A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


IDAPython: The Wonder Woman of Embedded Device Reversing - Maddie Stone Derbycon 2017 (Hacking Illustrated Series InfoSec Tutorial Videos)

IDAPython: The Wonder Woman of Embedded Device Reversing
Maddie Stone
Derbycon 2017

Ready to learn why and how to leverage IDAPython to take hundreds of hours off of the time required to statically analyze the firmware of embedded devices? Tired of only being able to find IDAPython examples for x86 and ARM? Frustrated with developing analysis tools that can only apply to one architecture? Then this talk is for you! This talk first discusses some important differences between the analysis process of applications and firmware images. It then shows how to use IDAPython to address these differences when analyzing firmware images running on a variety of microcontroller architectures. I will then explain and demonstrate a general toolkit of IDAPython scripts I wrote to triage, analyze, and annotate a firmware image’s IDA database for more efficient static analysis. The key focus is writing the scripts to be architecture-agnostic so that you have a toolkit that can be used repeatedly on each new target firmware image. All demonstrated and discussed scripts are available open-source at https://github.com/maddiestone/IDAPythonEmbeddedToolkit.

Maddie Stone is a reverse engineer at the Johns Hopkins University Applied Physics Laboratory. She is the lead of JHU/APL’s 150-person Reverse Engineering Working Group. The majority of her career has been spent deep in the firmware of embedded devices including 8051, C166, MIPS, PowerPC, BlackFin, the many flavors from Renesas (SH2, SH4, R8C, M16C), and more. She has previously spoken at the Women in Cybersecurity Conference and REcon Montreal.

@maddiestone

Back to Derbycon 2017 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast