Title

26. Reverse Engineering Router Firmware and Software

Presenter Information

Brandon GomezFollow

Faculty Mentor(s)

Dr. Bryson Payne

Campus

Dahlonega

Proposal Type

Poster

Subject Area

Computer Science

Location

Floor

Start Date

22-3-2019 11:00 AM

End Date

22-3-2019 12:00 PM

Description/Abstract

The purpose of this research is to reverse engineer a router's firmware. The goal is to create a fully functional virtual machine that can be analyzed in a debugger so we can find security holes in the software. We began with stock firmware that receives updates from an internet service provider (ISP). This project is a multi-stage project organized into six stages. First, we had to access the router and run commands as the root user, then we had to find the root filesystem and copy it off of the router to a laptop. Next, we had to extract the firmware from the filesystem so we could figure out how the system booted. Next, we had to find a kernel that worked with our virtual machine or build our own kernel to boot the firmware. On stage six, still under research, we plan to attach a debugger to the virtual machine and use it to look for security holes in the firmware of the router.

Before this project, we knew absolutely nothing about MIPs architecture, embedded systems, squashfs filesystems, cross-compiling, buildroot, uclibc, QEMU, or endian-ness. We knew very little about Linux kernels, reverse engineering, virtual machines, and software patching. This project has been a valuable learning exercise which gave us a more hands-on approach to learning reverse engineer and ethical hacking.

Media Format

flash_audio

Rights

N/A - Creative Commons

This document is currently not available here.

Share

COinS
 
Mar 22nd, 11:00 AM Mar 22nd, 12:00 PM

26. Reverse Engineering Router Firmware and Software

Floor

The purpose of this research is to reverse engineer a router's firmware. The goal is to create a fully functional virtual machine that can be analyzed in a debugger so we can find security holes in the software. We began with stock firmware that receives updates from an internet service provider (ISP). This project is a multi-stage project organized into six stages. First, we had to access the router and run commands as the root user, then we had to find the root filesystem and copy it off of the router to a laptop. Next, we had to extract the firmware from the filesystem so we could figure out how the system booted. Next, we had to find a kernel that worked with our virtual machine or build our own kernel to boot the firmware. On stage six, still under research, we plan to attach a debugger to the virtual machine and use it to look for security holes in the firmware of the router.

Before this project, we knew absolutely nothing about MIPs architecture, embedded systems, squashfs filesystems, cross-compiling, buildroot, uclibc, QEMU, or endian-ness. We knew very little about Linux kernels, reverse engineering, virtual machines, and software patching. This project has been a valuable learning exercise which gave us a more hands-on approach to learning reverse engineer and ethical hacking.