Recon 2024

Bare Metal Firmware Dev: Forwards and Backwards
06-29, 13:00–14:00 (US/Eastern), Soprano A

Developing firmware is an essential skill that cyber security professionals should be familiar with to gain a deeper understanding of the foundation of most systems that are being relied on. Additionally, a fundamental understanding of firmware development is a valuable asset in the realm of firmware reverse engineering. This presentation aims to tackle both directions of firmware (development/reversing) to give the audience a better understanding of the intricacies with each process. The firmware development portion of the presentation will walk the audience through the basic steps to deploy a firmware application on an embedded microcontroller (STM32). The application will be developed in such a way that it is intended to be reversed. The second half of the presentation deals with the firmware binary and the steps necessary to fully recover the firmware as much as possible. An important note is that these tools and firmware will be open-source and therefore the audience can attempt this work on their own. Takeaways from this talk include an understanding of bare metal development environments, embedded C code, memory mapping and peripherals, as well as an intermediate understanding of Ghidra.


The workshop will review the following code: https://github.com/So11Deo6loria/basicFirmwareExample

The talk will also include a tool we released to enabled manufacturer based HAL driver type loading directly into Ghidra via the API: https://github.com/So11Deo6loria/typeLoader

See also: GitHub

Caleb Davis is a founding member of the Cybersecurity organization, SolaSec. Caleb operates out of the Dallas/Fort Worth area and has a degree in Electrical Engineering from the University of Texas at Tyler. He is an inventor/patent holder and has a background in embedded hardware/software development. He leads a team of experts that regularly perform penetration testing across a wide variety of products including medical devices, ATMs, chemical control systems, security solutions, and other commercial products. Additionally, Caleb has a passion for integrating security into the product development life cycle and has helped several organizations in their approach to shifting left.

Kyle Shockley is one of the founding members of SolaSec. He received a B.S. in Finance and International Business, as well as an M.S. in Information Systems from Indiana University. Kyle has delivered high-value information technology solutions for over 12 years to clients in multiple industries. With experience in a variety of projects, Kyle has developed vulnerability management programs, executed advanced adversarial attack simulations, and built IT strategic roadmaps for clients around the world.