build system). Buildroot will be used in the example and described in more detail
- Buildroot and kernel configuration, generation of root file system with binaries and libraries with debugging information
- Overcoming obstacles created by the firmware manufacturer
- Running interesting binaries in the emulated environment
- Use tools like strace, ltrace, gdb to reverse engineer the most interesting binaries
Analyze how the device works
- the firmware upgrade process
- CLI and Web interface analisys
- main processes analisys
- finding vulnerabilities
- hacking into the system
- hack the firmware upgrade process
- replace the original firmware
Create a Firmware Modification Kit to simplify the firmware modification process
Видео HIP19: Introduction to IoT Reverse Engineering - V. Di Giampietro канала Hack in Paris
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![RomHack 2019 - Valerio Di Giampietro - Reverse engineering of IoT devices: hack a home router [ITA]](https://i.ytimg.com/vi/2T_1UeK3h8M/default.jpg)
![#04 - How To Get The Firmware - Hardware Hacking Tutorial](https://i.ytimg.com/vi/oY-MxtJLEos/default.jpg)
![HIP19: IronPython... OMFG - M. Salvati](https://i.ytimg.com/vi/V_Rpyt4dsuY/default.jpg)
![Weigh Containers On Chassis With BISON C-Jacks & Stands](https://i.ytimg.com/vi/piA4WNbF3SA/default.jpg)
![Jethro Beekman: Reversing UEFI by execution](https://i.ytimg.com/vi/JbHrwS4PHMY/default.jpg)
![Simple Firmware Reverse Engineering](https://i.ytimg.com/vi/oqk3cU7ekag/default.jpg)
![GDB Tutorial for Reverse Engineers: Breakpoints, Modifying Memory and Printing its Contents](https://i.ytimg.com/vi/nLp3hr6Jf2M/default.jpg)
![#05 - How To Get The Root File System - Hardware Hacking Tutorial](https://i.ytimg.com/vi/-AYmTMILsM8/default.jpg)
![Easy mobile penetration testing with Brida - Federico Dotta & Piergiovanni Cipolloni [HIP21]](https://i.ytimg.com/vi/RawqXSslsQk/default.jpg)
![How to avoid death By PowerPoint | David JP Phillips | TEDxStockholmSalon](https://i.ytimg.com/vi/Iwpi1Lm6dFo/default.jpg)
![MMORPG Bot Reverse Engineering and Tracking](https://i.ytimg.com/vi/irhcfHBkfe0/default.jpg)
![I2C Reverse Engineering - by FightCube.com](https://i.ytimg.com/vi/Y2p3Fal-UXI/default.jpg)
![Introduction to Reverse Engineering](https://i.ytimg.com/vi/D6mVIos-S2M/default.jpg)
![Firmware.RE: Firmware Unpacking, Analysis and Vulnerability-Discovery as a Service](https://i.ytimg.com/vi/bfH_Ah5X9v8/default.jpg)
![Embedded devices reverse engineering](https://i.ytimg.com/vi/hlQiP0wjWPY/default.jpg)
![Reading Silicon: How to Reverse Engineer Integrated Circuits](https://i.ytimg.com/vi/aHx-XUA6f9g/default.jpg)
![Introduction to Firmware Reversing](https://i.ytimg.com/vi/GIU4yJn2-2A/default.jpg)
![The Quantum Conspiracy: What Popularizers of QM Don't Want You to Know](https://i.ytimg.com/vi/dEaecUuEqfc/default.jpg)
![All Roads Lead to OpenVPN Pwning Industrial Remote Access Clients -Sharon BRIZINOV [HIP21]](https://i.ytimg.com/vi/rNHshToPt2Y/default.jpg)
![Reverse engineering vendor firmware drivers for little fun and no profit [linux.conf.au 2014]](https://i.ytimg.com/vi/j5NciKpHZzs/default.jpg)