Internship : Map your firmware with Pyrrha

Quarkslab is a French infosecurity company. Our expertise lies in combining offensive and defensive security to help organizations adopt a new security posture: forcing attackers, not defenders, to constantly adapt.

Through our consulting services and software solutions, we provide tailored solutions to organizations, assisting them in protecting their assets, sensitive datas, and users against increasingly sophisticated attacks.

We develop two commercial software products: QFlow, for protection against threats and malware, and QShield, for the protection of applications, keys, and data.

About QLab

At Quarkslab, there is a business unit called QLab. More than 45 engineers are working on internal and external projects focusing on the following themes:

• Reverse Engineering: Understanding the functioning of a program without access to the source code;

• Cryptography: Analyzing or designing cryptography in applications to enhance security properties;

• Vulnerability Research: Evaluate the target toughness, identifying vulnerabilities, and developing achievements;

• Hardware and Software Security: Working on smart card-based systems, designing software and hardware architectures, and testing their security levels.

We consider internships as opportunities to spot profiles that match how we work. They are intended to guide students to enter the professional world as potential future colleagues if they feel like it. We love interns because they bring fresh air to the company and because we see them grow, not only during the internship but also after, when they are hired and can get to work on so many other topics. There are two goals in every internship we offer:

1. Exploring a topic we don't necessarily know very well, hence training the new expert on the topic;

2. Hiring you after the internship to keep and share your new expertise with colleagues.

Training and growing people in the security industry is part of the company's DNA. That is why we provide in-depth blogposts, tools, trainings, weekly internal conferences (called Fridaycon, guess when they are), we teach in universities and schools, write articles in tech magazines and send our less experienced hires to a 6-month intensive training program (BADGE-RE or BADGE-SO). Sharing is caring, but sharing is also learning. We provide the environment for that the rest relies on you.

Nowadays, structured firmwares can be a complete OS with thousands of files. It usually requires several hours to find the links between some components, and it is easy to get lost in this mass of information. At Quarkslab, we have combined and extended open-source solutions to solve this issue and help reversers in their daily tasks. The resulting tool, Pyrrha, allows users to visualize the different binaries and libraries of the firmware and their interactions in the form of several dependency graphs.

Pyrrha is an extension of Sourcetrail, an open-source code source explorer (for c/cpp, Python, and Java). This extension uses LIEF to analyze imports and exports of each library and binary of the firmware and create links between them. The result is exported as a sourcetrail database. Thanks to the Sourcetrail UI, the user will be able to navigate and search in the resulting firmware mapping.

What you will do

This internship's goal is to enhance Pyrrha's capabilities. As Pyrrha uses Sourcetrail, the first task will be to patch this tool to keep it working and to extend its functionality as it is an archived project. Then, you will improve the Pyrrha filesystem parser by adding new features. Finally, you will create a new parser to explore the code source of an already compiled binary.

Required Skills

• Good Python skills

• C++ basics.

How to apply :

• A resume;

• A cover letter: avoid the generic letter saying that you are so motivated and that we are so interesting. We welcome a more personal letter which explains why the topic is of particular interest to you, why you, and why us;

• Your proposed solution to the assignment attached to the offer you are interested in;

• Your preference between pain au chocolat or chocolatine.

Disclaimer : Any application that does not contain an assignment will be rejected.

Assignment

This challenge goal is to create an unpacker for Android OTA update files as a Python package. The provided script challenge.py describes the required features of your module and provides hints on how OTA files can be unpacked. Your package should be able to extract at least the provided OTA file.

If you have any question regarding the understanding of the file format to extract do not hesitate to contact us, this challenge is done to evaluate your level in Python development not your ability to understand complex file formats.

You will find the files to download on our blog : https://blog.quarkslab.com/internship-offers-for-the-2023-2024-season.html#pyrrha