Tuesday, October 25, 2022

Adding Support for a Flash Chip in FlashcatUSB

Flash Programmers for Dumping Firmware

Blackbox IoT device hacking can be frustrating without any insight into the underlying software implementation(s). For this reason, I usually try to obtain a copy of the device firmware to extract the bootloader, kernel, root filesystem, and any other information that might inform run-time testing and targeted reverse engineering. Unfortunately, device vendors don't always provide access to firmware packages, and even when they do, the firmware blobs can be encrypted or obfuscated in a way that makes them useless without knowledge of the packaging format. Luckily there's another way to obtain device firmware - you can try to dump it directly from device storage (generally a dedicated flash chip).