Building a Tool to Access All Firmware on Device

ExylonFiber · Dec 26, 2020

I am trying to write a tool that queries all devices on the platform that have firmware. However, I can't find any information on how to access the firmware. Take for example, the Elan Touchpad on my device has firmware. However I can't seem to find a way to access it to extract it and analyze the firmware file from the Touchpad. I've scoured Google and YouTube and a number of forums and I have not seen a clear response on how to do something like this. Any help would be greatly appreciated as I have spent a lot of time on this!

ExylonFiber · Dec 27, 2020

Spirit Wolfe said:
Here's a thought on your dilemma.

One of the reasons why you probably can not find any such tool for extracting (basically, I think it might teeter on reverese engineering or decompileing) the firmware of, as from your example, the mouse touchpad, or another example would be the biometric fingerprint reader, is because FIRMWARE is JUST THAT "FIRM" ; meaning "software" that cannot gotten to once installed.

Furthermore, MOST (if not ALL) firmware is most likely written in MACHINE LANGUAGE (.ML). Machine language is nothing more but tightly written "software" that's so compressed that it probably would only make sense to the developers whom introduced the firmware updates (a.k.a. drivers) in the first place.

Nevermind stating the obvious, that reverse engineering copyrighted (proprietary) code is illegal...

Cheers!

Sent from my SM-G965U using Tapatalk

So, it's not possible to extract firmware, like touchpad firmware?

ExylonFiber · Dec 27, 2020

Spirit Wolfe said:
I am not saying it not possible, ExylonFiber, just difficult because of how small PCBs (Printed Circut Boards [like motherboards for computers]) have become over the years.

There's an article that I found on Embeddedbits.org named "Extracting firmware from devices using JTAG", with the link below:

#embeddedbits

embeddedbits.org

According to this article because PCBs, like motherboards on computers, hardrives & printers, etc., are getting smaller & smaller, the JTAG standard (IEEE 1149.1) was introduced in 1985 for exactly your purpose in mind.

Hope this helps...

CHEERS!

Sent from my SM-G965U using Tapatalk

Is it inaccessible to access device firmware using software? JTAG seems a little extreme

Neemobeer · Jan 3, 2021

While I do have a computer engineering degree I've never delved into firmware nor driver development. Both of which require a somewhat specialized set of development skills. While such a tool would be cool in theory I don't see a practical need for such nor do I believe there to be a one-size fits all tool that could be developed. Some devices firmware will likely be directly accessible via Windows and the Windows SDK, but I imagine others are either flat out not accessible and/or may require access via their device drivers or may have security checks to access and even more so to write the firmware.

If there even is a market or user base for such a tool it's likely a niche group at best.

Firmware attacks are extremely rare and all known occurrences are from state-sponsored APT groups.
Since firmware operators outside the bounds of the operating system it could easily spoof or flat out block your attempts to access or validate the firmware.
Since not all firmware is accessible or easily modified creating a backup of known good firmware may be moot.
Messing with firmware will definitely void any warranties and you risk damaging the firmware and bricking devices.

xOwNx · Dec 17, 2021

Neemobeer said:
While I do have a computer engineering degree I've never delved into firmware nor driver development. Both of which require a somewhat specialized set of development skills. While such a tool would be cool in theory I don't see a practical need for such nor do I believe there to be a one-size fits all tool that could be developed. Some devices firmware will likely be directly accessible via Windows and the Windows SDK, but I imagine others are either flat out not accessible and/or may require access via their device drivers or may have security checks to access and even more so to write the firmware.

If there even is a market or user base for such a tool it's likely a niche group at best.

Firmware attacks are extremely rare and all known occurrences are from state-sponsored APT groups.

Since firmware operators outside the bounds of the operating system it could easily spoof or flat out block your attempts to access or validate the firmware.

Since not all firmware is accessible or easily modified creating a backup of known good firmware may be moot.

Messing with firmware will definitely void any warranties and you risk damaging the firmware and bricking devices.

While mostly right, AIO tool for extracting any firmware as of now highly impossible especially if all you want to do is run a few commands click a few buttons. That being said you can extract the firmware from any device by hacking the hardware itself, with so many devices and variant of different hardware in said devices there's simply can't be a One tool does it all but here's and example on how to manually extract firmware from devices

Opening it and connecting to the flash chip
Here's the link for the full steps

Redirect Notice

Building a Tool to Access All Firmware on Device

ExylonFiber

Well-Known Member

ExylonFiber

Well-Known Member

ExylonFiber

Well-Known Member

#embeddedbits

Neemobeer

Cloud Security Engineer

xOwNx

New Member

Attachments

Similar threads