Scribd
Upload
4 views

IoT_problem (1)

SAMPADA 2025 is a competition focused on IoT device security, where participants analyze malicious firmware from a binary file, generating reports on static and binary analysis. The task involves extracting firmware, identifying vulnerabilities, and automating the analysis process using Python scripts. The ultimate goal is to expose and neutralize threats posed by malicious firmware in IoT devices.

Uploaded by

Asad Shad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
4 views

IoT_problem (1)

SAMPADA 2025 is a competition focused on IoT device security, where participants analyze malicious firmware from a binary file, generating reports on static and binary analysis. The task involves extracting firmware, identifying vulnerabilities, and automating the analysis process using Python scripts. The ultimate goal is to expose and neutralize threats posed by malicious firmware in IoT devices.

Uploaded by

Asad Shad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

SAMPADA 2025 (DIASVPCoE)

Kurukshetra – IoT Device Security

In the legendary battlefield of Kurukshetra, where destiny was once decided with
swords and chariots, a new kind of war raged, but this time in the realm of
cyberspace. The opponents were no longer merely humans, but complex lines of
code, firmware, and malicious intent embedded in the very devices that connected
the modern world.

As the armies of Pandavas and Kauravas prepared for battle, Sanjay, blessed with
the divine power of Divya Drishti— he peered into the future of technology, where
the battleground was the complex firmware of an IoT camera, maliciously crafted by
the Kauravas to disrupt and control. The Pandavas, wise and vigilant, have intercepted
this firmware and are preparing their counterattack.

Overview:

Participants will create a solution that extracts firmware from provided binary files
and generates a report along with the script to automate the task. This task aims to
enhance participants' skills in firmware analysis, reverse engineering, and report
generation while utilizing various tools and techniques for automating the task by
Python script for structural analysis, static analysis and binary analysis.
https://tinyurl.com/Sampada2025 (Link containing Firmware and Sample Report)

Received By Participant

 Firmware File (Chakravyuh.bin)


 Task Guidelines (IoT_Report.pdf)

Expected Output from Participant

 Link for Git Lab (which includes)


o Task Report for the Solution (Filename: Registration_Number.pdf)
o Script for Static Firmware Analysis (Registration_Number_Script_1.py)
o File Structure and Security Report generated by Script
(Registration_Number _Report_1.txt)
o Script for Binary Analysis (Registration_Number_Script_2.py)
o Binary Findings Report generated by Script (Registration_Number
_Report_2.txt

The Opening Move: Static Analysis Begins

In the camp of the Pandavas, the malicious firmware, embedded in a surveillance


camera, was crafted to invade IoT systems and disrupt communication networks.

Sampada 2025: Kurukshetra – IoT Device Security 2


Participants will build a solution that:
1. Extracts the firmware from a given binary file using a script.
2. Generates a report of findings using script based on the extracted files and
data

Report to be Generated with following details


A. File Structure
 Description:
o A markdown file that provides a tree structure of the recursively
extracted firmware up to a depth of 8.
o Each file should be annotated with relevant file information.
o Use appropriate indentation to show the hierarchy.
o Include file names and their types (e.g., binary, text, image).
 Output Format:
```
# Directory Tree Structure

--- directory_name
--- file_name [file_type]
--- file_name [file_type]
...
```
B. Firmware Details
 Description:
o A detailed analysis report containing various metrics and information
extracted from the firmware files.
o Use appropriate tools to extract and compute the above information.
o Ensure all relevant data points are included in the analysis.
 Output Format:
```
File Size: <size>
MD5 Hash: <hash>
File Format: <format>
Detected URLs: <list of URLs>
Sampada 2025: Kurukshetra – IoT Device Security 3
Detected IP Addresses: <list of IP addresses>
Packing: <packing info>
Architecture: <architecture info>
Entropy: <entropy value>
Entropy Analysis: <entropy analysis>
Metadata:
- Version: <version>
- Build_date: <build_date>
- Developer: <developer>
UI Resources: <list of UI resources>
Cryptographic Algorithms: <list of algorithms>
Cryptographic Analysis: <analysis details>
Top 10 Potential Passwords: <list of passwords>
```
C. Security Details
 Description:
o A report focusing on security-related information extracted from the
firmware, highlighting potential vulnerabilities and important files.
o Search and list relevant files and data according to the specified criteria.
o Make use of text parsing tools and commands to automate the
extraction of required information.
 Output Format:
```
etc/shadow and etc/passwd files: <content>
List of etc/ssl directory files: <list>
SSL related files (.pem, .crt, etc.): <list>
Configuration files: <list>
Script files: <list>
Other .bin files: <list>
Keywords found: <list of keywords>
Common web servers used on IoT devices: <list>
Common binaries found: <list>
URLs, email addresses, and IP addresses found: <list>
```

Pandava’s static analysis had successfully mapped out the architecture of the
Kauravas’ malicious firmware, exposing every flaw without executing the code. But
this was only the beginning.

Sampada 2025: Kurukshetra – IoT Device Security 4


The Second Wave: Binary Analysis

With Pandava’s findings laying the groundwork, they were ready with brute strength
and prepared for the next phase. Now battlefield was the realm of binary analysis,
where they would analyze the extracted firmware and expose its true behavior.

 Description:
o Analyze the provided firmware binary to identify vulnerabilities,
dependencies, libraries, and any backdoors.
o List vulnerabilities discovered in the binary
o Possible attack vectors based on the vulnerabilities
o List of third-party libraries identified in the binary.
o Version information and CVE database cross-reference for known
vulnerabilities.
o Assessment of outdated libraries or risky dependencies.
 Output Format:

A. Identify the startup script of the firmware


```
Startup script of fimrware: /usr/data/cpan &
Directory_name: /usr/data
file_name: cpan
file_type: ELF 32-bit LSB executable, ARM
MD5 hash:
File size:
Architecture:
```
B. Identify if there is any malicious code in the firmware files
```
Detected strings in file:
/bin/sh
aeabi
bs.o
port_number
ip_address
Sampada 2025: Kurukshetra – IoT Device Security 5
sh_string
```
C. Search for the vulnerability in executables files in the file structure
Using open source tools and script challenge is to find vulnerability details from the
binary file

```
Port_number: <port number> [hex value]
ip_address: <IP address> [hex value]
Vulnerability /Payload type: [name of the vulnerability]
Identify encoding/encryption: [encoding/encryption method]
```
With the firmware thoroughly analyzed in both static and dynamic environments,
Pandavas turned to Krishna. "We have neutralized their primary attack vector," he
said. "But their intentions are clear—they meant to create chaos in our networks,
using this camera firmware."

The Final Blow: Victory Through Insight


The battle had been won. The malicious firmware, meant to spy and disrupt, had been
dismantled—its weaknesses exposed and neutralized. And once again, as in the
ancient days of Kurukshetra, the Pandavas stood victorious, guided by wisdom,
strategy, and the strength of their knowledge and reported the ways by which the
vulnerabilities can be utilized by the opponents.

Sampada 2025: Kurukshetra – IoT Device Security 6

You might also like