You're reading from Practical Hardware Pentesting A guide to attacking embedded systems and protecting them against the most common hardware attacks

Product type Paperback

Published in Apr 2021

Publisher Packt

ISBN-13 9781789619133

Length 382 pages

Edition 1st Edition

Tools

Embedded Systems

Concepts

Embedded Systems

Author (1):

Jean-Georges Valle

View More author details

Table of Contents (20) Chapters

Preface

1. Section 1: Getting to Know the Hardware

2. Chapter 1: Setting Up Your Pentesting Lab and Ensuring Lab Safety FREE CHAPTER

3. Chapter 2: Understanding Your Target

4. Chapter 3: Identifying the Components of Your Target

5. Chapter 4: Approaching and Planning the Test

6. Section 2: Attacking the Hardware

7. Chapter 5: Our Main Attack Platform

8. Chapter 6: Sniffing and Attacking the Most Common Protocols

9. Chapter 7: Extracting and Manipulating Onboard Storage

10. Chapter 8: Attacking Wi-Fi, Bluetooth, and BLE

11. Chapter 9: Software-Defined Radio Attacks

12. Section 3: Attacking the Software

13. Chapter 10: Accessing the Debug Interfaces

14. Chapter 11: Static Reverse Engineering and Analysis

15. Chapter 12: Dynamic Reverse Engineering

16. Chapter 13: Scoring and Reporting Your Vulnerabilities

17. Chapter 14: Wrapping It Up – Mitigations and Good Practices

18. Assessments

19. Other Books You May Enjoy

Extracting the data

For cases where we don't have the data already (that is, we did not succeed in getting updates), we need to extract the data from its storage place to our computer. Being able to process and modify the data on a computer will allow us to use higher-level programming languages and tools.

Let's have a look at the most common things we have to extract.

On-chip firmware

Most micro-controllers will embed their programs (that is, their firmware), at least partially, on on-chip (or on-module) flash or other forms of storage, such as EEPROM. The worst-case scenario for us is cases where programs are stored in One-Time Programmable (OTP) memory, such as the MCU used in the Furby toy (in a masked ROM) or a lot of very cheap MCUs.

For example, most ARM chips come with on-chip flash. The ESP family of chips has a flash storage chip on the module from where the chip retrieves its program. These can usually store long-term variables (across reboots). It...