The purpose of this research is to reverse engineer a router's firmware. The goal is to create a fully functional virtual machine that can be analyzed in a debugger so we can find security holes in the software. We began with stock firmware that receives updates from an internet service provider (ISP). This project is a multi-stage project organized into six stages. First, we had to access the router and run commands as the root user, then we had to find the root filesystem and copy it off of the router to a laptop. Next, we had to extract the firmware from the filesystem so we could figure out how the system booted. Next, we had to find a kernel that worked with our virtual machine or build our own kernel to boot the firmware. On stage six, still under research, we plan to attach a debugger to the virtual machine and use it to look for security holes in the firmware of the router.
Before this project, we knew absolutely nothing about MIPs architecture, embedded systems, squashfs filesystems, cross-compiling, buildroot, uclibc, QEMU, or endian-ness. We knew very little about Linux kernels, reverse engineering, virtual machines, and software patching. This project has been a valuable learning exercise which gave us a more hands-on approach to learning reverse engineer and ethical hacking.
This is a metadata-only record.
Computer Science & Information Systems
- Event location
- Event date
22 March 2019
- Date submitted
19 July 2022
- Additional information
Dr. Bryson Payne