Event Information
About this Event
CPE/ECE Credits: 40
Course Description
This course is designed for hackers, tinkerers, and hobbyists with limited experience and an interest in embedded systems analysis and firmware evaluation techniques. It starts with a basic introduction to electronics, using a series of hands-on lab exercises to give the student a comfortable foundation using various embedded analysis tools and techniques, including exercises in extracting and analyzing flash images from live hardware. Students will learn how to identify and extract critical data in the firmware, and perform basic vulnerability analysis on embedded code.
The course continues with advanced emulation and exploitation techniques against MIPS Linux systems, including stack overflows, return to libc and return oriented programming. Students will develop buffer overflow exploits against live MIPS Linux devices using only a firmware update image - no hardware required!
The course culminates with students identifying, exploiting, and patching 0-day vulnerabilities in a real-world embedded device. At the end of the course, students will have the knowledge and experience to perform hardware and firmware analysis of commercial off-the-shelf embedded systems.
System Requirements
The following are the minimum system requirements:
- Operating System: Windows 8 or later / MacOS Catalina or later
- Processor: 4 core 2.6GHz or faster
- Memory: 8 GB or more
- Storage: 512 GB or more
- Must have root or admin access to your machine
Application Requirements
You must have the following programs installed:
- Appropriate VMWare Product for your Operating System. There are both paid and free versions for both Windows and MacOS:
- Windows: VMware Workstation Pro ($) or VMWare Workstation Player (Free)
- MacOS: VMware Fusion ($) or VMWare Fusion Player (Free)
- Zoom (Free)
- IDA Home MIPS for Linux ($) (to be installed in the Linux Virtual Machine we supply)
Remote Learning Prerequisites
Students must be proficient in the following areas before starting the class:
- Running Linux commands and awareness of the Linux operating environment
- Installing, running and networking with a Virtual Machine
- Experience with scripting languages such as bash, Python, and Perl
Students should at least have introductory knowledge in the following topics:
- Knowledge of common networking protocols (TCP/IP, HTTP)
- Familiarity with IDAPro and GDB debugging
- Experience with vulnerability analysis and exploitation
- Experience using binwalk would be helpful, but not necessary
- Desire to learn by extrapolating instruction and not with a recipe
Course Length: 5 days
Day 1
- Introduction to embedded systems
- Identifying hardware
- Finding and interfacing with hardware debug ports
- Dumping firmware
- Firmware analysis and extraction
- Introduction to MIPS assembly
Day 2
- Finding and exploiting logic flaws
- Firmware emulation and debugging
Day 3
- Introduction to MIPS stack overflows
- Finding and exploiting real-world overflows
- Writing return-to-libc MIPS exploits
Day 4
- Bypassing MIPS stack protections
- MIPS shellcode execution
Day 5
- Exploit laboratory
- Cross-compiling tools for your target
Private, on-site training is available. Call +1 (443) 276–6990 or email us at sales@tacnetsol.com.