All right. It’s Saturday night, I have no date, a two-liter bottle of Shasta and my all-Rush mix-tape…let’s hack. On a whim I downloaded firmware v1.13 for the DIR-100 revA. Binwalk quickly found and extracted a SquashFS file system, and soon I had the firmware’s web server (/bin/webs) loaded into… Continue reading
I’m Vegas-bound for my Black Hat briefing, full of all the wonderful security SNAFU’s we’ve come to expect from embedded devices. If you want to see some surveillance cameras getting hacked, stop by my talk, or find me in the DEFCON wireless village if you just want to drink beers… Continue reading
I’ve recently been examining the feasibility of differentiating compressed data from encrypted data based on variations in the entropy of the data. Initial results showed some promise, but were tested against too small of a sample set to draw any hard conclusions. Since then, I’ve been experimenting with larger data… Continue reading
Registration is open for the July 2013 offering of our Embedded Device Exploitation 101 course. Only two days left for the early bird discount!
When working with binary blobs such as firmware images, you’ll eventually encounter unknown data. Particularly with regards to firmware, unknown data is usually either compressed or encrypted. Analysis of these two types of data is typically approached in very different manners, so it is useful to be able to distinguish… Continue reading
A common need that I have when reversing code is to find all possible code paths between two functions. Say for example that I’m looking for calls to dangerous functions, like sprintf, and I want to find all possible code paths that lead from my current function to sprintf. Manually… Continue reading
Binwalk 1.2 has been released, and in addition to the usual signature / speed improvements, it sports several new features: Recursive file scanning and extraction Entropy and strings analysis Plugin support Recursive Extraction Often files extracted by binwalk need to be further scanned / analyzed. This can now be automated… Continue reading
Registration is open for the April 2013 offering of our Embedded Device Exploitation 101 course. if (stuff_you_like & (hardware | firmware | zero_days)): print “You should come!”
Binwalk 1.0 has just been released and has been completely re-written as a Python module. This means that not only does it feature smarter scanning and signature processing features that were much, much easier to implement in Python, but it is now fully scriptable. Aside from a few new options… Continue reading
Registration for our February Embedded Device Exploitation course is now open! Class dates are February 12th & 13th, so register now while you still can. 😉 http://www.tacnetsol.com/training