Taking things apart to see how they work is an important part of understanding a system, and that goes for software as much as for hardware. You can get a jump start on your firmware reverse engineering skills with Asmita Jha’s workshop which was presented live at the Hackaday Remoticon. The video has just been published, and is found below along with a bit more on what she covered in her hands-on labs.
Where do you start when poking around a binary file with which you’re unfamiliar? The first part of the two-hour workshop tackles this issue. Asmita takes a systematic approach to figuring out what you’ve got and what methods will have the best chance of success.
The tools needed for static analysis are likely familiar names to you already: Binwalk, John the Ripper, Ghidra, Firmwalker, FACT Tool, and EXPLIoT Firmware Auditor. Three of the four labs use these tools to practice things like extracting firmware binaries to find hardcoded credentials, modifying and repacking binaries, and cracking passwords found inside. There is also an example of dynamic analysis where the hardware architecture for which the firmware is compiled differs from the computer you’re using for reverse engineering. In that case you can use a flavor of Qemu to make sense of it.
Beginning about half-way through the workshop the hands-on labs begin. You can follow along with this using workshop slides and setup instructions found on the workshop page.
FYI, the generated closed captions on the video are great, incase you have a problem understanding the accent.
Inline-link (“get a jump start on your firmware reverse engineering skills with Asmita Jha’s workshop”) is missing a trailing “E”
Fixed, thanks!
Is it still possible to make the VM for the lab available for download, to those who were unable to attend the workshop?
If so it would be greatly appreciated.
Thanks.