david/netsec-djw2
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-04-28. You can view files and clone it, but cannot push or open issues or pull requests.
d7c965d087
netsec-djw2/hw4/hw4.md
David Westgate d7c965d087 start hw4
2024-05-27 10:51:56 -07:00

891 B
Raw Blame History

Homework 3: Find the firmware

We start by copying the firmware capture file from ada to our machine

scp-firmware

Reverse Engineering

First lets open this capture up in wireshark and do a high level overview

Wireshark overview

wireshark-0

Knowing we are ultimetly looking to re-construct a firmware download, we can discern some important info from wireshark

  • There are 241,531 packets in this capture, but only some are the traffic directly related to this download
  • Client of the download is 192.168.86.167 and server origin is 192.168.86.228
  • The download is split over multiple HTTP requests by the shown convention, which themselves are split over multiple TCP requests

Questions

  1. What architecture is the firmware intended to run on?
  2. What OS is the firmware running?
  3. What users are present on the system?