Exploit Notes

Firmware Analysis

Last modified: 2023-01-06

IoT Reverse Engineering

Static Analysis

The following tools are often used for static analysis.

# -E: Calculate file entropy
# -N: Do not generate an entropy plot graph
binwalk -EN ./firmware

# firmware-mod-kit
./extract-firmware.sh ./firmware

Dynamic Analysis

gdb ./firmware
rizin ./firmware

Using FIRMADYNE

FIRMADYNE is a platform for emulation and dynamic analysis of Linux-based firmware.

# Analyze and emulate the system
./fat.py example.squashfs

The analysis will start.
Copy the ip address in the output as below.

Network interfaces: [('brtrunk', '192.168.0.100')]

In local machine, port forward using the ip.

ssh -L 8081:192.168.0.100:80 remote-user@<remote-ip>

Now we can access to http://127.0.0.1:8081/

Tools by HDKS

Fuzzagotchi

Automatic web fuzzer.

aut0rec0n

Auto reconnaissance CLI.

Hash Cracker

Hash identifier.