Baremetal Rasberry Pi Zero CTF Challenges
Motivation
Develop unique CTF Challenges
Give myself a challenge
Realistic view of how ARM is used in microcontrollers
Key Differences (from reversing Linux binaries)
No Operating System
No Security Features
No File System
No Heap (needs to be implemented)
Code + Data in same memory section
No Standard Libraries by Default
No Symbols/Not an ELF file
No Virtual Memory by Default
What that means for Developers?
Really, really weird things...
Malloc Implenetation Example
Linux Implementation
https://code.woboq.org/userspace/glibc/malloc/malloc.c.html
Over 5500 lines to ensure that it is writing in heap correctly
Virtual Memory
What that means for Exploiters/Reverse Engineers?
Resources
https://github.com/bztsrc/raspi3-tutorial
Learning Baremetal Firmware Development
https://medium.com/codex/reverse-engineering-bare-metal-low-level-kernel-images-with-qemu-getting-started-c705b7b14d35
Full Walkthrough of Solving Furor
https://ctftime.org/writeup/27578