I wanted to create a hardware pentesting sample report so when clients ask for a sample report I’m not giving them a web app one and saying “It’s like this but different”. I knew a cheap router from china would … Continue reading
Category Archives: Security
Side Channel Timing Attack
I decided to have a play with some side channel analysis attacks, What seemed like the easiest to attempt is a timing attack, so here is my findings. All the code for this is available at https://rossmarks.uk/git/0xRoM/Hardware in the “/SideChannel/ATtiny85_Timing_Attack” … Continue reading
Breaking a smart lock
For this post we will be playing with the following: Once it arrived the first thing to do was to download the app (playstore link) connect the device, lock and unlock it a few times. It was fairly trivial and … Continue reading
Reversing an ATtiny85
I wanted to give a quick demo on how to reverse engineer an ATtiny85 micro-controller to read the code stored on the device. For this demo the “hello world” is a small circuit with four buttons. By typing in the … Continue reading
Akord / Nexx Router fun
So again, I got a cheap and nasty router from Amazon: Firstly it came without instructions, but on the bottom it has it’s default IP and credentials: Going to the IP in a web browser your presented with the most … Continue reading
BLE CTF Walkthrough
So a pentest friend came over that I hadn't seen in a while, and as always we had an evening of nerding out, one of the many takeaways from this was he gave me a small device and a link … Continue reading
Vulnhub: Resimler: BTRSys v2.1
OK one last Vulnhub VM for today, this time is the second in the series: Resimler: BTRSys v2.1, This one is a bit more difficult than the previous, but only marginally. Getting this VM up and running is a pain, first … Continue reading
Vulnhub: Resimler: BTRSys v1
Wow two in one day! It must be a record… or the fact I am ill, either way here’s another write-up. This time I will be doing Resimler: BTRSys v1, It’s a fairly straight forward Boot2Root and for people familiar to these … Continue reading
Vulnhub: LazySysAdmin: 1
Back once again with another vulnhub writeup, you guys seem to like these and a load of new VM’s were added that currently don’t have any. As you can tell by the title this one is for “LazySysAdmin: 1” My … Continue reading
Protecting your-cyber-self
Some of my friends have recently noticed the “snoopers charter” and taken interest on protecting their digital selves. I’m hoping this can help them or anyone else interested on how to accomplish at least a bit of this. Not only … Continue reading
Simple CAPTCHA issue
So a friend of mine is working on a CAPTCHA solving program. I can't go into the details here as it's not my work therefore it's not up to me to disclose. This did peak my interest slightly as I … Continue reading
Vulnhub: Proteus
So here is my write up for the vulnhub challenge “Proteus” which can be downloaded from: https://www.vulnhub.com/entry/proteus-1,193/ This interested me as there is no walkthrough as it was released two days ago, and was a straight forward boot to root. Nice … Continue reading
Android App – “Random Adventure”
It’s no secret that I’m a fan of old-school ASCII rouguelikes, I run a UnNethack server – guis.es. Being on the android binge that I’m currently enjoying I decided to have a play with one of these from the play … Continue reading
Setting up an Iodine server
What is Iodine? Basically it’s a server that allows you to tunnel traffic through DNS Why would I want this? There are multiple uses for this, the ones that come to mind are: – Get free internet from paid wifi … Continue reading