I did a workshop, at the Hacktivity 2019 – IT Security Festival on 25th and 26th October 2019 about “Introduction to IoT Reverse Engineering with an Example on a Home Router”.
Here you can find:
- The presentation in pdf format, in the last pages of the presentation you will find the links to everything I talked about;
GitHub repositories related to the Home Router Example
- hacking-gemtek: the complete reverse engineering project for the home router example, a Gemtek home router (WVRTM-127ACN), distributed in Italy by Linkem, with the purpose to modify the firmware, gain root access, recover default WiFi password.
- adbtools2: tools related to another reverse engineering project, for hacking ADB Epicentro routers (the example home router), including firmware modification kit and VOIP password recovery;
- Buildroot-armv7: a set of scripts, configuration files and Buildroot external tree to setup a Qemu emulation environment to run and reverse engineer the Netgear DVA 5592 executables. This environment uses Docker, Buildroot and Qemu to emulate a board with an ARMv7 Cortex A9 processor, Linux kernel 3.4.11-rt19, uClibc 0.9.33.2, and old versions of other libraries.
Reverse engineering and physical disassembly
- Introduction to reverse engineering, Mike Anderson, Embedded Linux Conference 2018, slides and video;
- Chris Simmonds – Mastering Embedded Linux Programming – Second Edition – Packt Publishing 2017;
- Norman Matloff , Peter Jay Salzman – The Art of Debugging with GDB, DDD and Eclipse – NO STARCH PRESS 2008;
JTAG and UART interfaces
- Putty terminal emulator;
- OpenOCD (Open On-Chip Debugger) provides debugging, in-system programming and boundary-scan testing for embedded target devices;
- Wireshark, network protocol analyzer;
- Binwalk, firmware analysis tool;
- Jefferson, JFFS2 filesystem extraction tool.