Skip to main content

Posts

Showing posts from February, 2020

Reverse Engineering an ARM binary

In continuation to my previous experiment , this experiment is all about hacking into an ELF binary file. Means we will change the characteristics of and ELF file by reverse engineering its assembly instructions. For this experiment I have choose AARCH64 binary which is suppose to run in an 64 bit ARM machine. Here I have used these utilities: readelf / aarch64-linux-gnu-readelf aarch64-linux-gnu-objdump - Used to dump all the assembly instructions in a binary xxd (which I feel one of most power free weapon of reverse engineering). NOTE that the toolchain I have installed while building the raspberry secure images . To understand the reverse engineering, one should atleast know the forward engineering that means the basis conditional statements (if, else) and loop statements (for / while). I've demonstrate a program which takes input string (key), compare it with some hard-coded one and accordingly execute the access condition. This is something like an decade ol...
Post a Comment
Read more

An analysis on ELF files

During my journey towards the reverse engineering of boot binary, I tried a lot of way to disassemble a boot binary. Generally  hackers use tools like IDA pro. But this tools comes with a cost ( IDA pro costs 1000 Dollar for single user license ). Freeware version of IDA pro is available (for non-commercial use only), but this comes with limited disassembler functionality (like ARMv7 & ARMv8 not supported). A lot of open sourced tools like Ghidra (from NSA) is present, but it has very much limited functionality. So, I finally decided to disassemble a flat binary from my own (may be using GNU). But it is not a straight forward task. When we build a boot binary (let say OPTEE or bootloader or ATF), at first a Executable & Linkable File is created then using objcopy tool a flat binary file is finally produced which goes to the ROM. In the continued series of this post, we will crack from scratch what is the significance of ELF, its various sections, why ELF is not flashed...
2 comments
Read more

Raspberry Pi 3 secure image building process

Here we will experiment with Raspberry Pi  3 Model B+ board. I have built some image for it using OPTEE manifest. I am currently using Ubuntu 16.04 OS. I have faced some dependency issue while building the complete set of images. Hardware required: 1. Raspberry Pi 3 Model B+ 2. USB to serial cable (BaudRate = 115200) 3. Power Cable or MicroUSB cable (I have drawn power from my PC) 4. Micro SD card formatted in FAT32 format. Serial Cable Connection with PI Refer to this diagram. PIN 6, 8 & 9 shall be used. In my case I have drawn power from my PC, hence I didn't required any GND connection. How to Build images: Prerequisite: Following dependencies need to be installed.: $ sudo apt-get install android-tools-fastboot autoconf bison cscope curl  flex gdisk libc6:i386 libfdt-dev libglib2.0-dev  libpixman-1-dev libstdc++6:i386 libz1:i386 netcat  python-crypto python-serial uuid-dev xz-utils zlib1g-dev libssl-dev curl repo vim $ sudo apt install py...
Post a Comment
Read more