I wanted to create a hardware pentesting sample report so when clients ask for a sample report I’m not giving them a web app one and saying “It’s like this but different”. I knew a cheap router from china would … Continue reading
Category Archives: Electronics
Side Channel Timing Attack
I decided to have a play with some side channel analysis attacks, What seemed like the easiest to attempt is a timing attack, so here is my findings. All the code for this is available at https://rossmarks.uk/git/0xRoM/Hardware in the “/SideChannel/ATtiny85_Timing_Attack” … Continue reading
Fault Injection – Crowbar Glitching
All the code for this is available here: https://rossmarks.uk/git/0xRoM/Hardware Fault injection is a technique in hardware penetration testing, used to assess and exploit vulnerabilities within physical devices by intentionally inducing errors or “faults” into a system. This enables us to understand … Continue reading
FaultyCat Introduction
At the most recent Defcon (32) along with too many badges I purchased a “FaultyCat”. A small EMFI injection device. It’s a remix of the “PicoEMP”. Basically you charge up some capacitors (under the red plastic in the below photo), … Continue reading
Pacemaker Pwn Pt.1
About the base station Before diving straight in and hacking a pacemaker we will start by attacking the base station. The pacemaker talks to the base station, this is a small box that is left beside the bed. At night, … Continue reading
GL iNet 300M Fun (Pt.3)
I recently stumbled across these cute little boards on amazon and HAD to get some, without a project in mind. I quickly decided these would make an awesome little hardware backdoor/implant, and it just so happens I have a little … Continue reading
Weekend Prototyping
This blog I’ll demonstrate how I made a prototype product in a weekend, the project “wakeup glasses” is a bit of a joke and a bit crap, but just a little bit of fun. The takeaway here isn’t the end … Continue reading
Making a PCB at home
So to start with a small disclaimer, I have only ever made this one PCB, so I am no expert! Hopefully though this might give people an insight as to how it’s done and maybe encourage others to give it … Continue reading
Breaking a smart lock
For this post we will be playing with the following: Once it arrived the first thing to do was to download the app (playstore link) connect the device, lock and unlock it a few times. It was fairly trivial and … Continue reading
Reversing an ATtiny85
I wanted to give a quick demo on how to reverse engineer an ATtiny85 micro-controller to read the code stored on the device. For this demo the “hello world” is a small circuit with four buttons. By typing in the … Continue reading
Akord / Nexx Router fun
So again, I got a cheap and nasty router from Amazon: Firstly it came without instructions, but on the bottom it has it’s default IP and credentials: Going to the IP in a web browser your presented with the most … Continue reading
SafeCrack play and build guide
Play guide To start a new game the dial should be turned clockwise.The LED under the dial will get brighter the closer you are to the goal.Once you are in the goal segment turn the dial in the opposite direction.The … Continue reading
GL iNet 300M Fun (Pt.2)
If you haven’t read Part 1 I’d recommend doing so, just to know the current state of play. But to recap, everything runs as root, it’s easy to brute force and serial is easy to identify and access dropping to … Continue reading
GL iNet 300M Fun (Pt.1)
I would like to preface this by stating that I have no idea what I am doing, I am just playing and messing around and you probably shouldn’t take my word as gospel! That being said, I feel like I’ve … Continue reading
