#04 How To Get The Firmware Hardware Hacking Tutorial

Tanki Online Crystal Generator

If you are struggling to get the firmware out of your device, this is the video for you!

In this video I will explain the possible ways we can use to to get the firmware of our IoT device.

I will do a practical example, of one of these possible ways. I will connect the PC to the UART of our sample device, I will analyze the boot log, I will access the command line interface of the boot loader, and I will dump the firmware, exploiting the dump command available in the boot loader. I will use a couple of scripts, do dump the entire EEPROM in an hexadecimal ASCII text file, and, then, to convert back this file in binary form to get the exact image of the EEPROM.

********* Links with additional Information


Channel’s Web

The sample router (Gemtek WVRTM-127ACN) on

The sample router (Gemtek WVRTM-127ACN) reverse engineered on GitHub, includes scripts to dump the EEPROM to a text file and to convert it back to binary

TTL Serial Adapter (affiliate link):

PuTTY, the terminal

Wireshark, Ethernet

Curl, command line tool for transferring data with

Wget, retrieving files with

Mitmproxy, a free and open source interactive HTTPS


OpenOcd, On Chip

U-Boot, The Universal Boot

Buildroot, a simple, efficient and easy-to-use tool to generate embedded Linux systems through

Binwalk, a fast, easy to use tool for analyzing, reverse engineering, and extracting firmware

SOIC8 SOP8 Flash Chip IC Test Clips Socket Adpter BIOS/24/25/93/95 Programmer (affiliate link):

Tanki Online Crystal Generator