Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore the reverse engineering of MediaTek Wi-Fi firmware in this 41-minute conference talk that reveals the internal workings of widely-used chips powering smartphones, routers, IoT devices, and notebooks. Discover how researchers Daniel Wegemer and Edoardo Mantovani demystified the previously undocumented NDS32 architecture by overcoming significant technical challenges including undocumented hardware peripherals with CRC32 integrity checks and XOR cipher-protected firmware. Learn about the novel techniques developed to dump protected ROMs on hardware with restricted debug access, and see demonstrations of unlocking powerful hidden features such as raw I/Q data streaming (ICAP mode) and Channel State Information (CSI). Gain insights into the open-source tool suite being released to the community, including firmware parsers, patchers, ROM dumpers, automatic descramblers, and utilities for interacting with newly discovered low-level interfaces. Understand how this research opens new possibilities for Wi-Fi security research and custom firmware development by liberating MediaTek Wi-Fi chips and unleashing their hidden potential.
