IoT-Implant-Toolkit – Toolkit for Implant Attack of IoT Devices

IoT-Implant-Toolkit - what is IoT devices

Connected devices are part of a scenario in which every device talks to other related devices in an environment to automate home and industry tasks, and to communicate usable sensor data to users, businesses and other interested parties. Because of that the devices that we used is can be categorized as IoT devices and attacker can implat a trojan/malware into IoT devices.

IoT-Implant-Toolkit

IoT-Implant-Toolkit is a framework of useful tools for malware implantation research of IoT devices. It is a toolkit consisted of essential software tools on firmware modification, serial port debugging, software analysis and stable spy clients. With an easy-to-use and extensible shell-like environment, IoT-Implant-Toolkit is a one-stop-shop toolkit simplifies complex procedure of IoT malware implantation.

In our research, we have succcessfully implanted Trojans in eight devices including smart speakers, cameras, driving recorders and mobile translators with IoT-Implant-Toolkit.

A demo video below:

IoT-Implant-Toolkit - Implant Malware into video

How to use

Installation

Make sure you have git, python3 and setuptools installed.
For audio processing and playing, you should install alsa(built-in in linux), sox and ffplay. On ubuntu18.04:

$ sudo apt install sox ffmpeg

Download source code from our Github:

$ git clone https://github.com/arthastang/IoT-Implant-Toolkit.git

Set up environment and install dependencies:

$ cd IoT-Implant-Toolkit/
$ python3 setup.py install 

Run

Run the toolkit:

$ python3 -B IoT-Implant-Toolkit.py
 _____   _______   _____                 _             _       _______          _ _    _ _   
|_   _| |__   __| |_   _|               | |           | |     |__   __|        | | |  (_) |  
  | |  ___ | |______| |  _ __ ___  _ __ | | __ _ _ __ | |_ ______| | ___   ___ | | | ___| |_ 
  | | / _ \| |______| | | '_ ` _ \| '_ \| |/ _` | '_ \| __|______| |/ _ \ / _ \| | |/ / | __|
 _| || (_) | |     _| |_| | | | | | |_) | | (_| | | | | |_       | | (_) | (_) | |   <| | |_ 
|_____\___/|_|    |_____|_| |_| |_| .__/|_|\__,_|_| |_|\__|      |_|\___/ \___/|_|_|\_\_|\__|
                                  | |                                                        
                                  |_|                                                        
            
                                 IoT-Implant-Toolkit
            -------------------------------------------------------------
                      A Framework for IoT implantation research.
 
                                   by Marvel Team
 
            Command:
            list - List all tools
            run - Run a specific tool
            exit - Exit
 
                
[Implant-Toolkit]> 

Three commands supported:
list: list all plugins
run: run a specific plugin with “run [plugin] [parameters]”
exit: exit

Features

Each software tool acts as a plugin which can be easily added into the framework.

There are more than ten plugins in four categories, including topics on serial port debugging, firmware pack&unpack, software analysis, and implanted spy programs.

List of Plugins

Existing plugins in our framework:

CategoriesToolsDescriptionsReference
Serial port debuggingpyserialmodem control and terminal emulation programhttps://github.com/pyserial/pyserial
Serial port debuggingbaudrate.pyfind correct baudratehttps://github.com/devttys0/baudrate
Firmware Pack&Unpackmksquashfscreate and extract Squashfs filesystemhttps://github.com/plougher/squashfs-tools
Firmware Pack&Unpackmkbootimg_toolsUnpack&repack boot.img for Androidhttps://github.com/xiaolu/mkbootimg_tools
Firmware Pack&Unpackcramfsmake cramfs filesystemhttps://sourceforge.net/projects/cramfs/files/cramfs/1.1/
Firmware Pack&Unpackmountimgmount&unmount ext4 filesystems for Android system.img&data.imgOn our github
Software Analysissetools-androidsetools for Android with sepolicy-injecthttps://github.com/xmikos/setools-android
Software Analysiscrosscompliecrosscompile toolchain for armon our Github later
Software Analysisodex unpackOdex to smali for Androidon our Github
Binary implantspy client&servera stable spy client and server, source and pre-built binson our Github
Binary implantdenoise tooldenoise tool for audio porcesson our Github

Create new plugins

Code structure:

--IoT-Implant_toolkit.py         #Startup script
--outputs/                       #Default folder of outputs
--toolkit/                       
  |---core/                      
      |---basic/                 #Basic plugin class defination
      |---cli/                   #Shell-like cli defination
      |---toollist/              #Auto updating toollist of plugins 
  |---plugins/                   
      |---firmware/              #Plugins for firmware modification
      |---implant/               #Plugins for generate spy programs
      |---serialport/            #Plugins for serial port debugging
      |---software/              #Plugins for software analysis especially for Android
  |---tools/                     #Other tools 

Create [newplugin].py in corresponding folder(category) and define init attributes to add a new plugin to IoT-Implant-Toolkit.The framework will detect new plugin automatically when startup.

Other tools

Hardware tools

Essential hardware tools for malware implantation research.See pictures in HardwareTools/ .

NameDescription
Soldering IronSolder tools
Solder WireSolder tools
Solder PasteSolder tools
Solder WickSolder tools
Hot Air GunSolder tools
Reballing ToolReballing tool
usb to ttlDebug / Console cable
Dupont WireElectrical wire
EPROM Burner ProgrammerBurner Programmer

Other useful software tools

We have not added more plugins due to time limitation.

Chart below are tools not fits our framework, but may be useful.

We hope that IoT-Implant-Tookit will be an essential toolkit in malware implantation.

CategoriesToolsDescriptionsReference
Firmware Analysisbinwalka fast, easy to use tool for analyzing, reverse engineering, and extracting firmware imageshttps://github.com/ReFirmLabs/binwalk
Firmware Modifyfirmware mod kita collection of scripts and utilities to extract and rebuild linux based firmware imageshttps://github.com/rampageX/firmware-mod-kit
Cross CompilerbuildrootCross Compiler for arm mips powerpchttps://buildroot.org/

You May Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *

twelve + four =