EN

Introduction To IoT Reverse Engineering with an example on a home router

Valerio Di Giampietro

Introduction to firmware reverse engineering process of IoT devices. The process, described with an example on a home router, is based on Information Gathering of hardware and software, Building of an Emulation Environment to run binaries, and Techniques to analyze, hack and modify the firmware.

The introduction to firmware reverse engineering process is described with a real example, done by the author, on a recent home router with the target to load a modified firmware overcoming the router protection that doesn’t allow loading of unsigned firmware (ref: https://github.com/digiampietro/adbtools2 )

The process described is based on:

Information Gathering hw: identify main device components (CPU, Flash, SDRAM, main components) hw: locate UART and JTAG interfaces hw tools: Bus Pirate, OpenOCD, Jtagulator sw: get os image file or firmware file sw tools: strings, file, binwalk, dd, jefferson, uncramfs etc. identification of CPU, Flash, RAM, kernel version, C library, toolchain used etc. identification of Original Manufacturer and Original Firmware Manufacturer Emulation Environment using QEMU select a QEMU machine and CPU reasonably similar to the IoT device (same CPU, similar kernel version, similar modules and libraries) select a tool to build the kernel and the root file system (brief description of Yocto Project, Buildroot and OpenWRT build system). Buildroot will be used in the example and described in more detail Buildroot and kernel configuration, generation of root file system with binaries and libraries with debugging information Overcoming obstacles created by the firmware manufacturer Running interesting binaries in the emulated environment Use tools like strace, ltrace, gdb to reverse engineer the most interesting binaries Analyze how the device works the firmware upgrade process CLI and Web interface analisys main processes analisys finding vulnerabilities hacking into the system hack the firmware upgrade process replace the original firmware Create a Firmware Modification Kit to simplify the firmware modification process

track icon Security
duration icon 45 min
language icon English
level icon Intermediate
slides icon Slides

Video

This talk video is not yet available, but we upload new videos and slides every month.

What is LinuxLab?

LinuxLab - Building smarter devices - is the conference on Linux, kernel, embedded, build systems, security, virtualization technologies and open source. LinuxLab is organized by Develer, the company who launched events like Better Software, Better Embedded, QtDay, PyCon and EuroPython.

Talk slides

Introduction To IoT Reverse Engineering with an example on a home router

from Valerio Di Giampietro