Ian Dupont
Ian is a security researcher at Margin Research focused on exploit development and reverse engineering of embedded systems. A Construction Manager in a previous life, Ian now finds catharsis in deconstructing firmware and programs.
Sessions
In the wide expanse of router manufacturers and models, there is one reverse engineering target that stands out from the rest: MikroTik. Unlike many routers which run a patchwork of services that vary widely across models and firmware versions, MikroTik maintains a uniform, standardized operating system, RouterOS, which runs across all router models. Customized internal frameworks and proprietary communication protocols offer a challenging, but interesting, reverse engineering landscape. However, the reliance on complex, proprietary infrastructure and the lack of easy access to the core system imposes a high barrier to entry for new reverse engineers. As a result, MikroTik security research has largely remained in obscurity. Until now…
In this talk, we will take an exciting adventure into the depths of MikroTik firmware, revealing new insights with RouterOS’s unique IPC protocol, proprietary message format, and custom cryptographic protocols. We will also release a new RouterOS remote jailbreak, the first in three years, which should help accelerate new and ongoing research efforts. Our goal by the end of the talk is to bring an interested reverse engineer from zero knowledge to a working understanding of RouterOS internals and put MikroTik security research back into the limelight.