Firmware Analysis

Last modified: 2023-07-19

IoT Reverse Engineering

Static Analysis

The following tools are useful for static analysis.

file ./firmware

binwalk ./firmware
# -M: Matryosika (recursively) scan extracted files
# -r: Delete carved files after extracting
# -e: Extract known file types
binwalk -Mre ./firmware
# -E: Calculate file entropy
# -N: Do not generate an entropy plot graph
binwalk -EN ./firmware

# firmware-mod-kit
./ ./firmware

Dynamic Analysis

gdb ./firmware
rizin ./firmware


FIRMADYNE is a platform for emulation and dynamic analysis of Linux-based firmware.

# Analyze and emulate the system
./ example.squashfs

The analysis will start.
Copy the ip address in the output as below.

Network interfaces: [('brtrunk', '')]

In local machine, port forward using the ip.

ssh -L 8081: remote-user@<remote-ip>

Now we can access to