固件获取

Common ways:

• Dump the flash sniffer from network traffic when updating

• get a shell from serial connection ssh/telnet Nday/0day attack etc

• Social engineering