This lecture aims at providing ideas and practical techniques about the reverse-engineering process of equipment firmware images. It touches upon data encoding, compression, bootstraps, deciphering, disassembly, and emulation. This lecture aims at providing ideas and practical techniques about the reverse-engineering process of equipment firmware images. It focuses exclusively on images susceptible to hosting an operating system of some sort. The approach taken here includes first a reminder about various data encodings for binary transfers, such as UUENCODE or Intel's HEX format. The talk goes on to further interpret the available data, would it be a bootloader, compressed or a filesystem. At this stage chunks of meaningful data should be available, in which useful information should be reachable. A more in-depth investigation is then conducted, down to executable file formats or various machine-level assembly bytes. If the operating system used was not determined before this stage, the talk mentions how to extract this information and presents which ones are likely to be found, but not necessarily well-known to the general public. Finally, a few questions about cryptography are raised, and an overview of disassembly and emulation tools is given, as they may well be the easiest ways to defeat it.
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.