When [0xRickSanchez] found some D-Link firmware he couldn’t unpack, he was curious to find out why. The firmware had a new encryption method which was doing its job of preventing tampering and static analysis. Of course, he had to figure out how to get around it and is documenting his work in a series of blog posts.
Looking at the entropy analysis showed the data to be totally random, a good sign it was either encrypted or compressed. The target router cost about $200, but a similar cheaper router used the same encryption and thus this model became the hardware of choice for testing.
A console cable provided access to the router and an executable named imgdecrypt immediately caught his eye. Moving that file to a regular PC allowed the usual attack to see how it does its job.
We spend a lot of time thinking about reverse engineering things like this. We aren’t always looking at routers, either.
For the latest tech news and updates, Install TechCodex App, and follow us on Google News, Facebook, and Twitter. Also, if you like our efforts, consider sharing this story with your friends, this will encourage us to bring more exciting updates for you.