A Web API for Embedded Peripheral Reverse Engineering

Presented at ShmooCon 2022 Rescheduled, March 25, 2022, 11 a.m. (30 minutes)

Because of the way ARM licenses it’s cores, there are hundreds of ARM processor families and thousands of different processors. Often when reversing we get a firmware from a device without a known part number. Maybe the markings are scraped off or it’s conformally coated, or maybe we’re looking at a public firmware for a device we don’t actually own. Can you figure out which ARM is your ARM?

We’ve assembled a database from 300GB of embedded SDKs and port descriptions of twenty thousand chips. Ask our server for all the I/O port addresses of a particular part number, or for all the part numbers that include I/O ports with the addresses found in your mystery firmware. It’ll get you an answer in milliseconds.

Presenters:

• evm   as EVM
  EVM (@evm_sec) and Travis (@travisgoodspeed) disagree about baseball, Malört, and the fundamentals of the universe, but they teamed up to make symgrate.com, a free reverse engineering database for embedded systems.
• Travis Goodspeed
  EVM (@evm_sec) and Travis (@travisgoodspeed) disagree about baseball, Malört, and the fundamentals of the universe, but they teamed up to make symgrate.com, a free reverse engineering database for embedded systems.

Similar Presentations:

• DerbyCon 3.0 All in the Family (2013) / A SysCall to ARMs
• DeepSec 2017 „Science First!“ / The ARM IoT Exploit Laboratory (Three-Day Workshop) (closed)
• DEF CON 18 (2010) / Exploitation on ARM - Technique and Bypassing Defense Mechanisms