I wanted to create a hardware pentesting sample report so when clients ask for a sample report I’m not giving them a web app one and saying “It’s like this but different”. I knew a cheap router from china would … Continue reading
Side Channel Timing Attack
I decided to have a play with some side channel analysis attacks, What seemed like the easiest to attempt is a timing attack, so here is my findings. All the code for this is available at https://rossmarks.uk/git/0xRoM/Hardware in the “/SideChannel/ATtiny85_Timing_Attack” … Continue reading
Fault Injection – Crowbar Glitching
All the code for this is available here: https://rossmarks.uk/git/0xRoM/Hardware Fault injection is a technique in hardware penetration testing, used to assess and exploit vulnerabilities within physical devices by intentionally inducing errors or “faults” into a system. This enables us to understand … Continue reading
FaultyCat Introduction
At the most recent Defcon (32) along with too many badges I purchased a “FaultyCat”. A small EMFI injection device. It’s a remix of the “PicoEMP”. Basically you charge up some capacitors (under the red plastic in the below photo), … Continue reading
Pacemaker Pwn Pt.1
About the base station Before diving straight in and hacking a pacemaker we will start by attacking the base station. The pacemaker talks to the base station, this is a small box that is left beside the bed. At night, … Continue reading
GL iNet 300M Fun (Pt.3)
I recently stumbled across these cute little boards on amazon and HAD to get some, without a project in mind. I quickly decided these would make an awesome little hardware backdoor/implant, and it just so happens I have a little … Continue reading
AI Mail Tester
AI is a hot topic at the moment and I wanted an excuse to play with it and learn how to use OpenAI’s API. It is likely that email companies will be using AI to determine email legitimacy, and I … Continue reading
Permanent frida hacks
I’ve always wanted to make my frida scripts permanent in the applications I’ve hacked but always thought it was too difficult, well I recently revisited this idea and realized how easy it actually is. So here is a quick guide … Continue reading
Weekend Prototyping
This blog I’ll demonstrate how I made a prototype product in a weekend, the project “wakeup glasses” is a bit of a joke and a bit crap, but just a little bit of fun. The takeaway here isn’t the end … Continue reading
Making a PCB at home
So to start with a small disclaimer, I have only ever made this one PCB, so I am no expert! Hopefully though this might give people an insight as to how it’s done and maybe encourage others to give it … Continue reading
Breaking a smart lock
For this post we will be playing with the following: Once it arrived the first thing to do was to download the app (playstore link) connect the device, lock and unlock it a few times. It was fairly trivial and … Continue reading
Reversing an ATtiny85
I wanted to give a quick demo on how to reverse engineer an ATtiny85 micro-controller to read the code stored on the device. For this demo the “hello world” is a small circuit with four buttons. By typing in the … Continue reading
Akord / Nexx Router fun
So again, I got a cheap and nasty router from Amazon: Firstly it came without instructions, but on the bottom it has it’s default IP and credentials: Going to the IP in a web browser your presented with the most … Continue reading
SafeCrack play and build guide
Play guide To start a new game the dial should be turned clockwise.The LED under the dial will get brighter the closer you are to the goal.Once you are in the goal segment turn the dial in the opposite direction.The … Continue reading