A Better Way to Fearlessly Hacking Firmware for the First Time.

We at Secure Ideas hope you all enjoy the following webcast! Firmware drives most of the normal set-it-and-forget-it devices we use in day-to-day life. Be it IoT devices, ICS, or network appliances. However, these devices and the firmware that drives them are often overlooked from a security standpoint. Firmware can suffer from the same flaws as any normal application or OS. To make matters worse, any exploit created for a firmware usually has a cascading effect since that firmware would be applied to several devices. This webinar will look provide a high-level overview of: - What firmware is - Various acquisition methods of firmware - Methods to analyze the firmware binary for filesystems using binwalk - How to use binwalk to extract higher level firmware filesystems - Where to start when reviewing a firmware file system - How to configure an environment for analysis and to possibly run firmware ELF binaries natively for debugging - Common security issues that can be found in firmware Presenter for this webcast is Travis Phillips Timestamps: 0:00 – Opening Credits 0:07 – Fearlessly Hacking Firmware with Travis Phillips 0:43 – Disclaimer 2:10 – What Is Firmware? 5:00 - Why Hack Firmware? 7:39 - Acquisition Methods of Firmware - Basic 9:40 - Acquisition Methods of Firmware - Intermediate 11:00 - Acquisition Methods of Firmware - Advanced 13:53 - So, We Got a *.bin Binary Blob... Now What? 16:52 - Enter Binwalk! 18:06 - File Carving with Binwalk 18:38 - Demo Time: Binwalk +OpenWRT 22:32 - So Now We Have a File System! Now What? 23:16 - Determining the Architecture 23:55 - Exploring the /etc Directory 26:29 - Exploring the Boot-Up Process 28:15 - Look for Exploits! Low-Hanging Fruit First! 34:49 - Deeper Analysis: Web Root 37:00 - Deeper Analysis: Static Binary Review 37:54- Deeper Analysis: Dynamic Binary Review 39:33 - QEMU 40:50 - BINFMT 41:44 - GDB 42:03 - GEF 42:29 - Demo Time: Let's Exploit an ARM Binary! 43:34 - Demo Time: Source Code Review (For Reference) 44:32 - Demo Time: Setup binfmt/QEMU 46:15 - Demo Time: Test Run of the Target Binary 47:24 - Demo Time: Ghidra 48:39 - Demo Time: Ghidra - Review of main() (Decompile Frame) 48:58 - Demo Time: Ghidra - Review of main() - cont. disassembler view 49:45 - Demo Time: Ghidra - never_called() Offset 50:28 - Demo Time: Finding the Offset to $pc 52:27 - Demo Time: Exploit Time! 54:14 - Demo time: ... And Pwned 55:00 - Closing 👉Follow Us : Twitter: https://twitter.com/secureideas Facebook: https://www.facebook.com/SecureIdeasLLC/ LinkedIn: https://www.linkedin.com/company/secu...