Exploring IoT and Firmware Reversing Concepts
Discover the world of IoT and firmware reversing, including applications, protocols, security, and device examples. Learn about the interconnected nature of IoT devices and the protocols used. Uncover the significance of IoT in various industries and its impact on technology.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
WhoAmI Security Consultant with Payatu Technologies Experience in Web Pentesting, VAPT and Mobile Appsec (Android Only) and currently learning IOT. Twitter Handle nitmalviya03
Topics to be covered Introduction to IOT IOT Applications Protocols in IOT system Components Involved IOT security Firmware Extraction and Reversing Topics for future session Automated Framework
What is IoT ?? The internet of things (IoT) is the network of physical devices, vehicles, buildings and other items embedded with electronics, software, sensors, actuators, and network connectivity that enable these objects to collect and exchange data(Wikipedia) Internet of things increases the connectedness of people and things on a scale that once was unimaginable.
Devices like Networking devices(routers, firewalls, IDS) Set-top boxes Medical devices(Health monitors) Mobile phones. Home security systems Vehicles, in-flight entertainment. Thermostats, metering systems, consumer electronics Displays
Information Security Office of Budget and Finance Various Names, One Concept Education Partnership Solutions M2M (Machine to Machine) Internet of Everything (Cisco Systems) World Size Web (Bruce Schneier) Skynet (Terminator movie)
Information Security Office of Budget and Finance Where is IoT? Education Partnership Solutions It s everywhere!
Information Security Office of Budget and Finance Education Partnership Solutions
The IoT Protocols Various protocols used are HTTP WebSocket XMPP Extensible Messaging and Presence Protocol CoAP Constrained Application Protocol MQTT - Message Queue Telemetry Transport AMQP Advanced Message Queuing Protocol
Why be concerned about IoT? It s just another computer, right? All of the same issues we have with access control, vulnerability management, patching, monitoring, etc. Imagine your network with 1,000,000 more devices Any compromised device is a foothold on the network
Attacking IoT Devices Education Partnership Solutions Default, weak, and hardcoded credentials Difficult to update firmware and OS Lack of vendor support for repairing vulnerabilities Vulnerable web interfaces (SQL injection, XSS) Coding errors (buffer overflow) Clear text protocols and unnecessary open ports DoS / DDoS Physical theft and tampering
What we going to discuss Firmware Reversing
What is Firmware Ascher Opler coined the term "firmware" in 1967. Firmware is data that is stored on a computer or other hardware device's read-only memory that provides instruction on how that device should operate. Unlike normal software, firmware cannot be changed or deleted by an without the aid of special programs and remains on that device whether or not it's on or off.
Firmware Extraction Firmware Extraction - Process of extracting firmware from the embedded device Method Embedded Device Firmware Extraction via hardware Interfaces Hex File Conversion to Bin File Bin File Extraction NOTE - We will be learning bin file extraction and not hardware extraction part.
Tools of the trade Binwalk (will be using this) Firmwalk Firmware Modification Kit Firmdyne ERESI Framework FRAK Firmware Reverse Analysis Konsole
What to do ? Get the firmware Reconnaisannce Unpack Localize point of interest Pentest
Any vulnerable bin file for analysis/pentest ?? DVRF - Damn Vulnerable Router Firmware Get it here - https://github.com/praetorian-inc/DVRF For our demo will use dlink firmware -DIR412A1_FW114WWb02.bin Link - http://www.filewatcher.com/m/DIR412A1_FW114WWb02.bin.35349 83-0.html
Any website for automated binary analysis ?? Upload your binary file here - http://firmware.re/ Many times it does not work. Thus, not much reliable.
What needs to be covered/learn. QEMU Emulator for running binaries based on MIPS/ARM architecture. Reversing binaries using IDA pro (Useful in login bypass and key extraction) IOT components and its functionalities in depth. IOT protocols
OWASP IOT TOP 10 Various file systems used in IOT devices. Firmware extraction using Hardware Interfaces (UART,JTAG,I2C etc) Firmware Reversing tools apart from binwalk. Common Processor Architectures
Types of memory in embedded devices. Types of storage. Common Operating systems used in embedded devices. Various Bootloaders. Common libraries....
Is there any automated Framework?? Like metasploit we have routersploit Get it here - https://github.com/reverse-shell/routersploit Just run rsf.py and enjoy!!! A very Small Demo
References http://www.devttys0.com/ https://www.coursera.org/ http://resources.infosecinstitute.com/
