2023-07-04, 16:15–16:35 (Europe/Paris), Amphitheater
Nowadays structured firmwares can be a complete OS with thousands of files. It usually requires several hours to find the links between some components, and it is easy to get lost in this mass of information.
This talk will introduce how we have combined and extended already existing open-source solutions to solve this issue and help reversers in their daily tasks. The resulting tool, Pyrrha, allows users to visualize the different binaries and libraries of the firmware and their interactions in the form of several dependency graphs.
Pyrrha is an extension of Sourcetrail [1] an open-source code source explorer (for c/cpp, Python, and Java). This extension uses LIEF [2] to analyze imports and exports of each library and binary of the firmware and create links between them. The result is exported as a sourcetrail database. Thanks to Sourcetrail UI, the user will be able to navigate and search in the resulting firmware mapping.
[1] https://github.com/CoatiSoftware/Sourcetrail
[2] https://lief-project.github.io/
Eloïse Brocas is a security researcher and reverse engineer at Quarkslab.