Skip to main content

Posts

Featured

Firmware analysis Basic Approach

OWASP I9: Insecure Software/Firmware, But here Our main concern is Firmware.
Testing Methodology:
• Get the firmware • Reconnaissance • Unpacking • Localize point of interest • Decompile/pentest/fun!
What are the requirements i will explain step by step. Here i am using the Ubuntu Xenial 16.04 you can use which Linux is comfortable with you.
Requirements:
1.Binwalk 2.Strings 3.Hexeditor 4.Linux OS - Ubuntu or Any other 5.Vulnerable firmware
So here i am not attacking any device directly because for firmware you will get from the vendor site or you can find some firmware in index of some sites.
Installation:
1.Binwalk:
as shown below And follow the installation steps from the Github location some dependencies need to be install. Some of them i will show how to do and remaining check from here
https://github.com/ReFirmLabs/binwalk/blob/master/INSTALL.md # sudo apt-get install binwalk




2.Strings:
After installation in the Binwalk in my Linux operating OS so next strings already default many Linux systems i…

Latest Posts

Software Defined Radio

Surfing Network build on TOR / VPN Raspberry pi 3