image image Webinar

By Guillaume Heilles

Date: june 4th 2020

Time: 03:00 PM CET

Talk Title:

Reverse engineering raw firmware: a tool to get you started


Starting the reverse engineering of an ELF or a firmware with a known format is relatively easy because the meta-data from the format provides useful information. Reversing a raw binary can be more challenging, especially if the loading address is a bit weird. It happens quite often during the missions we get at Quarkslab, so we developed a small tool to help us reversing raw binary firmware: binbloom.

This tool is being open-sourced, and we will present its usage during the webinar. It may help you in similar situations.

This tool is composed of several modules. Each module is in charge of a specific task

  • Find the loading/base address of the firmware.
  • Find the endianness.
  • Find the arrays of pointers.
  • Find the UDS functions (in case of an automotive firmware).

We will explain the heuristics used by each module and demonstrate their usage. If you can upload a non-sensitive raw firmware, we will pick one or two to analyze it live and see what binbloom can find on it.

Speaker Bio:

Guillaume Heilles is a security engineer at Quarkslab. He's mainly focused on hardware attacks on IoT devices, but also reverse engineering and exploitation. He has presented the Hardware CTF at since 2017 & talk on How to drift with any car at 3r4th CCC 2017. Performing security assessments on connected ECUs is part of his daily work.