Dissecting Firmware Images Only Knowing The Target Device

Hardware Reversing Raspberry Pi (not done in this article)

If you have not read part 1, you can view it here: https://medium.com/codex/reverse-engineering-bare-metal-low-level-kernel-images-with-qemu-getting-started-c705b7b14d35

Now that we have our environment set up, we are now ready to reverse the binary! For this, I will be demonstrating how to do a basic ret2text exploit using a CTF challenge I wrote for UMDCTF…

A binary being analyzed by BinaryNinja

I am WittsEnd2 — Founder of Ragnar Security. My mission is to give everyone to make complex cybersecurity topics easier to learn. Particularly, I focus on teaching Binary Exploitation and Reverse Engineering.

Why did I start doing Reverse Engineering and Binary Exploitation?

I started to learn Reverse Engineering as a way to solve difficult challenges. Take for example CTF Challenges…

From: https://memegenerator.net/instance/73974722/snl-stefon-new-yorks-hottest-club-is-linux-this-place-has-everything-apparmor-seccomp-cgroups-preven

I am WittsEnd2, founder of Ragnar Security. Today, we will be exploring Seccomp, a Linux kernel security feature. We will explore this through the challenge insecure_seccomp from UIUCTF. Some of the things we will discuss is:

  • What is Seccomp?
  • Why is it useful?
  • What happens when you misconfigure it and…

From: https://0x00sec.org/uploads/default/original/2X/e/e52e1dc9cf922b754575f507d0c9794ed51f47c6.png

Hello everyone, I am WittsEnd2: founder of Ragnar Security, and I will be continuing to teach you how to reverse engineer (and exploit) bare-metal firmware. In part three, we are going to be focusing on analyzing assembly from the CTF Challenge I wrote — furor. …

Image from https://www.sei.cmu.edu/education-outreach/credentials/credential.cfm?customel_datapageid_14047=15129

When people think about binary exploitation, they might think of Mr. Robot, hacking things quickly, and being able to gain access to some secret E-Corp server. The truth is, exploitation and hacking are slow, meticulous, and requires a lot of patience. By learning it, we will learn how to secure…

Ragnar Security

Shielding you from security vulnerabilities!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store