Overview
This course aims to teach learners how to conduct IoT vulnerability research using emulation tools like QEMU and Buildroot to set up emulated IoT devices in a Dockerized environment. The goal is to create a framework for MIPS (LE/BE) device research, providing a virtual machine with all necessary binaries, network stack, debugging tools, and more. The course covers CPU architectures, virtualization emulation, building kernels, cross-compilation, system emulation, and specific guidance for MIPS systems. The teaching method includes demonstrations and practical guides. This course is intended for individuals interested in IoT security, vulnerability research, and exploit development.
Syllabus
Introduction
Patrick Ross
Why should you listen
Why are we doing this
Vulnerability research and exploit development
Whats on the internet
CPU Architectures
CPU Architecture Differences
Virtualization Emulation
Building Your Own Kernel
Errors
Cross compilation
Cross compilation options
Login prompt
Single binary full system emulation
MIPS systems
Guides and notes
NVRAM
QMO
Demo
Next steps
Our project
Taught by
Hack In The Box Security Conference