[Day 20] Firmware

December 20, 2022

For today's challenge, I was to find hidden paraphrases, and public/private keys, then reverse engineer a firmware for a flag. THM explained some differences between static and dynamic analysis which are two methods for reversing software but also a method for testing applications in debugging. In this challenge, I find a previous firmware that is unencrypted to gather paraphrases so it could be used to (hopefully) unencrypt to new, targeted firmware. Upon my success, I use the paraphrase to unencrypt the firmware and retrieve the firmware build number and flag.

Using Grep to find public and private keys and paraphrases.

Using paraphrase on older firmware and getting secret key by entering in unencrypted paraphrase.

Listing Secret keys

Using paraphrase on newer firmware.

Flag retrieval and firmware information.

Flags

What is the flag value after reversing the file firmwarev2.2-encrypted.gpg?

THM{WE_GOT_THE_FIRMWARE_CODE}

What is the Paraphrase value for the binary firmwarev1.0_unsigned?

Santa@2022

After reversing the encrypted firmware, can you find the build number for rootfs?

grep -ir build

2.6.31

Previous[Day 19] Hardware Hacking Next[Day 21] MQTT

Last updated 2 years ago