IoT VILLAGE - How to modify ARM Cortex M-based firmware: A step-by-step approach for Xiaomi IoT Devices

Video thumbnail (Frame 0) Video thumbnail (Frame 1282) Video thumbnail (Frame 2468) Video thumbnail (Frame 5010) Video thumbnail (Frame 7734) Video thumbnail (Frame 8965) Video thumbnail (Frame 10970) Video thumbnail (Frame 12694) Video thumbnail (Frame 14058) Video thumbnail (Frame 15944) Video thumbnail (Frame 16994) Video thumbnail (Frame 19061) Video thumbnail (Frame 22308) Video thumbnail (Frame 24960) Video thumbnail (Frame 27165) Video thumbnail (Frame 28340) Video thumbnail (Frame 29709) Video thumbnail (Frame 30896) Video thumbnail (Frame 32112) Video thumbnail (Frame 33058) Video thumbnail (Frame 35456) Video thumbnail (Frame 36844) Video thumbnail (Frame 38528) Video thumbnail (Frame 40110) Video thumbnail (Frame 41093) Video thumbnail (Frame 42134) Video thumbnail (Frame 44619) Video thumbnail (Frame 45643) Video thumbnail (Frame 46799) Video thumbnail (Frame 48375) Video thumbnail (Frame 50083) Video thumbnail (Frame 51164) Video thumbnail (Frame 52707) Video thumbnail (Frame 53732) Video thumbnail (Frame 55444) Video thumbnail (Frame 57895) Video thumbnail (Frame 59222) Video thumbnail (Frame 61421) Video thumbnail (Frame 62413) Video thumbnail (Frame 63382) Video thumbnail (Frame 65975) Video thumbnail (Frame 67220) Video thumbnail (Frame 68359) Video thumbnail (Frame 69258)
Video in TIB AV-Portal: IoT VILLAGE - How to modify ARM Cortex M-based firmware: A step-by-step approach for Xiaomi IoT Devices

Formal Metadata

IoT VILLAGE - How to modify ARM Cortex M-based firmware: A step-by-step approach for Xiaomi IoT Devices
Title of Series
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Release Date

Content Metadata

Subject Area
Many IoT devices use an ARM Cortex-M based MCU and run some kind of RTOS/"bare metal" OS. In comparison to Linux-based firmwares it is a lot more difficult to modify the firmware. If you want to change the functionality you usually have the choice between rewriting the whole firmware yourself or do binary patching manually. In this talk we would like to demonstrate an easier method and show a step-by-step approach. You will see how to get access to the firmware of different Xiaomi Cloud products like lightbulbs or smart home gateways. Their IoT devices are unable to function fully without cloud connection. The connection to the cloud is protected by AES and a unique device key. Data generated by the devices gets uploaded to the cloud of the vendor (e.g. Logfiles, etc.). In May 2018 a subcontractor of Xiaomi, Yeelight, denied EU-based users and their devices access to their cloud infrastructure due the GDPR. To become independent from the vendor the way to go might be to modify or replace the firmware in the device. For that, we are not only using methods that require opening the devices but also methods which leave the devices intact. The Nexmon framework (by the SEEMOO Lab) is used to alter the firmware of the ARM-based IoT devices. The modified firmware is then used to extract secrets which are needed to run the IoT devices with your own cloud software. It is also possible to easily implement completely new functions into the firmware using C code.
Slide rule Trail Arm Order (biology) Moving average Bit Analytic continuation Computer font Firmware
Euler angles Gradient Gradient Moment (mathematics) Physicalism Student's t-test Student's t-test Binary file Plastikkarte Mereology Term (mathematics) Bus (computing) Information Reverse engineering
Gateway (telecommunications) Laptop Server (computing) Code Dressing (medical) Number Product (business) Latent heat Robotics Reverse engineering Vulnerability (computing) Robot Dependent and independent variables Gateway (telecommunications) Computer file Plastikkarte Incidence algebra Line (geometry) Product (business) Connected space Function (mathematics) Hacker (term) Local ring Internationalization and localization Row (database) Vacuum
Implementation Computer file Multiplication sign Price index Plastikkarte Stack (abstract data type) Product (business) Telecommunication Software Communications protocol Implementation Booting Physical system Scripting language Gamma function Plastikkarte Power (physics) Product (business) Arithmetic mean Software Personal digital assistant Different (Kate Ryan album) Communications protocol Buffer overflow Reverse engineering Vacuum
Mobile app Local area network Connectivity (graph theory) Multiplication sign Floating point Computer programming Number 2 (number) Advanced Encryption Standard Mathematics Telecommunication Internetworking Semiconductor memory Robotics Bus (computing) Aerodynamics Communications protocol Booting Address space Gateway (telecommunications) Key (cryptography) Uniqueness quantification Digitizing Memory card Token ring Bit Connected space Telecommunication Buffer solution Smartphone Key (cryptography) Encryption Game theory Communications protocol Alpha (investment)
Point (geometry) Email Mobile app Dependent and independent variables INTEGRAL Multiplication sign Parameter (computer programming) Login IP address Field (computer science) Number Revision control Synchronization Different (Kate Ryan album) Computer worm Data structure Communications protocol UDP <Protokoll> Message passing Booting Dependent and independent variables Key (cryptography) Token ring Streaming media Timestamp Product (business) Data management Message passing Factory (trading post) Speech synthesis Smartphone Encryption Communications protocol Data structure Resultant Local ring Computer worm
Gateway (telecommunications) Mobile app Asynchronous Transfer Mode Installation art Gateway (telecommunications) Theory of relativity Key (cryptography) INTEGRAL Computer-generated imagery Mereology Product (business) 2 (number) Uniform resource locator Software Personal digital assistant Term (mathematics) Telecommunication Order (biology) Software framework Communications protocol Firmware Form (programming) Firmware
Proxy server Key (cryptography) Server (computing) Direction (geometry) Programmable read-only memory Degree (graph theory) Mathematics Direct numerical simulation Message passing Emulator Software Telecommunication Personal digital assistant Telecommunication Direct numerical simulation Message passing Proxy server Firmware
Slide rule Server (computing) Dialect Information Computer file Link (knot theory) Server (computing) Multiplication sign Combinational logic Gauge theory Student's t-test Product (business) Product (business) Uniform resource locator Different (Kate Ryan album) Gastropod shell Configuration space Smartphone Router (computing) Computer architecture Physical system
Point (geometry) Game controller Serial port Code Multiplication sign Source code Focus (optics) Arm Product (business) Architecture Goodness of fit Read-only memory Hypermedia Semiconductor memory String (computer science) Software framework Functional programming Reverse engineering Firmware Information security Address space Disassembler Computer architecture Personal identification number Focus (optics) Texture mapping Software developer Bit Product (business) Connected space Similarity (geometry) Software development kit Befehlsprozessor Process (computing) Sample (statistics) Personal digital assistant String (computer science) Function (mathematics) Smartphone Computer architecture Row (database) Disassembler Firmware Vacuum
Laptop Gateway (telecommunications) Slide rule Group action Gateway (telecommunications) Patch (Unix) Plastikkarte Plastikkarte Coprocessor Product (business) Reverse engineering Reverse engineering Firmware
Gateway (telecommunications) Gateway (telecommunications) Reduced instruction set computing Key (cryptography) Flash memory Disintegration Static random-access memory Flash memory Core dump Bit Arm Product (business) Connected space Befehlsprozessor Read-only memory Semiconductor memory Computer hardware Befehlsprozessor Computer hardware Key (cryptography) EEPROM
Gateway (telecommunications) Information management Wechselseitige Information Plastikkarte Bit Coprocessor Plastikkarte Power (physics) Bookmark (World Wide Web) Advanced Encryption Standard Process (computing) Befehlsprozessor Telecommunication Telecommunication Hash function Gastropod shell Information security Physical system
Gateway (telecommunications) Point (geometry) Table (information) Computer file Medical imaging Operating system Software framework Software testing Booting Firmware Partition (number theory) Default (computer science) Default (computer science) Gateway (telecommunications) Information Key (cryptography) Point (geometry) Plastikkarte Coma Berenices Bit Variable (mathematics) Cartesian coordinate system Partition (number theory) Internet service provider Configuration space Software testing Table (information) Firmware
Personal identification number Common Language Infrastructure Server (computing) Serial port Common Language Infrastructure Information Key (cryptography) Point (geometry) Electronic mailing list Gauge theory Bit Product (business) Software testing Emoticon Default (computer science)
Patch (Unix) Patch (Unix) Binary code 1 (number) Binary code Bit Open set Binary file Bit rate Personal digital assistant Different (Kate Ryan album) Computer hardware Computer hardware File system Operating system Key (cryptography) Firmware Firmware
Point (geometry) Functional programming Link (knot theory) Code Patch (Unix) Multiplication sign Control flow Branch (computer science) Arm Computer programming Product (business) Revision control Writing Crash (computing) Latent heat Different (Kate Ryan album) Spacetime Functional programming Firmware Address space Addition Arm Patch (Unix) Binary code Code Branch (computer science) Bit Product (business) Personal digital assistant Function (mathematics) Revision control Writing Address space Firmware
Rifling Scripting language Computer file Code Euler angles Patch (Unix) Binary code Online help Arm Revision control Software framework Functional programming Firmware Physical system Scripting language Plug-in (computing) Mapping Software developer Binary code Binary file Personal digital assistant Revision control Software framework Smartphone Row (database) Firmware
Point (geometry) Gateway (telecommunications) Functional programming Gateway (telecommunications) Patch (Unix) Code Patch (Unix) Multiplication sign Binary code Flash memory Plastikkarte Binary code Electronic signature Product (business) Differenz <Mathematik> Read-only memory Semiconductor memory Term (mathematics) Function (mathematics) Spacetime Functional programming Firmware
Point (geometry) Content delivery network Computer file Multiplication sign Authentication Flash memory Electronic signature IP address Public key certificate Uniform resource locator Direct numerical simulation Medical imaging Different (Kate Ryan album) Entropie <Informationstheorie> Router (computing) Firmware Content delivery network Address space Authentication Public key certificate Block (periodic table) Flash memory Bit Uniform resource locator Direct numerical simulation Block (periodic table) Firmware
Point (geometry) Computer file File format Multiplication sign Point (geometry) File format Sampling (statistics) Function (mathematics) Computer programming Software development kit Sample (statistics) Personal digital assistant Personal digital assistant Data conversion Data conversion Firmware Descriptive statistics Alpha (investment) Firmware
Scripting language Point (geometry) Email Inheritance (object-oriented programming) File format File format Plastikkarte Binary code Fault-tolerant system Binary file Software development kit Semiconductor memory Personal digital assistant output Smartphone
Scripting language Computer file File format Multiplication sign Binary code File format Sheaf (mathematics) Binary code Parsing Sheaf (mathematics) Object (grammar) Firmware Descriptive statistics Firmware
Scripting language Point (geometry) Computer file Computer file Sheaf (mathematics) Sheaf (mathematics) Booting Firmware Theory Alpha (investment) Disassembler
Point (geometry) Area Server (computing) Semiconductor memory Bus (computing) Right angle Freeware Firmware Address space Field (computer science) Product (business) Spacetime
Scripting language Computer file Patch (Unix) Code Robot Patch (Unix) Sheaf (mathematics) Code Partition (number theory) Hexagon Spacetime Pattern language Firmware Spacetime Firmware
Functional programming Stapeldatei Patch (Unix) Structural load Patch (Unix) Projective plane Source code Video game Binary file Binary file Symbol table Revision control Differenz <Mathematik> Function (mathematics) Compiler Sheaf (mathematics) Spacetime Firmware Spacetime
Gateway (telecommunications) Point (geometry) Personal identification number Functional programming Server (computing) Information Patch (Unix) Multiplication sign Patch (Unix) Projective plane Function (mathematics) Product (business) Web 2.0 Latent heat Query language Function (mathematics) Video game console Functional programming Message passing UDP <Protokoll> Firmware Address space
Computer file Patch (Unix) Flash memory Binary code Number Revision control Read-only memory Semiconductor memory Different (Kate Ryan album) Uniqueness quantification Spacetime Configuration space Functional programming Firmware Plug-in (computing) Scripting language Default (computer science) Execution unit Email Patch (Unix) Binary code Electronic signature Function (mathematics) Revision control Configuration space Speicheradresse Firmware
Information Code Patch (Unix) Parameter (computer programming) Spacetime
Personal identification number Functional programming Patch (Unix) Patch (Unix) Function (mathematics) Parameter (computer programming) Electronic signature Revision control Writing Function (mathematics) Compiler Software framework Functional programming Firmware Address space Task (computing)
Area Functional programming Server (computing) Link (knot theory) Key (cryptography) Information Patch (Unix) File format Patch (Unix) Multiplication sign Control flow Branch (computer science) Hexagon Semiconductor memory Personal digital assistant Kinematics Buffer solution Software framework Address space
Point (geometry) Content delivery network Server (computing) Demo (music) Multiplication sign Sheaf (mathematics) Binary code Software maintenance Host Identity Protocol Product (business) Revision control Direct numerical simulation Sign (mathematics) Oval Sheaf (mathematics) Block (periodic table) Firmware Content delivery network Firmware
Reading (process) Gateway (telecommunications) Demo (music) INTEGRAL Weight Cartesian coordinate system Electronic signature Software development kit Sample (statistics) Software Telecommunication Software framework Quicksort Firmware Routing Data integrity Firmware
Laptop Slide rule Installation art Public key certificate Distance Public key certificate Connected space Malware Malware Computer hardware Formal verification Computer hardware Formal verification Information security MiniDisc Firmware Information security Booting Firmware
Presentation of a group Message passing Mobile Web Universe (mathematics) Physical law Computer network MiniDisc Statistics Twitter
we have Dennis here he just gave a tract a talk at a main track and this is a continuation of his talk where he's gonna do a quick review and then he's gonna get into some of the stuff with the Xiaomi firmware and the arm cortex-m I said that in a weird order so sorry for my Yoda alright and with that are you ready awesome here's Dennis so yeah thank you so whoever you have been actually in the Flamingo and Saudi ever talk ok so I'm sorry the first 10 slide might might be a little bit you know like coming might be little a little bit so similar to the main track but yeah I mean I try to get quickly over that so the outline for the
talk would be like the following so I give you a shortened motivation give you introduction to the Xiaomi cloud and then we go to the devices and now the important part comes to step-by-step binary patching some information about
me I'm a researcher to Northeastern University in Boston and I'm working with professor given a beer I'm also a grad student attitude I'm shot in Germany and breaking we're at the SEMA lab the main stuff what I do at the moment is I do reverse engineering of interesting devices interesting devices in terms of the bus which I can use in my home for example or use on me so IOT at the moment is very interesting for me smart locks and as a lock picker of course also physical locks okay let's
start watching for motivation so why do we reverse IOT and this is like more or less depending on like this or code attacker model some people do that to find and exploit vulnerabilities to hack other people but the more interesting stuff for me is I want to make give you the possibility to disconnect your device responders from the vendor's cloud there have been like a very famous incident I think in May this year where the company yiling just disconnect all the european users of the laptops by where does this company disconnected all the European users of the allowed past because I saw it fought like here the gdpr it's too risky for us because we're collecting a lot of data so we just killed like for all the people from Europe out of our cloud which make all the light bulbs in Europe model as useless but like two weeks later very created like a European cloud especially for European users so now it's okay again but the thing is like it shows us that IT devices are strongly relying on the vendor never fingers we want to get more from technology for example adding new features or localization devices like the smart home gateway speak Chinese I don't so it would be better if it would speak English or German or whatever number thing is also geo blocking some of the devices are only working in specific countries so if you try to connect specific IP cameras like in u.s. they born work because they rely on Chinese servers which block us appear dresses so to avoid bad you need to do reverse engineering bare so how does whole thing started in May 2017 I
started with Daniel V gamma and he is sitting in the front line here at the front row here and 50 vacuum cleaning robots and the CEO me meet the end which is much much like this which is also from Xiaomi and we continued to work on the smart home gateway the light bulbs mostly all the stuff that you see in front of me but even more so over the
time a lot of devices we're coming around ok so about to show me cloud gamma
claims actually to have the biggest IOT ecosystem worldwide so way bigger than Google or some song where over 85 million devices and 800 different models the most interesting model what I saw so far is smart toilet seat actually which has Wi-Fi and Bluetooth and can recognize the person who is sitting on it and setting up the temperature and making some lightning stuff if you buy a product which is working with a chamois cloud then it's good the chances are very high but it's actually not produced by showing me but by a third-party vendor so what the clouds ecosystem is doing it connects different vendors in one ecosystem and all the devices are using the same protocol this cloud system also supports different technologies and for us as a reverse engineers the most important thing is the implementation is different for manufacturer to manufacturer so if you see a device which is like super secure and they have all the stuff enabled like secure boot and so on doesn't mean that it has to be the same case for all the other devices which on the same ecosystem how also the software quality is very very different so you see sometimes very stupid things the best finger I saw is like some file which was copied from Stack Overflow or something with some example for a bad script so you see everything there so
this is some overview about the clouds so what we see here is the main taking the free technologies which we use Wi-Fi Bluetooth le and ZigBee and the central component if you have this kind of devices it's your smart phone actually so on your smart phone you usually have the me home app installed and to me home app is making sure that the devices get the initial setup so you enter your credentials and you're in your smart phone when your smart phone is talking to the to the IOT devices and as soon this is gone this is done they create their own connection to the internet so after that they connect it directly to the internet without like the smart phone so you can walk around with your smart phone but the devices have stoical connection so in next step I take a look at the club protocol for the device to
clock communication to connect to the cloud you need two credentials and one credential is the device ID which is unique pair device for the buffer devices it's like an eight digit number for the other devices it depends for zpd bus it's some I think some MAC address for the Boutrous device it's also some number and we are two kinds of keys there's a cloud game this is used for the cloud communication so device to card communication and this key is also static for most of this devices it's burned into the one-time programmable memory so you cannot change it yourself every time you boot up this device it's like get it gets loaded from the one-time program memory and if you do updates if you do provisioning and so on it's always stays the same for the token it's a little bit different this is use for the app to device communication for example if you want to control the vacuum cleaning robot in your local network it's a little bit time-critical so you don't want to wait like one second for the commands to go over the cloud so you can speak also directly with the device and for that we use of also a key which is dynamic that means every time you connected to your new Wi-Fi this key gets regenerated so it's a different key like every time you create for example your Wi-Fi or if you provision that nearly the paid out itself this protocol
can speak TCP and UDP depending on what you block so if you block TCP managers will happily talk over UDP and this is how it looks like the tip the payload is encrypted and the encryption key is modest depending if you're speaking with the app or if you're speaking with the cloud the important thing here is if you have a nun provisioned device which is what you take just fresh off the faucet a packet or you have a done a factory reset then the device tell you the token which is like the second secret key in the checksum field so this is required that your smartphone is able to provision the device as you see here they do some integrity thing this is a so the ad checksum is also protected with the key and all you ever stuff or some craft with its AES one interesting thing here is we have like this epic timer maybe a CH here this this ping here just which is a UNIX timestamp and this is also useful time synchronization because usually if you boot up a device then it doesn't have time so over this thing they can also synchronize the time the protocol itself is Jason formatted
messages and every packet as small as identified with a packet ID and you have two different structural smaller's methods and parameters this could be like commands or results for example if you if the cloud asks you something when you get when you sent a result to the cloud or like your vice versa the thing here is every command and response is confirmed by the receiver so you you always make sure that the command has actually reached have here one example for such a command this is the actual login more less of the device to the cloud so what happens here is it if you see here it tells divide the the clouds which kind of Wi-Fi you have which is the SSID of your Wi-Fi access point what's in local Mecca IP address and so on until voice and also the version number so let's take a look how
these devices do the updates and there are three different methods that we can do from updates this one thing where we can do app updates which is the main software more or less so the cloud tells the device hey here's the firmware update under this URL and the end if I check some but you should expect us like this the second kind of updates are MCU or byfa updates in case of like some devices it's for example the frame here for a zippy part here it's also telling like here's the URL where you get it from wrapped it but they have no integrity check so basically we don't tell the device what kind of anti 5 has to be expected so if you change anything there like for example modify the firmware whites get started to the device they have no way to figure out that something was going wrong and Reyes also subdivides updates for example if you have this smoke detector it gets updated over ZigBee over the Gateway then small as the same thing instead we have an additional checksum which is a CSC 250 to make if you also md5 for md5 s actually never changed and never checked so this is the protection for this kind of firmware is CSC 32 which is who thinks is safe ok so one example for
communication relation here is between a lightbulb and the de cloud so this is just to illustrate again the light bulb itself connects directly to the cloud and have their own sauce order stuff encrypted but you can also connect over your smart form and the keys are different of course in terms of it depends on the communication ok so how we can disconnect these things from
the big bad show MacLeod and for this we developed last year as software pitcher Scott dust cloud which acts more less as a proxy and this is the way how it works
so basically it's it is in the middle of the communication between the device and the cloud and can act as a has different modes for in this case the exact modes
are the following you can use the desk loud as a proxy so what happens here is it takes the commands which are coming from the device to the cloud and forwards them to the cloud or you can just use it as an endpoint so the comments are not forwarded to the cloud the device things but it's legit Charmy cloud so it's a perfect combination of that we can read the traffic in plain text so you know what's going on which data is sent to the cloud you may even send your own commands to the device for example if you want to do like firm updates switch on the light switch off the light and the Finks what you can do also is like you can change and suppress messages which are coming from the cloud or going to the cloud the one interesting question here is for example if you do firmware updates and the cloud wants to push further updates on to your device you can just block it or it can just change to your degree md5 checksum for your firmware to make the desk clock work you need a few things and for the first thing what you need is the device ID then you need the cloud key so to be able to decrypt it traffic or to create a traffic and then you need to do dns with directions so that the whole traffic is like coming actually to your desk love ok let's take a quick
look at your products so I'm sorry for the people who wear and they ever talk it's like the same slide if you if you
use the mainland China server on your smartphone which most of the people do because this server supports most of the devices then your smartphone supports two hundred sixty two different models of devices and this devices could be a biphasic be blue tasali or the same or like even combinations of that and so this 260 our mall is depending on the on your server location if you're coming from taiwan and using this taiwanese server then it's like unless it's like a finger like less than 100 if you're in u.s. it's things like 2025 the thing here is the models are not always compatible so I have a rice cooker which I bought into have one bike two weeks ago and I kind of connect it directly to the Chinese blood so I have to modify a few things because they make sure that you stay in the regions like I said I mean that all the products which are actually sold for the Xiaomi cloud actually from shell me so this is like I mean this is not very official so the fingers I just found it out buyback configuration files so that most of the products are actually better company Lumi which are producing all kinds of different sensors like smoke detector emotions detectives and so on and also the gauge base Xiaomi itself has only 11% and most of the time they are like two by four routers then we have also a link but just making like all the lightning stuff one important information here is in this in this cloud these smartphones are not connected so basically if you have a smartphone for Michelle me it's not connecting to this cloud it's like gonna be a different system so we connecting here only the stuff everything which is like smart home in your like rich and so on not the smart phones okay so now you might ask okay about how many devices I can you give you actually any information and from the student at sixty models I have actually two forty to forty two and my inventory is more less ninety nine devices which I bought myself for you know using or engineering okay let's talk about the architectures
which I use usually in this I kind of IOT devices we have two cortex a CPUs which are more or less the same stuff which you have a new smartphone or a Raspberry Pi for example and then you have the cortex MS which are embedded devices and pay it like two flavors the one which have like my five so if you have a device which has only by five and it's very likely but it's a Marvel chip if you have two vices which can do both things like Wi-Fi and Bluetooth le then it's very likely that you have a media tech shop there's also a thing called nibs which are mostly used in IP cameras or in some router and extensive which some of you might know as esp8266 or ESB 32 and the focus of this talk will be more as this if you want to know more about the cortex a CPUs when you need to be to watch the recording of my other talk there's one good news I mean we have a lot of vendors but where's one good news and vendors are always lazy so after looking at a lot of memories what I assume what the development process is looking like we're just taking the SDK or toolchain from the chip vendor in this case for example marble they add some SDK which is coming from Xiaomi and by just looking for an example which fits the best so for example okay we want to switch on the light and or switch off the light so we need to control GPIO so in each the case somewhere it's an example like okay how to switch on a GPIO so we're taking this example change a little bit the source code compile it it runs publish a firmware so the good thing about that is all the firmwares are more as similar the memory layout the functions the strings if you know one of them then it's very likely but you know I bet you getting a better impression about the address as soon as the CDRs so with one point which I
always love to talk about why I hate esp8266 every time I buy a device and I see the following I open the device and I see it's a ESP controller I'm always very very sad and the reason is the following is this extends architecture is like a very weird asha texture is like difficult to reverse-engineer not because it's secure but the thing is you it's very hard to find a decompiler for that I don't know if actually any decompilers existing disassembler support is also very limited so there's a community plug and I think for either but that's all and most of the time you can't really use jtech because the GPIO s are reused for other stuff and I think the jtech because support is actually not not existing models the good news is it's very easy to replace the frame rail and there are two reasons you have most of the time you have some connections in this case you can connect to the serial or you have the pins which you need to ground to make it like more Lazlo to fembra so the people of you also the people here who worked with esp8266 properly know that and the other thing is smoking speaking about updates you can push the update over you art or you can just create your own OT OTA update and the reason here is we don't use SSL and they transmit their unencrypted firmware over HTTP and they don't check for empty v so well yeah but the reverse engineering of
that stuff is not making a lot of fun so this is like a desk lamp but they have from kneeling and you have to sorta stuff and yeah not very not so nice there's one thing um if someone of you
knows how to reverse engineer a esp8266 from where it can show me and it works for me you can win this very nice slide pop smart laptop but it's not an ESP I promise so if anyone knows of no sweat then come to me and you can get this very nice light bulb okay let's start with our
devices so here we're talking about the smart home gateway the laptops and all reality strips I put it in one group because they have the same processor at the same chip they have the same layout so it's quite easy to to go confirm so
to remind you this there are disturbances for example so where they have some Wi-Fi connection directly and if you take a look at the hardware PC
the following so we have a Marvel CPU which is a cortex m4 f f2 and megahertz we have a little bit of RAM like furniture kilobyte of RAM and depending on the device which we have the light pops for example have four megabyte of SPI flash and the Gateway has 16 all of them have a Wi-Fi core and for all of them the device a TNT key is taught in the bunch of procurement memory so if you flat if you dump the flash memory the SPI flash for example you don't get the key because it's in India pondered chip especially for the Gateway is that it has an NX p Ezek picture so this is like a special like different controller on in the device which takes care of all is a key stuff okay so this is like also an overview
about the trip itself so what you see so an interesting thing here as small as that the this Marvel CPU has to arm course smaller so you see one is the cortex m4 f it has also this communication process which takes care of all black for example Wi-Fi and so on for the Gateway the question is okay
what kind of sick B devices you can connect to that and from shell maybe or like from the initial ami cloud where like a lot of devices available for example door sensors temperature sensors power plugs motion detection sensors buttons one my favorite is also the the smoke detector which is always a thing like hey let's put security related safety related devices into the eye into the cloud what can possibly go wrong or like some smart door locks okay so yeah let's get a little bit more technical so
if you taking a look at the partition table of the Gateway for example you will see that they have the typical thing with nearly all of the IOT providers do they have multiple copies of the operation system so basically here yeah the application frame rate is kept fw is existing twice the Wi-Fi firmware is also existing twice and you have a boot sector and some partition which holds or the config variables right oh yes so the important information here is also that if you have a firmware update it's actually the image of one partition so if you do a frame update then it's just overwrite complete partitions it's not doesn't replace single files because we has no files available but it just completely replaces the petition so how you can get
the keys it depends a little bit on the device so put a smart home gateway which I have actually open here so if you want to take a look later it has a lot of test points and it has swd enabled by default if you ever have this kind of device then here's like the layout of
the pins we have SW we have our serial port there so we can get some information and information we can get us actually as soon as the device is running we can connect over swd and just dump the whole memory and get a key from there if you connect over cereal then you can get access to a CLI
and I mean this is like a long list of commands but the most important are this one so you can if you connect it over Syria you can update it from it directly without any need to to manipulate in like many mental models or whatever so you can just send your own server bare so while it's very easy to get access to the gauge me it's a little bit more difficult if you have for example a
light bulb and then the question is hey can we get access to this thing without a heart attack and heart rate attack what I mean with that is sodalite pop what you see here in a picture is actually at the end of the day if you want to extract the the chip from where is you have to sort open because it's like you know a little bit complex to open it so this is usually the case which you don't want to use after that after you hear get access to this device so the what do you want to do is we want to get some access on the device without restoring the device open and the good news here is again the ephemeris are not signed so what we can just do is hey just create a modified firmware which gives us the key automatically ok the bonus of that would be we don't need a hardware access but there's a big problem and the problem is in a difference for example to make you cleaner which ones to complete a bun to operation system this light bulbs have a bare metal as so basically you have no so you have just one binary which is running and no like file system where you can change like individual binaries so we need to do we need to patch the binary okay so let's talk about binary
patching so if you have a binary what
happens quite often this but we have some ore in our original code we have some some function which is running at at some point you have some for example branch links which are jumping in some other code our goal if you want to modify this fingers but we have some patch coat and the somehow manipulate this branch link that it instead of going to the regular code it goes into the patch code to not break it from geology after that we want to go back at the end so we want to call the original function after that again so what does it mean so we need to modify the program flow we need to add existing code additional code but the trick here is also we need to use existing functions because all the things which are not present in the firmware we need to bring somehow into the firmware okay
so why why is binary patching so difficult especially especially for arm it's the case so as soon as you overwrite branch instructions the new address is more less dependent of the program counter so you cannot you cannot work with fixed fixed addresses in the brushings most of the time if you want to modify binaries you need to write new code in assembly which some people can do but the thing most of the time is a little bit risky especially if you have like Bob they have only one shot to put your finger on it if it's crashes when they live Pakistan also what you need to do is the model to model the address space so you need to have some idea what the Ramblas looked looked like if you want to access the RAM and so on and you need to make sure that you have specific free space for petrol layer and you need poor existing functions and just now the problem is because we have a lot of devices you need to handle different firmware versions and different devices so luckily for us best that's a great great tool for that and which is called next one and this takes care of most of these problems so what's next one next
one wasn't it initially the developer Danny B Keima and Matias shirts at the Zemo labs and attitude are cut Danny is also here in the first row so if you have any questions to him he is happily to answer at a help I hope so it's a sea-based firm a binary patching framework and it supports cortex a and cortex-m binaries so you not only can I modify code XM premier but you can also modify cortex a binaries in your Linux system for example and the main use case of this framework was to modify the full mag rifle firmware in for example smartphones or like on a Raspberry Pi so what you can do with that is you can modify the are member in you're in the in your smartphone's Wi-Fi chip so for example did you rid of the idea of that as to enable monitor ports so you can can see by fat traffic which is not supposed for you or you can do other stuff for our use case we want to use it to modify IOT firmware next one
itself is it's quite black magic so it contains a lot of make file scripts and GCC plugin so this is more less the the map what it does for the by firmware but for us and we don't need so much so for us as the the simplified version is absolutely ok the interesting thing here is but what does the next month what next one does for us is taking our patch and it makes sure that it get linked to the correct functions which already existing in the code so basically it takes care of all the linking and so on so we don't need to do it manually the requirements for that are the following
so we need at some point minute you have to fight for about the binary of course then we need to know the memory layout so where the functions are or how the binary is loaded for example or how the memory is looking like if you want to to bright patch coach then then we need to have a free space on the flash for the patch patch code if you don't have enough free space for example if the flash chip is already full then you need to make some free space in terms of delete functions which are maybe not used or hopefully introduced and if you want to reuse functions you need to know the function names and the signatures and you need to know where they are ok like I said this is a step by step approach let's start with step one and
between diff embryo so the whole time I were talking about the smart home gateway but it's more less the same for the laptops and for the all the other products which are based on this ship ok so how we get it from Ram there's one
possibility if you open the device you can just dump the SPI flash for example jtech swd or disorder the flash a helper tool if your if you want to use JJ go SWT you can use by pious absolutely sufficient for that and problem OCD the good thing is Marvel gives you all the tools are ready to to connect to this trip over a swd or day tech if you disorder trip you can read it out with flash rom the other possibility is but intercept to traffic what a firmware update but here the idea is the following advice but you actually block the updates that you get the but you intercept the different update but you block it for the device because you don't want to device to actually update your firmware and here show me gets a little bit sneaky so if dns is failing if hy the first time to update the different preferred DNS address and it fails when they sent a comment again this time with IP address so if you were clever enough to redirect your host names in your router then in the second time this device will be updated for some devices not for this lighting stuff but for our devices if they use SSL most of the time you can just use fake certificates or what I experienced a few block SSL at some point we go they they fall back to HTTP and they do the update of HTTP the goal of this whole thing is to retrieve the special URL for a firmware update and the reason is the following if you want to download the
firmware defer file names are not easy guessable because the file name of the firmware update has the md5 checksum of your firmware update as you usually don't know it you can't download it the other thing is ver CDN is using out authentication so basically you get some kind of token to download the firmware which is I think valid like for two months or so but but still you need to have to store them to be able to download the firmware if I just give you the URL with the filename you can download that you get to the access denied so you need justice you well that's let's assume that you have it already so you intercepted it for example a fire shark or you have to further different very image the next step what we need to do is we need to
pass the program members have to bet
altitude that they have a proprietary format and it's like difficult to load an either pro for example and you need to know where the segments are what the segment's are how big they are and where the entry point is so our goal here is converter firmware to some kind of elf format or file because the Alpha has some description and it tells you where the segments for example are so we need to understand how it works and the idea here is like the typical thing what you do all the time so you get some kind of SDK from the vendor for example for Marvel you can download the Amazon SDK and you just compile a sample firmware and you just look okay so I have to at some point you have to elf file and then you look okay what's the output and then you try to figure out what's going on there and for Marvel is the case what is
Grace at some point the elf i/o and by using Ben later in the script the tool which is called a GFX memory which converts the frame rate to a binary format so we did background rubriz engineering for you
so this is saudi the header looks like from the from a format format and we have a tool which can go from this binary format into the elf format and from elf back to to binary there's one fun thing which I'd never tested but if someone of you has the smart Barbie doll it has the same chip actually so this is for you for the people of you who don't know that it's a from Xiaomi is from from the Bobbie company yeah whatever Bobbie is to which company is doing Bobby it's actually the door where your kids can tell you Bobby some stories and then as parents you can listen to the stories on your smart phone so if your kid is telling your Bobby is secret then you guys the parents will know that that's Carrie but yeah in case of
mediatek t format is looking quite similar again we have some kind of segments this time we use some kind of checksum while the mother maria has no checksum in there basically if you change specific like if you change this you you are all in the binary when you can upload the binary and it should be fine so let's take a look at the workflow for
Marvel so let's assume we have intercepted the firmware we do not affirm to ourselves how I guess how we get the the happy past firmware so as soon as we run our parser tool what it does is it figures out where the sections are and creates for us D sections as individual files and two kinds of scripts the one script is the description of the sections for the LD comment which is later important for manufacturers to rebuild it from there and the second script that you get out of our tool is that it gets commands for the object copy and also the LD command so if you if you run the Buddha recommends then at the end of the day you have an L file which is correctly which is lit up correctly as an example here this is the
command which I run for the firmware which I downloaded like a few days ago and I actually yeah it's quite new firmware you see the boot date this is the date where they built actually firmware and you see it has free sections and when we run this is how the the the fing Cobra looks like and as soon as run this little script will you see there at the end of the day we get an elf file which is also correctly working in theory you could take this alpha and can run it on Linux but I think shouldn't do anything at least yeah so having get alpha now what can we do it next well we can load it in this
is disassembler so I use either because I got at some point I don't license I think most of most of you most of you will use a different disassembler but you can just load the D file into either
and you can figure out where the interesting areas are what I figured out at some point is that you have some spaces in the firmware where at some point the data from the one from procurement memory is copied into this space so basically what you see here is that's other free main interesting fields check the Mac is a place where the MAC addresses like stored later tected d ID is the address where the device ID is stored and the key below there there's also the model numbers the theoretically could get the model number but the model number is known and there's also every year for the locally for the for the server for example if you have a Taiwanese device when it's like TW the air or if you have Chinese the bus is empty right so now we need to prepare all the
data for next month
so I showed you the deposition layout in the beginning so what I what we figured out is that the petition has a size of 600 X 14 kilobyte at the size of the original firmware it's only 569 so basically we have a lot of space for our patches so the trick is as we need space for our patches we just append 1218 our bots which is that pattern hex so we end with the new section file I choose we have choosen section file to you because it contains all the code where we have the original section and we have the patch coach so this is
looking like this so now we have some space to put our patches in if you do it
Linux it's quite easy you can just use DG to do batch so at the end of the day we have some space for our patches now the next step is we need to figure out what are the function names and for
example for every function but you want you to use later in the source code and you're in your own patch you need to figure out if it's existing already in the firmware or not or you have to introduce it later so how we do that again we take the SDK we compile an example project which more or less contains all the stuff between each later and because it's compared with two back symbols what we can do is that we can load the binary into either it make a make a diff between the or unknown like executable and our example executable for either base a free placard which is called bin def which you can download for me only the version 4.2 works is so 4.3 is somehow completely backed and doesn't work for me so what did what how does it look
like so you see here on the left side the name primary these are all the unknown functions which are in the binary and on the right side the name secondary just actually the functions which I use for my example project which I compared myself so basically I can align all the functions all the unknown functions into my into my unknown firmware and then no more like I think 70% of the functions are unknown after that so for example
for this gateway I have chosen a few functions which are interesting for me for example with an HTTP seagate command which is doing a get query to your web server I found out where what the address is for that there's a pin to hex command as an printf is also quite useful the M printf is a console output so if you connect it over serial then this command is used to check out put anything on over cereal and for the Shyama cloud specific there's a command called or a function called ot Utama info and this is actually the lock in command 2d cloud if the device is connected over UDP so like I said this device can come and communicate to the cloud over TCP and UDP so if you patch the UDP function and something goes wrong we have saw the TCP function so we can maybe unbreak the device if you did something from busy hole perform what we use here in this otu time our info function there's at some point is an printf and this is like the address of days and product this is also useful for Palais des ok so after that we have the
binary we have we know how the memory layout looks like because the the header file of the firmware told us small as where the segments are loaded at which memory addresses we created a more free space to for the flash of the patch in a flash of default for the patch and we know now the functions function names and the signatures so we need to
configure our next one so next month like I said is consisting of a lot of like different scripts and now I give you like a step by step and what you need to do if you want to add a new device the first thing is there's a
firmware version file we just need to create like define like a number for the device it could be any number just some some number which is internally used by by the GCC plugin of next month so just define like a new device and maybe a new firmware in the next step we need to
tell a next one if you waiter device where it can find everything so for example where is our
original code this information we know from from a deposit tool and also we need to tell where is the space for the patch for the patch code and for both things we need to tell it how much space is available especially the patch size is very important so you don't want to go over over this I actually don't know what happens if you have if the patch is bigger prentiss but usually should never happen right so the next thing is now we
want to write up we want to define the existing functions so like I said from EDD interesting function was HTTP Sighet so here you see the device sorry the function name and the signature so this are the arguments for the task and what you do here is and this is the important thing is you tell more or less the next one framework at which address it can find the dysfunction in the in the frame rail and the same stuff we do for the pin has been to X function and we do it for its woops sorry for its end printf and we do it also for BA for this VM printf which is giving us the console output so by just be telling next one exactly where you can way it can find the stuff for this one particular device and for this one particular firmware version okay so let's write our patch
compound rebuild so this is one of one
one of my example patches so what I do here is actually I do HTTP request to my server so we saw an Ida where the interesting memory areas also here are the addresses of the MAC address device ID key I created a buffer and what I do here is I convert to key into in some hex format and a run just HTTP GET on my server so later on if I look at my server lockers can see the key hopefully in kinetics the important thing here is that we need to tell the next known framework where it has to to patch this
thing so in this case this address is more or less the branch instruction the branch link and the thing because we don't want to break the functionality of two device so here you see also be returned actually in the original printf again so basically we as every time if the SN printf is called in this otu info function we jump into dispatch it we extract the key and when we jump we we go back to the original program flow so the device is still functional that so now we have our patch
so what if we do build thing so we come if you compile everything with the next one we get two sacraments sections again sorry and then we built different way again and we can use the model tool to build the original firmware which is then patched ok so now we need to up
apply that and at this point I mean I should say it like before but obviously a you rarity is void after that every time you open it the buyers actually it's a problematic thing so how we do
that the first step and this is the step in which we can't avoid at least for the devices like the light bulbs we need to have a new firmware update it must be available so if you're already sitting on the newest firmware update is not possible so the as soon as we get like this OTA update command from the public cloud then it's a good sign because that means actually has a new firmware update so we can somehow manipulate wet and how how this is done is actually sorry there's any maintenance problem this is this would be a usual way so we would get a we what major HTTP request to the cloud server and we would get a firmware but we don't want that because we don't want to have the the newest version on the device instead what we're doing here is we using a DNA some kind of DNS switch and we're switching this thing to our IOT village CDN so our patched from via is downloaded to the device and when the device is very happy about that I try to prepare a demo but the thing is it's nearly impossible to have Wi-Fi here so don't want to break the devices but if you interested you can take a look later on the devices and we can try something so something out is one also one interesting thing if you
get the SDK they have also some very interesting demo applications there for example p2p demo where the devices can make some PHP net network in over Wi-Fi there's a Wi-Fi frame and Jack demo or like a Wi-Fi sniffer demo so you can use this kind of demos for you know your patches if you're interested in doing specific things okay so for the summary
what we can do we can modify the firmware we can route we can route the device and you can do it remotely and this is sort of thanks to the missing integrity checks so we then don't check for the md5 we don't have any signatures in the firmware what you can do then is like we can read all the cloud communication enfranchise because as soon as we have to keep we can decrypt it and we can run it for example also with our own cloud it's one thing where
I told tell anyone how everyone at the end of my slides and this is like the thing never leave huge devices and provisioned I know people who who bought abided light bulbs and they put just the light bulbs in somewhere in their home and just use them as normal laptops which doesn't make sense for Wi-Fi connected light bulb what what happens is this devices on provision so everyone who is like in proximity of this light pop can provision that for you and install some malicious software on it also be careful with devices which you buy at Amazon or I eBay and so on you have no idea what kind of firm is installed and the thing is you can you can't actually check that so they have no possibility like with a laptop to figure out its different way like malicious or not malicious and so on you can do anything but remember there so
for the conclusion the best practices are for IOT devices or like in general for embedded devices are not used so they I have no md5 verification if they use HTTPS when it's broken or they don't use HTTPS at all the certificate verification is also broken the hardware security features are missing so some of the chips actually have features like secure boot or what you can do some some verification of the firmware in hardware they're not using that the good thing for us we can modify devices but the bad fingers everyone else who have some knowledge about that can that can do that too alright so I want to thank a few people
Danya vickima who did the next one fabric and help me the audio research also professionally from the from the recent university these emo lab professor matias avec from the two dumpster and andrew sellers and his team from the boston university sai baba clinic and there's a particular reason why he's there because in us to publish specific things is a little bit tricky with the laws so basically they make sure that i'm not getting into trouble so i'm special thanks for them and that's all for my presentations and i'm
happy to answer your questions or if you need any contact data you just can i created especially for the DEF CON a twitter account so I can send pictures future messages tweets whatever or meet me in Boston or about me or telegram okay thank you very much [Applause]