You Need Some Binwalk

If you're reading this, I assume you develop for the Internet of Things.

Now, that's a really broad definition. It takes lots of different skills to develop in this market. You need mobile app developers, distributed system developers, software developers, and hardware developers — just to name a few of the specialties needed. Here, I'm talking to those of us who develop the software that controls the actual client devices.

You need to start using binwalk.

Now, I don't know if you have heard of it or if you haven't, but you certainly have now. I use binwalk to pull apart firmware images that I'm reverse engineering. I'm usually looking for flaws, but you don't need to take that approach (and probably shouldn't, unless you're into that kind of thing).

No, you should use binwalk to get better.

So binwalk is really handy for carving artifacts out of firmware images — artifacts like kernels or bootloaders or filesystems. And it'll even extract the entire filesystem for you. Now, you're not likely to be interested in the actual code in the kernel, or in the bootloader for that matter. These are usually commodity components built from easily accessible code bases. The things in the filesystem are a different matter entirely. These things tend to follow a common pattern, at least when they're built atop an embedded Linux base. They'll have a bootloader, a Linux kernel, a filesystem of some kind, use busybox, and run some kind of daemon process. The daemon process, from a design perspective, is the most important piece. This is usually custom software developed specifically for that system.

You can pull this out of the filesystem, run it in QEMU, and see how it works. You could even disassemble it. You can see exactly what your competition is engineering, and use this to build better products.

Give yourself an edge — make binwalk your friend.