Embedded/IoT Linux for Red-Blue Teams

June 30, 2023 Courses
Embedded/IoT Linux for Red-Blue Teams

English | MP4 | AVC 1920×1080 | AAC 44KHz 2ch | 28 Lessons (6h 57m) | 9.33 GB

This course is a deep dive into Embedded/IoT firmware where we will start from the very basics – understand the multistage boot process, the kernel and root filesystem, how to build them with a custom toolchain, and how they can be compromised with the user and kernel-mode backdoors/rootkits. We will be using the latest 4.15.x kernel for this course on an ARM architecture board.

A non-exhaustive list of topics to be covered include:

  • Embedded/IoT device architecture basics
  • Understanding the Boot Process
  • Multi-stage Bootloaders
  • Creating a custom toolchain with crosstool-NG
  • U-boot build and deep dive
  • Booting a device manually with u-boot
  • Kernel and Device Tree basics
  • Custom Kernel and DTB builds
  • Building the runtime C library (uClibc)
  • Building the root filesystem and BusyBox
  • Debugging the system over UART
  • Understanding Kernel mode rootkits
  • Embedded/IoT system constraints
  • Kernel mode rootkits on IoT/Embedded devices
  • Syscall monitoring and hijacking
  • Process manipulation
  • Network stacking hooking with Netfilter
  • Kernel mode Network backdoor with C&C
  • and many others
Table of Contents

1 Course Introduction
2 Embedded Linux Booting Process (Multi-Stage Bootloaders, Kernel, Filesystem)
3 Booting the BeagleBone Black with Custom Linux
4 Deep Dive Exploring U-Boot
5 U-Boot Linux Manual Boot
6 U-Boot Network Booting
7 U-Boot Bootkit Filesystem Tampering
8 IoT Firmware Internals The Toolchain
9 IoT Firmware Internals The Bootloader U-Boot
10 IoT Firmware Internals Kernel and Device Tree
11 IoT Firmware Internals Root Filesystem with Buildroot
12 IoT Firmware Internals Booting the Devicets
13 IoT Backdoors Remote Shell
14 Understanding IoT Rootkits Hello World
15 Understanding IoT Rootkits Hiding Itself
16 Understanding IoT Rootkits Modify Process Name
17 Understanding IoT Rootkits System Call Monitoring
18 Understanding IoT Rootkits Subverting Kill Command
19 Understanding IoT Rootkits Network Stack Monitoring
20 Understanding IoT Rootkits Network Stack Backdoor
21 IoTEmbedded Device UART Access
22 IoTEmbedded Device Navigating the GPL Code
23 GPL Firmware Compile Custom Userspace Applications
24 GPL Firmware Kernel Compilation
25 GPL Firmware Porting Custom Kernel Modules
26 GPL Firmware Porting iamhiding.ko
27 GPL Firmware Porting Netfilter Monitor
28 GPL Firmware Porting Network Backdoor Demo

Homepage

Resolve the captcha to access the links!