Title
26. Reverse Engineering Router Firmware and Software
Faculty Mentor(s)
Dr. Bryson Payne
Campus
Dahlonega
Proposal Type
Poster
Subject Area
Computer Science
Location
Floor
Start Date
22-3-2019 11:00 AM
End Date
22-3-2019 12:00 PM
Description/Abstract
The purpose of this research is to reverse engineer a router's firmware. The goal is to create a fully functional virtual machine that can be analyzed in a debugger so we can find security holes in the software. We began with stock firmware that receives updates from an internet service provider (ISP). This project is a multi-stage project organized into six stages. First, we had to access the router and run commands as the root user, then we had to find the root filesystem and copy it off of the router to a laptop. Next, we had to extract the firmware from the filesystem so we could figure out how the system booted. Next, we had to find a kernel that worked with our virtual machine or build our own kernel to boot the firmware. On stage six, still under research, we plan to attach a debugger to the virtual machine and use it to look for security holes in the firmware of the router.
Before this project, we knew absolutely nothing about MIPs architecture, embedded systems, squashfs filesystems, cross-compiling, buildroot, uclibc, QEMU, or endian-ness. We knew very little about Linux kernels, reverse engineering, virtual machines, and software patching. This project has been a valuable learning exercise which gave us a more hands-on approach to learning reverse engineer and ethical hacking.
Media Format
flash_audio
Rights
N/A - Creative Commons
26. Reverse Engineering Router Firmware and Software
Floor
The purpose of this research is to reverse engineer a router's firmware. The goal is to create a fully functional virtual machine that can be analyzed in a debugger so we can find security holes in the software. We began with stock firmware that receives updates from an internet service provider (ISP). This project is a multi-stage project organized into six stages. First, we had to access the router and run commands as the root user, then we had to find the root filesystem and copy it off of the router to a laptop. Next, we had to extract the firmware from the filesystem so we could figure out how the system booted. Next, we had to find a kernel that worked with our virtual machine or build our own kernel to boot the firmware. On stage six, still under research, we plan to attach a debugger to the virtual machine and use it to look for security holes in the firmware of the router.
Before this project, we knew absolutely nothing about MIPs architecture, embedded systems, squashfs filesystems, cross-compiling, buildroot, uclibc, QEMU, or endian-ness. We knew very little about Linux kernels, reverse engineering, virtual machines, and software patching. This project has been a valuable learning exercise which gave us a more hands-on approach to learning reverse engineer and ethical hacking.