Conference logo

Introducing utk-web - a web developer's view on firmware - Daniel Maslowski

rc3-r3s - MON r3s Rhein VHS - 12/29/2020

This talk introduces utk-web, a feature-rich firmware image exploration tool that runs in the web browser. Based on [Fiano](https://github.com/linuxboot/fiano)'s `utk`, it aims to support firmware developers and analysts through quick navigation and tricks from the web development world. In addition to the functionalities themselves, a seamless and comprehensible user experience plays a key role.

UEFI firmware has become increasingly popular in the industry, not only for x86, but also other architectures such as Arm and RISC-V. The complexity of UEFI requires rich tools to work with firmware images for both assembly and analysis. Closed, proprietary, non-public tools exist, and there are open source tools that can already parse and print out structured information, some offering reassembly features. The [Fiano](https://github.com/linuxboot/fiano) suite from the [LinuxBoot](http://linuxboot.org/) project includes `utk`, the UEFI toolkit. Following a [draft for a web UI](https://github.com/linuxboot/fiano/pull/306), utk-web was created, aiming to visualize `utk`'s output. After about three months of development, it has matured to a level where its usefulness already paid off in multiple occasions. Leveraging additional utilities such as [PSPTool](https://github.com/PSPReverse/PSPTool) and [uefi-firmware-parser](https://github.com/theopolis/uefi-firmware-parser), it is being extended to support others such as [Mimoja's Firmware Toolkit](https://github.com/Mimoja/MFT-AnalyserV2), [MEAnalyzer](https://github.com/platomav/MEAnalyzer) and [UEFITool](https://github.com/LongSoft/UEFITool) as well, potentially even more, depending on demand. What it means to integrate with all of these utilities, how to support different output formats and regions in firmware and how the encountered challenges could be solved conclude this talk.

Share this talk:
https://c3stream.de/Info?guid=e79d1b68-0340-586d-94ce-ef2ec88c94ea