Automated Firmware Metadata Extraction of IoT Devices

AuthorLeimbach, Rupert; Waidner, Michael; Roskosch, Philipp
TypeBachelor Thesis
AbstractIoT devices are practically ubiquitous in current times. Although they serve their intended purpose adequately, they also represent a serious vulnerability problem. Millions of devices with the bare minimum of security features are shipped to and installed in in a variety of locations. These devices are then connected to the network on site, without any afterthought. This is in most cases the first place an attacker would look for weaknesses. In the past years many analysts have seen this growing problem and started creating security analysis tools to confront it, but every analysis method suffers from a common problem. Aside from acquiring the firmware of such devices, the time it takes to prepare the analysis environment is in some cases almost as long as running the vulnerability tool itself. For this reason, I propose a tool that automates the process of acquiring information on the firmware itself. This is tool able to extract metadata from unknown binary files, with a focus on those that are common requirements for vulnerability analysis tools. I evaluate this tool with over 700 real-world firmware images from IoT devices and present statistics relating to the extracted metadata, including common kernel versions and their respective known vulnerabilities.
Darmstadt, TU, Bachelor Thesis, 2020