In part 1 we used the TEW-654TR’s TFTP service to retrieve the administrative credentials to our target system. But what if we didn’t have access to the TFTP service? Many embedded devices don’t have a TFTP service, or there may be a firewall between us and the target that blocks… Continue reading
SquashFS is a widely used file system in embedded Linux devices; in fact, it is probably one of the most commonly used file systems among Linux based consumer products. While many devices use standard SquashFS file systems that can be extracted using the unsquashfs tools provided in the firmware mod… Continue reading
The ability to analyze a firmware image and extract data from it is extremely useful. It can allow you to analyze an embedded device for bugs, vulnerabilities, or GPL violations without ever having access to the device. In this tutorial, we’ll be examining the firmware update file for the Linksys… Continue reading
Customizing firmware images can be a very useful skill, allowing you to add or unlock features, fix bugs, and patch vulnerabilities when vendors can’t (or won’t) do so in a timely manner. A while ago I found that my Trendnet TEW-632BRP and TEW-652BRP routers had a TFTP service running on… Continue reading
The ability to analyze a firmware image and extract data from it is extremely useful. It can allow you to analyze an embedded device for bugs, vulnerabilities, or GPL violations without ever having access to the device. In this tutorial, we’ll be examining the firmware update file for the Linksys… Continue reading
When examining embedded devices, it is not uncommon to find that two or more of them share common code, and even common hardware. This probably comes as no surprise, as re-using code and hardware designs helps lower production costs. What might be a little more surprising is when you find… Continue reading