Firmaster: Analysis Tool for Home Router Firmware

2018 15th International Joint Conference on Computer Science and Software Engineering (JCSSE) Pub Date : 2018-07-01 DOI:10.1109/JCSSE.2018.8457340

V. Visoottiviseth, Pongnapat Jutadhammakorn, Natthamon Pongchanchai, Pongjarun Kosolyudhthasarn

{"title":"Firmaster: Analysis Tool for Home Router Firmware","authors":"V. Visoottiviseth, Pongnapat Jutadhammakorn, Natthamon Pongchanchai, Pongjarun Kosolyudhthasarn","doi":"10.1109/JCSSE.2018.8457340","DOIUrl":null,"url":null,"abstract":"As the Internet has changed the way people communicate with each other in everyday life, the number of home Wi-Fi access routers has grown up significantly over the past few years. However, the security of routers used in every household is still in the low level. The common vulnerabilities in routers can be easily exploited by an attacker in order to obtain user’s sensitive information or even compromise the devices to be a part of the botnet network. Therefore, we developed one-stop service firmware analysis tool that can perform both static and dynamic analysis for the router firmware called “Firmaster”. textbfThe program is operated under graphical user interface (GUI) of Qt creator running on the Ubuntu Linux machine. textbfVulnerabilities of firmware analyzed by Firmaster program are based on OWASP’s Top 10 IoT Vulnerabilities 2014. Firmaster contains seven main functions: password cracking, SSL scanning, web static analysis, firmware update analysis, web dynamic analysis, port scanning and the summary report.","PeriodicalId":338973,"journal":{"name":"2018 15th International Joint Conference on Computer Science and Software Engineering (JCSSE)","volume":"100 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 15th International Joint Conference on Computer Science and Software Engineering (JCSSE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/JCSSE.2018.8457340","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

Abstract

As the Internet has changed the way people communicate with each other in everyday life, the number of home Wi-Fi access routers has grown up significantly over the past few years. However, the security of routers used in every household is still in the low level. The common vulnerabilities in routers can be easily exploited by an attacker in order to obtain user’s sensitive information or even compromise the devices to be a part of the botnet network. Therefore, we developed one-stop service firmware analysis tool that can perform both static and dynamic analysis for the router firmware called “Firmaster”. textbfThe program is operated under graphical user interface (GUI) of Qt creator running on the Ubuntu Linux machine. textbfVulnerabilities of firmware analyzed by Firmaster program are based on OWASP’s Top 10 IoT Vulnerabilities 2014. Firmaster contains seven main functions: password cracking, SSL scanning, web static analysis, firmware update analysis, web dynamic analysis, port scanning and the summary report.

查看原文本刊更多论文

Firmaster:家用路由器固件分析工具

随着互联网改变了人们在日常生活中相互交流的方式，家庭Wi-Fi接入路由器的数量在过去几年中显著增长。然而，目前家家户户使用的路由器的安全性还处于较低水平。路由器中常见的漏洞很容易被攻击者利用，以获取用户的敏感信息，甚至危及设备成为僵尸网络的一部分。因此，我们开发了一站式服务固件分析工具，可以对路由器固件进行静态和动态分析，称为“Firmaster”。该程序在Qt creator的图形用户界面(GUI)下运行，运行在Ubuntu Linux机器上。textbffirmaster程序分析的固件漏洞基于OWASP 2014年十大物联网漏洞。Firmaster包含七个主要功能:密码破解、SSL扫描、web静态分析、固件更新分析、web动态分析、端口扫描和汇总报告。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2018 15th International Joint Conference on Computer Science and Software Engineering (JCSSE)

自引率

0.00%

发文量