Starting the reverse engineering of an ELF or a firmware with a known format is relatively easy because the meta-data from the format provides useful information. Reversing a raw binary can be more challenging, especially if the loading address is a bit weird. It happens quite often during the missions we get at Quarkslab, so we developed a small tool to help us reversing raw binary firmware: binbloom.
This tool is being open-sourced, and we will present its usage during the webinar. It may help you in similar situations.
This tool is composed of several modules. Each module is in charge of a specific task
We will explain the heuristics used by each module and demonstrate their usage. If you can upload a non-sensitive raw firmware, we will pick one or two to analyze it live and see what binbloom can find on it.
Guillaume Heilles is a security engineer at Quarkslab. He's mainly focused on hardware attacks on IoT devices, but also reverse engineering and exploitation. He has presented the Hardware CTF at hardwear.io since 2017 & talk on How to drift with any car at 3r4th CCC 2017. Performing security assessments on connected ECUs is part of his daily work.