Difference between pages "Open Radio Miniconf" and "Tutorials/Reverse engineering embedded software using Radare2"

From LCA2015 Delegate wiki
(Difference between pages)
Jump to: navigation, search
(Attendees)
 
 
Line 1: Line 1:
{{Trail|Programme|Miniconfs}}
+
This page describes preparation for [http://linux.conf.au/schedule/30102/view_talk?day=thursday Reverse engineering embedded software using Radare2]
  
== Miniconf Program ==
+
== Outline ==
  
Here is the draft of the program for the miniconf. No doubt we will change the build sessions around a little bit.
+
We will try and get through all the following:
Also we hope to add a few more lightning talks closer to the day.
+
  
=== 10:40-12:20 OpenRadio Introduction + Build session ===
+
* Introduction to Radare2 reverse engineering tool
 +
* The Radare2 utilities
 +
* Basics of using the Radare to examine a binary you probably have on your laptop
 +
* Looking at an arduino binary
 +
* Introduction to MIPS architecture and disassembly
 +
* Extracting firmware images
  
* Intro to OpenRadio
+
You might like to bring your own binary to play with as well instead!
* Grokking the building blocks
+
* Intro to through hole and surface mount soldering
+
* Receive block theory
+
* Build!
+
  
=== 13:20-15:00 Tx + Build session ===
+
==Important - please make an rc file ==
  
* Regulations
+
Radare2 was created by other, many people. Radare2 will by default print fortune cookies. Please, turn this feature off, by making the following file, in case there is a possibility of NSFW output.
* Get your head around the software; fldigi & spectrograms
+
* Transmitter blocks and Modulation schemes
+
* Understanding what modes the OpenRadio can send
+
* Build!
+
  
=== 15:40-17:15 OpenRadio Lightning talks ===
+
Instructions for Linux/Unix systems:
  
* Paul Warren - Open amateur transceivers
+
    echo 'e cfg.fortunes=false' > ~/.radare2rc
* Don Wallace - Where do these radio frequencies come
+
from and how do I get to use them?
+
* Kim Hawtin - RF in and RF out, your first antennas
+
  
== Open Radio Wiki ==
+
== Prerequisites ==
Check the [http://openradio.net.au/index.php/Main_Page Open Radio wiki] for more info
+
  
== OpenRadio Miniconf registrations ==
+
If during the tutorial you are planning to follow the examples and/or try your own ideas, you really want to get this sorted before the event.
  
Good morning all,
+
Minimum requirements:
 +
* a C compiler and libraries needed to build radare2 - the "apt-gettable" version is out of date
 +
* xdot for viewing callgraphs
 +
* binwalk and srecord for firmware hacking
  
So now would be a good time to open up the registration for the OpenRadio MiniConf. This is also a good time as a reminder that the CfP for the miniconf will be closing on the 14th of December.
+
Various other tools may be helpful, and indeed needed (e.g. an editor) to complete some of the examples
  
As part of the registration you are booking a seat and a kit for the OpenRadio miniconf.
+
If you are using a Debian-derived distro, for example:
  
Since this is our first build'a'thon at LCA we are setting a limit on seats to 30. We are aiming to dedicate enough time to each of the participants to complete the kit on the day.
+
    sudo apt-get install build-essential git xdot eog ghex binwalk vim gedit srecord
  
The whole day will be devoted to building the understanding the kit.
+
It should be possible to build radare2 on Linux, FreeBSD/NetBSD etc, Max OS/X and Windows and possibly on Android if you try hard enough (using a Debian root, for example)
As we have limited seats, please order only one kit.
+
  
Extra kits will be made available after the conference.
+
However, the tutorial examples have only been tested using Debian Wheezy.
  
Because of the time lines, we will be ordering kits in advance and will deliver them directly at the miniconf.
+
=== Clone & build radare2 ===
  
To register please head to Davids site;
+
Note, changing to the lca2015_tutorial branch is important, because the software is under active development there could be breakage in master upstream
  http://www.rowetel.com/blog/?page_id=3780#cart
+
  
For further information please email me at;
+
    git clone http://github.com/pastcompute/radare2
  vk5fj@wia.org.au
+
    cd radare2
 +
    git checkout tutorial_branch
 +
    ./configure
 +
    make -j
 +
    sudo make symstall
  
 +
Note, you can install as a normal user if you need to:
  
== OpenRadio Miniconf Call for Presentations at LCA2015 ==
+
    ./configure --prefix=$HOME/path/to/wherever
=== Submission Dates ===
+
    make -j
 +
    sudo make symstall
 +
    export PATH=$HOME/path/to/wherever:$PATH
  
Sunday 14th December 2014: Deadline for submissions
+
Clone the examples repository, ready for use during the tutorial
Sunday 21st December 2014: Announcements of selected proposals
+
Monday 12th January 2015: Open Radio Miniconf
+
  
=== 'No pressure' policy ===
+
    cd
The Open Radio Miniconf is a low-pressure event, and we strongly encourage anyone who has an idea for an radio-related talk to submit a proposal even if you've never presented at a conference before. Please share this CfP with anyone you know who may otherwise not consider submitting a proposal.
+
    git clone http://github.com/pastcompute/lca2015-radare2-tutorial
  
=== Commitment to Diversity ===
+
I have already added prebuilt examples to git but there are instructions for building them in git, you will need the arduino IDE or an openwrt buildroot.
We are especially keen to present a diverse range of experiences and voices, and actively encourage women and people from other groups that are frequently under-represented at tech events to submit a proposal. Please share this CfP with anyone you know who may fit with this objective.
+
  
=== Suggested Presentation Topics ===
+
==Troubleshooting==
  
Any topic which is related to both radio and open source technologies is considered on-topic for the Open Radio Miniconf.
+
The tutorial is not until Thursday afternoon. If you need help with the above ping me on Twitter, preferably before the day! [https://twitter.com/pastcompute @pastcompute]
 
+
Some ideas include:
+
 
+
* Hardware for SDR
+
* Software for SDR
+
* Protocols over the air
+
* Digital voice
+
* Understandning data modes
+
* Encoding and Decoding data
+
* Logging data or voice
+
* Positioning
+
* Radio direction finding
+
* Here's a cool thing I did with my SDR
+
* Take a look at my new modem for digital modes
+
* Simple data links with cheap radio chips
+
 
+
=== Presentation Format ===
+
Presentations will be 'lightning talks' session with multiple 5-15 minute mini-presentations. Ideally we would like to see proposals for longer lightning talks, you can also just present on the day (this is a very low-pressure way to ease yourself into presenting, so please have a think in advance about what you'd like to present).
+
 
+
=== Need some help? ===
+
If you have an idea (or the beginning of an idea) for a presentation for the Open Radio Miniconf, we'd be very happy to talk it through with you to help you develop it further. Email Kim VK5FJ at vk5fj@wia.org.au or ping him at @vk5fj on Twitter to start the conversation.
+
 
+
=== Code of Conduct ===
+
Anyone presenting at the Open Miniconf is bound by the same Code of Conduct as presenters and conference attendees of the main conference. The full LCA2015 Code of Conduct is at http://linux.conf.au/cor/code_of_conduct
+
 
+
To help ensure that presentations comply with the Code of Conduct, we require presenters to submit a copy of their presentation/slide deck for review by Monday 5th January, 2015 (one week prior to the start of LCA).
+
 
+
=== Presenter Responsibilities ===
+
Presenters at the Open Radio Miniconf must be registered attendees of the main LCA2015 conference. Presenters are responsible for their own conference registration, travel, and accommodation costs. The LCA2015 committee has made available a small number of miniconf-only passes that we will be using to enable Amateur Radio enthusiasts to present who would not otherwise be able to attend.
+
 
+
=== How to Submit Proposals ===
+
 
+
Please submit your proposal(s) by email Kim VK5FJ at vk5fj@wia.org.au
+
We encourage you to submit multiple proposals if you have multiple ideas.
+
 
+
72,
+
 
+
Kim VK5FJ
+
Open Radio Miniconf Net Operator
+
 
+
== Attendees ==
+
 
+
Please add a page for yourself and link it here so we can get an idea of numbers and notify you of updates.
+
 
+
* Name - Callsign, if you have one
+
* Kim Hawtin, VK5FJ
+
* [[User:George Patterson|George Patterson]] VK3FADQ
+
* [[User:Peter Chubb|Peter Chubb]] VK2FPC (will be multiplexing with Kernel miniconf)
+
* [[User:Paul Warren|Paul Warren]] VK1ATP
+
* [[User:Peter Howard|Peter Howard]]
+
* Amitay Isaacs
+
* Peter Lawler
+
* [[User:Nathan Willis|Nate Willis]]
+
* Andrew Mc (buildathon, then various)
+
* [[User:Gabriel Noronha|Gabriel Noronha]]
+
* [[User: Joshua Scott|Joshua Scott]]
+
* [mailto:mike.carden@gmail.com Mike Carden] VK1MC
+
* Josh Mesilane, VK3XJM
+
* Bob Edwards
+
* Simon Paterson
+
* Michael Wheeler
+
* Geordie Millar
+
* Giovanni Moretti - ZL2GX
+
* [[User: Jack Moffitt|Jack Moffitt]]
+
* [[User: Jason Lewis|Jason Lewis]]
+
* Mark Foster ZL1VMF is on the LCA2015 Org team and will try to come by and say hello as time permits :-)
+
 
+
== Aims ==
+
 
+
This will be the second Open Radio Miniconf, this time part build-a-thon, part lightning talks.
+
 
+
There are three specific aims for this coming LCA, the three layers;
+
 
+
1) Build an understanding of radio and build an SDR transceiver to cover an ISM band and the HAM HF bands.
+
 
+
2) Build an understanding of the software required to Rx and Tx
+
 
+
3) Encourage software developers to study existing over the air protocols and start to design new ones.
+
 
+
That might not sound like a lot, but we still have a big challenge to complete the second goal. The third is obviously ongoing and we hope to be able to help facilitate new works on the ISM and HAM bands.
+
 
+
Mark VK5QI has decided that his experience with the [http://www.norcalqrp.org/files/Tayloe_mixer_x3a.pdf Tayloe mixer] with [http://www.qsl.net/zl1wtt/I&Q.htm  I&Q] as used in the SoftRocks is firm ground on which to build. He has been inspired by [http://nt7s.com/2014/06/a-prototype-for-a-si5351-based-ssb-rig/ some new SSB project by NT7S], using a newly available DDS, the multiple output [https://www.adafruit.com/search?q=SI5351&b=1 SI5351]. Completing the picture, the controller is the well known [http://arduino.cc/en/Main/arduinoBoardNano Arduino], designed by Massimo Banzi (check the recent [http://soldersmoke.blogspot.com.au/2014/09/soldersmoke-podcast-165-arduinos.html soldersmoke podcast #165]).
+
 
+
So moving forward the second prototype is currently on the workbend at Marks QTH. The software stack, while complex can be simplified to using existing applications like [http://w1hkj.com/Fldigi.html FLDIGI] or building the [https://en.wikipedia.org/wiki/GNU_Radio GNU Radio][http://gnuradio.squarespace.com/ stack].
+
 
+
Following on the the how in the now, we need to look forward. Thinking about the existing protocols, the current ways of encoding data on the wire and over the air, we are aiming to approach the design of new over the air protocols.
+
 
+
We are currently working through the materials for the build-a-thon. Once we are happy with them we will update this page and put an announcement here.
+

Revision as of 22:35, 10 January 2015

This page describes preparation for Reverse engineering embedded software using Radare2

Outline

We will try and get through all the following:

  • Introduction to Radare2 reverse engineering tool
  • The Radare2 utilities
  • Basics of using the Radare to examine a binary you probably have on your laptop
  • Looking at an arduino binary
  • Introduction to MIPS architecture and disassembly
  • Extracting firmware images

You might like to bring your own binary to play with as well instead!

Important - please make an rc file

Radare2 was created by other, many people. Radare2 will by default print fortune cookies. Please, turn this feature off, by making the following file, in case there is a possibility of NSFW output.

Instructions for Linux/Unix systems:

   echo 'e cfg.fortunes=false' > ~/.radare2rc

Prerequisites

If during the tutorial you are planning to follow the examples and/or try your own ideas, you really want to get this sorted before the event.

Minimum requirements:

  • a C compiler and libraries needed to build radare2 - the "apt-gettable" version is out of date
  • xdot for viewing callgraphs
  • binwalk and srecord for firmware hacking

Various other tools may be helpful, and indeed needed (e.g. an editor) to complete some of the examples

If you are using a Debian-derived distro, for example:

   sudo apt-get install build-essential git xdot eog ghex binwalk vim gedit srecord

It should be possible to build radare2 on Linux, FreeBSD/NetBSD etc, Max OS/X and Windows and possibly on Android if you try hard enough (using a Debian root, for example)

However, the tutorial examples have only been tested using Debian Wheezy.

Clone & build radare2

Note, changing to the lca2015_tutorial branch is important, because the software is under active development there could be breakage in master upstream

   git clone http://github.com/pastcompute/radare2
   cd radare2
   git checkout tutorial_branch
   ./configure
   make -j
   sudo make symstall

Note, you can install as a normal user if you need to:

   ./configure --prefix=$HOME/path/to/wherever
   make -j
   sudo make symstall
   export PATH=$HOME/path/to/wherever:$PATH

Clone the examples repository, ready for use during the tutorial

   cd
   git clone http://github.com/pastcompute/lca2015-radare2-tutorial

I have already added prebuilt examples to git but there are instructions for building them in git, you will need the arduino IDE or an openwrt buildroot.

Troubleshooting

The tutorial is not until Thursday afternoon. If you need help with the above ping me on Twitter, preferably before the day! @pastcompute