Versions Compared

Old Version 148

changes.mady.by.user Laura Mandolini

Saved on

compared with

New Version 149

changes.mady.by.user Francesco Mariani

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Firmware Reviewer provides in-depth firmware analysis (binaries, file systems, containers, virtual machines, IoT, UEFI, Appliances, Network Devices, Smart Meters, Surveillance devices, Drones, etc.), allowing to explore vulnerabilities at the same time to keeping the software securely in your own hands, at your premises. It can be used for a bunch of binary file formats, withNo need of related physical device.

...

The OWASP Firmware Security Testing Methodology is composed of nine stages tailored to enable security researchers, software developers, consultants, hobbyists, and Information Security professionals with conducting firmware security assessments. Firmware analysis is a tough challenge with a lot of tasks. Many of these tasks can be automated (either with new approaches or incorporation of existing tools) so that a security analyst can focus on its main task: Analyzing the firmware (and finding vulnerabilities). Firmware Reviewer implements this automation leading to more complete analysis as well as a massive speedup in vulnerability hunting and is able to assist you during all the nine stages:

Stage

Description

1. Information gathering and reconnaissance

Acquire all relative technical and documentation details pertaining to the target device's firmware

2. Obtaining firmware

Attain firmware using one or more of the proposed methods listed

3. Analyzing firmware

Examine the target firmware's characteristics

4. Extracting the filesystem

Carve filesystem contents from the target firmware

5. Analyzing filesystem contents

Statically analyze extracted filesystem configuration files and binaries for vulnerabilities

6. Emulating firmware

Emulate firmware files and components

7. Dynamic analysis

Perform dynamic security testing against firmware and application interfaces

8. Runtime analysis

Analyze compiled binaries during device runtime

9. Binary Exploitation

Exploit identified vulnerabilities discovered in previous stages to attain root and/or code execution


Firmware Detections

Section

Description

Device Firmware Vulnerabilities

Image Modified

·         Out-of-date core components

·         Unsupported core components

·         Expired and/or self-signed certificates

·         Same certificate used on multiple devices

·         Admin web interface concerns

·         Hardcoded or easy to guess credentials

·         Sensitive information disclosure

·         Sensitive URL disclosure

·         Encryption key and Password hashes exposure

·         Backdoor accounts

·         Vulnerable services (web, ssh, tftp, etc.)

·         Unauthenticated access

·         Weak authentication

·         Hidden back-doors

·         Unauthenticated CGI

·         Encryption keys stored in firmware

·         Buffer overflows vulnerabilities

·         Debug services in production systems

Manufacturer Recommendations

IoT Top 10 2018Image Modified

·         Ensure that supported and up-to-date software is used by developers

·         Ensure that robust update mechanisms are in place for devices

·         Ensure that certificates are not duplicated across devices and product lines.

·         Ensure supported and up-to-date software is used by developers

·         Develop a mechanism to ensure a new certificate is installed when old ones expire

·         Disable deprecated SSL versions

·         Ensure developers do not code in easy to guess or common admin passwords

·         Ensure services such as SSH have a secure password created

·         Develop a mechanism that requires the user to create a secure admin password during initial device setup

·         Ensure developers do not hard code passwords or hashes

·         Have source code reviewed by a third party before releasing device to production

·         Ensure industry standard encryption or strong hashing is used

Device Firmware Guidance and Instruction

Image Modified

·         Firmware extraction and file analysis

·         Dynamic binary analysis

·         Static binary and code analysis

·         Firmware emulation

·         File system analysis

·         Software Composition Analysis (Third-party libraries)

Firmware Reviewer provides a set of plugins (test cases) which are used to perform the assessment and can be extended easily with new ones.

...

Comparison between Versions

The File Compare check is a mechanism to compare a file from a previous run with the file from the current run. It provides more insights into file changes, since it allows comparing two versions of a file rather than comparing only a digest. Last, the Tree Check will produce an informational output listing new files, deleted files, and modified files. Firmware Reviewer can compare several images or single files. Furthermore, Unpacking, analysis and compares are based on plug-ins guaranteeing maximal flexibility and expandability.

...

In many cases you might want to compare Firmware samples. For instance, you might want to know if and where a manufacturer fixed an issue in a new firmware version. Or you might want to know if the firmware on your device the original firmware is of provided by the manufacturer. If they differ, you want to know which parts are changed for further investigation. Again, Firmware Reviewer is able to automate many of these challenges, like: Identify changed / equal files and Identify changed software versions.

...

DISCLAIMER: Firmware Reviewer never operates on physical devices.

COPYRIGHT (C) 2014-2021 SECURITY REVIEWER SRL. ALL RIGHTS RESERVED.