Meet Piotr, a firmware emulation tool for trainers and researchers
2021-07-07, 16:50–17:10 (Europe/Paris), Zoom room

Piotr is a tool designed to create, run and share virtual IoT devices that can be used to teach IoT security or research vulnerabilities in firmwares.

Piotr runs emulated devices inside an emulated host that provides all the tools you may need and creates a fake environment for them. This approach allows remote debugging with gdbserver or fridaserver, provides a steady platform for vulnerability research, exploitation and training.

Moreover, Piotr is able to package any emulated device into a single file that may be shared and imported by other users, thus sharing its kernel, DTB file or even its host filesystem. This way, it is possible to create new emulated devices based upon existing ones, and to improve all of them by simply changing a single file (kernel, host filesystem, etc.).

Damien Cauquil is a security consultant at Quarkslab, specialized in embedded security and hardware/software reverse-engineering. He spoke at various cybersecurity conferences including DEFCON, BruCON, CCC and LeHack. He is also the author of some opensource tools such as Btlejack or Btlejuice.