There isn’t a lot of content online discussing how to dump a QNX IFS partition, so I thought I’d write up a few paragraphs here to spread the tips and tricks that I’ve learned.

(If you just want the tl;dr and already know what IFS partitions are, scroll to the bottom!)

It’s not often you look to extract an embedded device’s firmware over the network. Luckily, it’s possible with SSH! We’ll go over a few techniques for dumping raw block device bytes out onto the network to facilitate quick extraction of device firmware for static analysis on a separate host computer.