Homegrown Analysis Tools for 16-bit Microcontroller Firmware
16-bit architectures are a playground for analysis tool developers. This talk will cover the author's development of a reverse-engineering tool for the MSP430. Both the tool and this talk feature function isolation, recovery of stripped symbol information, call-graph generation, simulation, and scripting. Rather than focusing on the usage of the tool, the intent of this talk is to demonstrate how members of the audience might write their own.
Source code will be available online, and a personal walkthrough of the code will be performed during the Q&A session for those that are interested.
Travis Goodspeed
Travis Goodspeed works at the Extreme Measurement Communications Center of the DOE's Oak Ridge National Laboratory. He has spoken at ToorCon 9 and the Texas Instruments Developer's Conference regarding stack overflow exploits for the MSP430-based Wireless Sensor Networks. Having demonstrated that such attacks are possible, his present research is aimed at porting defense techniques, such as ASLR and code-auditing, to this platform.
|
