Valerio Di Giampietro

IT Infrastructure Manager @

Valerio Di Giampietro is an IT Infrastructure Manager with a strong and deep technical knowledge and experience in many areas related to IT infrastructures: cloud based infrastructures, networking, web servers, Oracle and mySQL databases, ERP applications, large Linux installation, virtualization environments, storage area networking, IoT devices. He has a long-lasting passion for electronics and technology since when he was a child, for this reason he studied and got a Master’s in Electronic Engineering. He became a Linux enthusiast since the beginning: * he installed Linux on his 486 PC with 4 MB of RAM in 1993, * the year later, in 1994, he ran a Linux based Fidonet BBS, * in 1999 he introduced Linux in the company he was working for, Interested in understanding how devices work, always tinkered with various devices: in 2010 reverse engineered a Fastweb router to find the default password knowing only the SSID, later published tools on GitHub to uncram some non standard router file systems and other tools to find default passwords for some Telecom Italia Alice routers. More information available at: * LinkedIn: https://www.linkedin.com/in/digiampietro/ * GitHub: https://github.com/digiampietro * Docker repo: https://hub.docker.com/u/digiampietro/ * Personal web site: http://va.ler.io/ * Another web site: http://www.audiocast.it Emails: * main: [email protected] * alternative: [email protected] * other: [email protected]

Talks

2018	Introduction To IoT Reverse Engineering with an example on a home router
45'	Introduction to firmware reverse engineering process of IoT devices. The process, described with an example on a home router, is based on Information Gathering of hardware and software, Building of an Emulation Environment to run binaries, and Techniques to analyze, hack and modify the firmware. The introduction to firmware reverse engineering process is described with a real example, done by the author, on a recent home router with the target to load a modified firmware overcoming the router protection that doesn’t allow loading of unsigned firmware (ref: https://github.com/digiampietro/adbtools2) The process described is based on: Information Gathering hw: identify main device components (CPU, Flash, SDRAM, main components) hw: locate UART and JTAG interfaces hw tools: Bus Pirate, OpenOCD, Jtagulator sw: get os image file or firmware file sw tools: strings, file, binwalk, dd, jefferson, uncramfs etc. identification of CPU, Flash, RAM, kernel version, C library, toolchain used etc. identification of Original Manufacturer and Original Firmware Manufacturer Emulation Environment using QEMU select a QEMU machine and CPU reasonably similar to the IoT device (same CPU, similar kernel version, similar modules and libraries) select a tool to build the kernel and the root file system (brief description of Yocto Project, Buildroot and OpenWRT build system). Buildroot will be used in the example and described in more detail Buildroot and kernel configuration, generation of root file system with binaries and libraries with debugging information Overcoming obstacles created by the firmware manufacturer Running interesting binaries in the emulated environment Use tools like strace, ltrace, gdb to reverse engineer the most interesting binaries Analyze how the device works the firmware upgrade process CLI and Web interface analisys main processes analisys finding vulnerabilities hacking into the system hack the firmware upgrade process replace the original firmware Create a Firmware Modification Kit to simplify the firmware modification process Talk page

2018

Introduction To IoT Reverse Engineering with an example on a home router

45'

Introduction to firmware reverse engineering process of IoT devices. The process, described with an example on a home router, is based on Information Gathering of hardware and software, Building of an Emulation Environment to run binaries, and Techniques to analyze, hack and modify the firmware. The introduction to firmware reverse engineering process is described with a real example, done by the author, on a recent home router with the target to load a modified firmware overcoming the router protection that doesn’t allow loading of unsigned firmware (ref: https://github.com/digiampietro/adbtools2) The process described is based on: Information Gathering hw: identify main device components (CPU, Flash, SDRAM, main components) hw: locate UART and JTAG interfaces hw tools: Bus Pirate, OpenOCD, Jtagulator sw: get os image file or firmware file sw tools: strings, file, binwalk, dd, jefferson, uncramfs etc. identification of CPU, Flash, RAM, kernel version, C library, toolchain used etc. identification of Original Manufacturer and Original Firmware Manufacturer Emulation Environment using QEMU select a QEMU machine and CPU reasonably similar to the IoT device (same CPU, similar kernel version, similar modules and libraries) select a tool to build the kernel and the root file system (brief description of Yocto Project, Buildroot and OpenWRT build system). Buildroot will be used in the example and described in more detail Buildroot and kernel configuration, generation of root file system with binaries and libraries with debugging information Overcoming obstacles created by the firmware manufacturer Running interesting binaries in the emulated environment Use tools like strace, ltrace, gdb to reverse engineer the most interesting binaries Analyze how the device works the firmware upgrade process CLI and Web interface analisys main processes analisys finding vulnerabilities hacking into the system hack the firmware upgrade process replace the original firmware Create a Firmware Modification Kit to simplify the firmware modification process

Talk page