I did a presentation, in Italian (see below for similar presentation in English), at the RomHack 2019 – Cyber Security Conference on 28th September 2019 about “Reverse Engineering of IoT devices: Hack a Home Router”.
Here you can find:
- The presentation in pdf format, in the last pages of the presentation you will find the links to everything I talked about;
GitHub repositories related to the Home Router Example
- adbtools2: tools for hacking ADB Epicentro routers (the example home router), including firmware modification kit and VOIP password recovery;
- Buildroot-armv7: a set of scripts, configuration files and Buildroot external tree to setup a Qemu emulation environment to run and reverse engineer the Netgear DVA 5592 executables. This environment uses Docker, Buildroot and Qemu to emulate a board with an ARMv7 Cortex A9 processor, Linux kernel 3.4.11-rt19, uClibc 0.9.33.2, and old versions of other libraries.
- hacking-gemtek another reverse engineering project for a Gemtek home router (WVRTM-127ACN), distributed in Italy by Linkem, with the purpose to modify the firmware, gain root access, recover default WiFi password.
Reverse engineering and physical disassembly
- Introduction to reverse engineering, Mike Anderson, Embedded Linux Conference 2018, slides and video;
- Chris Simmonds – Mastering Embedded Linux Programming – Second Edition – Packt Publishing 2017;
- Norman Matloff , Peter Jay Salzman – The Art of Debugging with GDB, DDD and Eclipse – NO STARCH PRESS 2008;
JTAG and UART interfaces
- Putty terminal emulator;
- OpenOCD (Open On-Chip Debugger) provides debugging, in-system programming and boundary-scan testing for embedded target devices;
- Wireshark, network protocol analyzer;
- Binwalk, firmware analysis tool;
- Jefferson, JFFS2 filesystem extraction tool.