Meeting Register Page

Reverse engineering raw firmware: a tool to get you started | Guillaume Heilles | Hardwear.io Webinar
Reverse engineering raw firmware: a tool to get you started | Guillaume Heilles | Hardwear.io Webinar
About Webinar:
--------------------
Starting the reverse engineering of an ELF or a firmware with a known format is relatively easy because the meta-data from the format provides useful information. Reversing a raw binary can be more challenging, especially if the loading address is a bit weird. It happens quite often during the missions we get at Quarkslab, so we developed a small tool to help us reversing raw binary firmware: binbloom.

This tool is being open-sourced, and we will present its usage during the webinar. It may help you in similar situations.
This tool is composed of several modules. Each module is in charge of a specific task:
- find the loading/base address of the firmware
- find the endianness
- find the arrays of pointers
- find the UDS functions (in case of an automotive firmware)

We will explain the heuristics used by each module and demonstrate their usage. If you can upload a non-sensitive raw firmware, we will pick one or two to analyze it live and see what binbloom can find on it.

About Speaker:
--------------------
Guillaume Heilles is a security engineer at Quarkslab. He's mainly focused on hardware attacks on IoT devices, but also reverse engineering and exploitation. He has presented the Hardware CTF at hardwear.io since 2017 & talk on How to drift with any car at 3r4th CCC 2017. Performing security assessments on connected ECUs is part of his daily work.
Hardwear.io Logo
Loading
* Required information