[Day 20] Firmware
December 20, 2022
For today's challenge, I was to find hidden paraphrases, and public/private keys, then reverse engineer a firmware for a flag. THM explained some differences between static and dynamic analysis which are two methods for reversing software but also a method for testing applications in debugging. In this challenge, I find a previous firmware that is unencrypted to gather paraphrases so it could be used to (hopefully) unencrypt to new, targeted firmware. Upon my success, I use the paraphrase to unencrypt the firmware and retrieve the firmware build number and flag.
Using Grep to find public and private keys and paraphrases.
Using paraphrase on older firmware and getting secret key by entering in unencrypted paraphrase.
Listing Secret keys
Using paraphrase on newer firmware.
Flag retrieval and firmware information.
Flags
What is the flag value after reversing the file firmwarev2.2-encrypted.gpg?
THM{WE_GOT_THE_FIRMWARE_CODE}
What is the Paraphrase value for the binary firmwarev1.0_unsigned?
Santa@2022
After reversing the encrypted firmware, can you find the build number for rootfs?
grep -ir build
2.6.31
Last updated