Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer

During hardware assessments, it is common to come accross devices implementing U-Boot. This article aims to describe what it is, why it could be interesting from an offensive perspective, and the attack surface associated with this popular bootloader.

Das U-boot, the Universal Boot Loader, or U-Boot, is a bootloader for embedded boards based on PowerPC, ARM, MIPS, and several other processors, which can be installed in a boot ROM and used to initialize and test the hardware or to download and run application code. All supported devices may be used as the ROM: an SD card, a SATA drive, a NOR flash, a NAND flash… U-Boot comes with a lot of functionalities like network support, USB protocol stack support, loading ram disk etc. It can also implement several kinds of file systems, including FAT32, ext2, ext3 or ext4. I hack, U-Boot