IoT_toolbox

Here i'll publish some rudimentary tools i made for vulnerability research and reverse engineering tasks for IoT routers.

⚠️ ⚠️ ⚠️ PLEASE NOTE. None of the tools released are targeting router models that I have worked on during my previous jobs. ⚠️ ⚠️ ⚠️

---

Dir

pocs :

• ASUS

automatize_tools :

• audit/py_permission_checker : Script parsing ls -lR output and returning interesting security info, for example the list of files owned by root with write or read permissions to others
• vuln_scanners : script automazing bulk-mode binary vulnerability scanners, for example binabsinspector

cross_compilation :

• Cross compilation notes
• ltrace_guide : Compile ltrace statically for arm-v7

dump_memory :

• procdump.min : Minimal process dump memory C code without using 'process_vm_readv' syscall and so ideal for old kernels

grep:

• distrib_grep.sh : do poor string distribution

gdb :

• load_library_inject.gdb : example on how to load a library inside the debeguee process memory address

helpers :

• various notes and helpers

hooks :

• hook templates

ida :

• make_data_from_to.py : Define an array of some type
• search_opcode_and_syscall : Reconstruct the association of names to syscall numbers n32 ABI, usefull for static binary compiled with different ABI syscall

ida IDC scripts :

• IDC plugins to support OSED exam preparation, some of the scripts are simplified port of devttyS0 IDAPython plugins

qemu_gdb_scripts :

• Various scripts related to qemu user-mode emulation and gdb-multiarch debugging

rude_diffing_tools :

• Rudimentary scripts to do stuff related to filesystem diff and binary diff
• Create filesystem graph and return a list of non-shared object ELF calling an external function which in turn calls a function that you're interested