Fix multiple broken links
parent
af1faa4a8d
commit
5fb3bc7659
|
@ -1,2 +1,6 @@
|
||||||
# HardwareAllTheThings
|
# HardwareAllTheThings
|
||||||
Hardware Pentesting Wiki
|
|
||||||
|
A list of useful payloads and bypasses for Hardware and IOT Security.
|
||||||
|
Feel free to improve with your payloads and techniques !
|
||||||
|
|
||||||
|
I :heart: pull requests :)
|
|
@ -4,6 +4,11 @@
|
||||||
|
|
||||||
:warning: Informations from this repository is very dense, you may encounter information overflow
|
:warning: Informations from this repository is very dense, you may encounter information overflow
|
||||||
|
|
||||||
|
A list of useful payloads and bypasses for Hardware and IOT Security.
|
||||||
|
Feel free to improve with your payloads and techniques !
|
||||||
|
|
||||||
|
I :heart: pull requests :)
|
||||||
|
|
||||||
<p align="center">
|
<p align="center">
|
||||||
<img src="https://raw.githubusercontent.com/swisskyrepo/HardwareAllTheThings/master/docs/assets/logo.png">
|
<img src="https://raw.githubusercontent.com/swisskyrepo/HardwareAllTheThings/master/docs/assets/logo.png" style="max-width: 400px;">
|
||||||
</p>
|
</p>
|
||||||
|
|
|
@ -1,13 +1,5 @@
|
||||||
---
|
|
||||||
cover: >-
|
|
||||||
https://images.unsplash.com/photo-1511497584788-876760111969?ixid=MnwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8&ixlib=rb-1.2.1&auto=format&fit=crop&w=3432&q=80
|
|
||||||
coverY: 0
|
|
||||||
---
|
|
||||||
|
|
||||||
# JTAG
|
# JTAG
|
||||||
|
|
||||||
****
|
|
||||||
|
|
||||||
### Summary
|
### Summary
|
||||||
|
|
||||||
* JTAG Pins
|
* JTAG Pins
|
||||||
|
@ -70,6 +62,6 @@ Arduino PIN Layout
|
||||||
|
|
||||||
### References
|
### References
|
||||||
|
|
||||||
* JTAGulator vs. JTAGenum, Tools for Identifying JTAG Pins in IoT Devices by Dylan Ayrey - https://www.praetorian.com/blog/jtagulator-vs-jtagenum-tools-for-identifying-jtag-pins-in-iot-devices?edition=2019
|
* [JTAGulator vs. JTAGenum, Tools for Identifying JTAG Pins in IoT Devices by Dylan Ayrey](https://www.praetorian.com/blog/jtagulator-vs-jtagenum-tools-for-identifying-jtag-pins-in-iot-devices?edition=2019)
|
||||||
* https://just2secure.blogspot.com/2017/02/jtag-pin-identification.html
|
* [JTAG PIN Identification - February 21, 2017](https://just2secure.blogspot.com/2017/02/jtag-pin-identification.html)
|
||||||
* https://wrongbaud.github.io/jtag-hdd/
|
* [Hardware Debugging for Reverse Engineers Part 2: JTAG, SSDs and Firmware Extraction - Posted Apr 2, 2020 by wrongbaud](https://wrongbaud.github.io/posts/jtag-hdd/)
|
|
@ -18,3 +18,8 @@ JTAG and SWD are similar and can be interfaced with each other:
|
||||||
| TDO | SWV | JTAG Test data output / SWV trace data output |
|
| TDO | SWV | JTAG Test data output / SWV trace data output |
|
||||||
| TMS | SWDIO | JTAG test mode select / SWD data in and out |
|
| TMS | SWDIO | JTAG test mode select / SWD data in and out |
|
||||||
| GND | GND | - |
|
| GND | GND | - |
|
||||||
|
|
||||||
|
|
||||||
|
## References
|
||||||
|
|
||||||
|
* [Hardware Debugging for Reverse Engineers Part 1: SWD, OpenOCD and Xbox One Controllers - Posted Jan 30, 2020 by wrongbaud](https://wrongbaud.github.io/posts/stm-xbox-jtag/)
|
|
@ -1,13 +1,5 @@
|
||||||
---
|
|
||||||
cover: >-
|
|
||||||
https://images.unsplash.com/photo-1526304640581-d334cdbbf45e?ixid=MnwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8&ixlib=rb-1.2.1&auto=format&fit=crop&w=2970&q=80
|
|
||||||
coverY: 0
|
|
||||||
---
|
|
||||||
|
|
||||||
# UART
|
# UART
|
||||||
|
|
||||||
****
|
|
||||||
|
|
||||||
### Summary
|
### Summary
|
||||||
|
|
||||||
* UART
|
* UART
|
||||||
|
@ -43,7 +35,7 @@ Connect to UART using an USB to TTL, then find the `/dev/ttyUSB0` device in the
|
||||||
#### Detect baudrate
|
#### Detect baudrate
|
||||||
|
|
||||||
Standard baud rate are `110`, `300`, `600`, `1200`, `2400`, `4800`, `9600`, `14400`, `19200`, `38400`, `57600`, `115200`, `128000` and `256000`.\
|
Standard baud rate are `110`, `300`, `600`, `1200`, `2400`, `4800`, `9600`, `14400`, `19200`, `38400`, `57600`, `115200`, `128000` and `256000`.\
|
||||||
Auto-detect baud rate using the script : https://github.com/devttys0/baudrate/blob/master/baudrate.py
|
Auto-detect baud rate using the script : [devttys0/baudrate/baudrate.py](https://github.com/devttys0/baudrate/blob/master/baudrate.py)
|
||||||
|
|
||||||
#### Interact with the /dev/ttyUSB0
|
#### Interact with the /dev/ttyUSB0
|
||||||
|
|
||||||
|
@ -79,15 +71,16 @@ It’s an emulation of serial port over BLE. The UUID of the Nordic UART Service
|
||||||
|
|
||||||
* **RX Characteristic** (UUID: 6E400002-B5A3-F393-E0A9-E50E24DCCA9E) : The peer can send data to the device by writing to the RX Characteristic of the service. ATT Write Request or ATT Write Command can be used. The received data is sent on the UART interface.
|
* **RX Characteristic** (UUID: 6E400002-B5A3-F393-E0A9-E50E24DCCA9E) : The peer can send data to the device by writing to the RX Characteristic of the service. ATT Write Request or ATT Write Command can be used. The received data is sent on the UART interface.
|
||||||
* **TX Characteristic** (UUID: 6E400003-B5A3-F393-E0A9-E50E24DCCA9E) : If the peer has enabled notifications for the TX Characteristic, the application can send data to the peer as notifications. The application will transmit all data received over UART as notifications.
|
* **TX Characteristic** (UUID: 6E400003-B5A3-F393-E0A9-E50E24DCCA9E) : If the peer has enabled notifications for the TX Characteristic, the application can send data to the peer as notifications. The application will transmit all data received over UART as notifications.
|
||||||
* nRF UART 2.0 - Nordic Semiconductor ASA - https://play.google.com/store/apps/details?id=com.nordicsemi.nrfUARTv2
|
* [nRF UART 2.0 - Nordic Semiconductor ASA](https://play.google.com/store/apps/details?id=com.nordicsemi.nrfUARTv2)
|
||||||
* Specifications - https://infocenter.nordicsemi.com/index.jsp?topic=%2Fcom.nordic.infocenter.sdk5.v14.0.0%2Fble\_sdk\_app\_nus\_eval.html
|
* [UART/Serial Port Emulation over BLE](https://infocenter.nordicsemi.com/index.jsp?topic=%2Fcom.nordic.infocenter.sdk5.v14.0.0%2Fble_sdk_app_nus_eval.html)
|
||||||
* https://thejeshgn.com/2016/10/01/uart-over-bluetooth-low-energy/
|
* [UART Over Bluetooth Low Energy](https://thejeshgn.com/2016/10/01/uart-over-bluetooth-low-energy/)
|
||||||
|
|
||||||
Example with Micro::bit :
|
Example with Micro::bit :
|
||||||
|
|
||||||
* https://makecode.microbit.org/v1/98535-28913-33692-07418
|
* [https://makecode.microbit.org/v1/98535-28913-33692-07418](https://makecode.microbit.org/v1/98535-28913-33692-07418)
|
||||||
* https://support.microbit.org/support/solutions/articles/19000062330-using-the-micro-bit-bluetooth-low-energy-uart-serial-over-bluetooth-
|
* [Using the micro:bit Bluetooth Low Energy UART (serial over Bluetooth)](https://support.microbit.org/support/solutions/articles/19000062330-using-the-micro-bit-bluetooth-low-energy-uart-serial-over-bluetooth-)
|
||||||
|
|
||||||
### Examples
|
### Examples
|
||||||
|
|
||||||
![](https://developer.android.com/things/images/raspberrypi-console.png) ![](http://remotexy.com/img/help/help-esp8266-firmware-update-usbuart.png)
|
![](https://developer.android.com/things/images/raspberrypi-console.png)
|
||||||
|
![](http://remotexy.com/img/help/help-esp8266-firmware-update-usbuart.png)
|
|
@ -2,15 +2,13 @@
|
||||||
|
|
||||||
## Searchable FCC ID Database
|
## Searchable FCC ID Database
|
||||||
|
|
||||||
An FCC ID is a unique identifier assigned to a device registered with the United States Federal Communications Commission
|
An FCC ID is a unique identifier assigned to a device registered with the United States Federal Communications Commission.
|
||||||
|
|
||||||
* [https://fccid.io/](https://fccid.io/)
|
* [fccid.io](https://fccid.io/)
|
||||||
|
|
||||||
For legal sale of wireless deices in the US, manufacturers must:
|
For legal sale of wireless deices in the US, manufacturers must:
|
||||||
|
|
||||||
* Have the device evaluated by an independent lab to ensure it conforms to FCC standards
|
* Have the device evaluated by an independent lab to ensure it conforms to FCC standards
|
||||||
* Provide documentation to the FCC of the lab results
|
* Provide documentation to the FCC of the lab results
|
||||||
* Provide User Manuals, Documentation, and Photos relating to the device
|
* Provide User Manuals, Documentation, and Photos relating to the device
|
||||||
* [Digitally](https://fccid.io/blog/2014/11/e-label-act/) or physically label the device with the unique identifier provided by the FCC (upon approved application)
|
* [Digitally](https://fccid.io/blog/2014/11/e-label-act/) or physically label the device with the unique identifier provided by the FCC (upon approved application)
|
||||||
|
|
||||||
\
|
|
|
@ -1,9 +1,3 @@
|
||||||
---
|
|
||||||
cover: >-
|
|
||||||
https://images.unsplash.com/photo-1552664730-d307ca884978?ixid=MnwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8&ixlib=rb-1.2.1&auto=format&fit=crop&w=2970&q=80
|
|
||||||
coverY: 0
|
|
||||||
---
|
|
||||||
|
|
||||||
# Firmware Dumping
|
# Firmware Dumping
|
||||||
|
|
||||||
### Summary
|
### Summary
|
||||||
|
@ -148,4 +142,4 @@ sudo unsquashfs -f -d /media/seagate /tmp/file.squashfs
|
||||||
|
|
||||||
![](https://images.squarespace-cdn.com/content/v1/5894c269e4fcb5e65a1ed623/1581004558438-UJV08PX8O5NVAQ6Z8HXI/ke17ZwdGBToddI8pDm48kHSRIhhjdVQ3NosuzDMrTulZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZamWLI2zvYWH8K3-s\_4yszcp2ryTI0HqTOaaUohrI8PIYASqlw8FVQsXpiBs096GedrrOfpwzeSClfgzB41Jweo/Picture2.png?format=1000w)
|
![](https://images.squarespace-cdn.com/content/v1/5894c269e4fcb5e65a1ed623/1581004558438-UJV08PX8O5NVAQ6Z8HXI/ke17ZwdGBToddI8pDm48kHSRIhhjdVQ3NosuzDMrTulZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZamWLI2zvYWH8K3-s\_4yszcp2ryTI0HqTOaaUohrI8PIYASqlw8FVQsXpiBs096GedrrOfpwzeSClfgzB41Jweo/Picture2.png?format=1000w)
|
||||||
|
|
||||||
* https://www.zerodayinitiative.com/blog/2020/2/6/mindshare-dealing-with-encrypted-router-firmware
|
* [MINDSHARE: DEALING WITH ENCRYPTED ROUTER FIRMWARE](https://www.zerodayinitiative.com/blog/2020/2/6/mindshare-dealing-with-encrypted-router-firmware)
|
||||||
|
|
|
@ -21,9 +21,7 @@ Prerequisite:
|
||||||
|
|
||||||
> To load it properly in IDA, open the file, select ATMEL AVR and then select ATmega323\_L.
|
> To load it properly in IDA, open the file, select ATMEL AVR and then select ATmega323\_L.
|
||||||
|
|
||||||
https://thanat0s.trollprod.org/2014/01/loader-un-binaire-arduino-dans-ida/
|
* ESP8266 : [https://github.com/themadinventor/ida-xtensa](https://github.com/themadinventor/ida-xtensa)
|
||||||
|
|
||||||
* ESP8266 : https://github.com/themadinventor/ida-xtensa
|
|
||||||
|
|
||||||
### Loading bare-metal binaries into Radare2
|
### Loading bare-metal binaries into Radare2
|
||||||
|
|
||||||
|
@ -70,11 +68,11 @@ jmp 0x59ae
|
||||||
|
|
||||||
### Loading bare-metal binaries into Ghidra
|
### Loading bare-metal binaries into Ghidra
|
||||||
|
|
||||||
* SVD-Loader for Ghidra: Simplifying bare-metal ARM reverse engineering - https://leveldown.de/blog/svd-loader/
|
* SVD-Loader for Ghidra: Simplifying bare-metal ARM reverse engineering - [svd-loader/](https://leveldown.de/blog/svd-loader/)
|
||||||
|
|
||||||
### ESPTool
|
### ESPTool
|
||||||
|
|
||||||
ESP8266 and ESP32 serial bootloader utility : github.com/espressif/esptool
|
ESP8266 and ESP32 serial bootloader utility : [espressif/esptool](https://github.com/espressif/esptool)
|
||||||
|
|
||||||
```powershell
|
```powershell
|
||||||
josh@ioteeth:/tmp/reversing$ ~/esptool/esptool.py image_info recovered_file
|
josh@ioteeth:/tmp/reversing$ ~/esptool/esptool.py image_info recovered_file
|
||||||
|
@ -87,7 +85,7 @@ Segment 1: len 0x00568 load 0x4010f000 file_offs 0x00000008
|
||||||
|
|
||||||
### nRF5x Firmware disassembly tools
|
### nRF5x Firmware disassembly tools
|
||||||
|
|
||||||
* https://github.com/DigitalSecurity/nrf5x-tools
|
* [DigitalSecurity/nrf5x-tools](https://github.com/DigitalSecurity/nrf5x-tools)
|
||||||
|
|
||||||
```powershell
|
```powershell
|
||||||
$ python3 nrfident.py bin firmwares/s132.bin
|
$ python3 nrfident.py bin firmwares/s132.bin
|
||||||
|
@ -113,8 +111,8 @@ ROM length : 0x5d000
|
||||||
|
|
||||||
### Pure disassemblers
|
### Pure disassemblers
|
||||||
|
|
||||||
* Vavrdisasm -- vAVRdisasm will auto-recognize Atmel Generic, Intel HEX8, and Motorola S-Record files - https://github.com/vsergeev/vavrdisasm
|
* Vavrdisasm -- vAVRdisasm will auto-recognize Atmel Generic, Intel HEX8, and Motorola S-Record files - [vsergeev/vavrdisasm](https://github.com/vsergeev/vavrdisasm)
|
||||||
* ODAweb -- https://www.onlinedisassembler.com/odaweb/
|
* [ODA - The Online Disassembler](https://www.onlinedisassembler.com/odaweb/)
|
||||||
* avr-objdump – gcc kit standard tool
|
* avr-objdump – gcc kit standard tool
|
||||||
|
|
||||||
```powershell
|
```powershell
|
||||||
|
@ -132,7 +130,7 @@ $ simulavr -P atmega128 -F 16000000 –f build-crumbuino128/ex1.1.elf
|
||||||
|
|
||||||
### UEFI Firmware
|
### UEFI Firmware
|
||||||
|
|
||||||
Parse BIOS/Intel ME/UEFI firmware related structures: Volumes, FileSystems, Files, etc - [https://github.com/theopolis/uefi-firmware-parser](https://github.com/theopolis/uefi-firmware-parser)
|
Parse BIOS/Intel ME/UEFI firmware related structures: Volumes, FileSystems, Files, etc - [theopolis/uefi-firmware-parser](https://github.com/theopolis/uefi-firmware-parser)
|
||||||
|
|
||||||
```
|
```
|
||||||
sudo pip install uefi_firmware
|
sudo pip install uefi_firmware
|
||||||
|
@ -143,3 +141,7 @@ $ uefi-firmware-parser --test ~/firmware/*
|
||||||
~/firmware/O990-A03.exe: None
|
~/firmware/O990-A03.exe: None
|
||||||
~/firmware/O990-A03.exe.hdr: DellPFS
|
~/firmware/O990-A03.exe.hdr: DellPFS
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## References
|
||||||
|
|
||||||
|
* [Loader un binaire Arduino dans IDA - Posted on January 26, 2014 by thanatos](https://thanat0s.trollprod.org/2014/01/loader-un-binaire-arduino-dans-ida/)
|
|
@ -1,8 +1,6 @@
|
||||||
# Bus Pirate
|
# Bus Pirate
|
||||||
|
|
||||||
|
![MOSI-MISO](https://iotmyway.files.wordpress.com/2018/05/mode-guide.png)
|
||||||
|
|
||||||
![](https://iotmyway.files.wordpress.com/2018/05/mode-guide.png)
|
|
||||||
|
|
||||||
### Update Bus Pirate
|
### Update Bus Pirate
|
||||||
|
|
||||||
|
@ -18,4 +16,4 @@ sudo flashrom –p buspirate_spi:dev=/dev/ttyUSB0
|
||||||
|
|
||||||
# Dump firmware using a bus pirate (SPI)
|
# Dump firmware using a bus pirate (SPI)
|
||||||
sudo flashrom –p Buspirate_spi:dev=/dev/ttyUSB0,spispeed=1M –c (Chip name) –r (Name.bin)
|
sudo flashrom –p Buspirate_spi:dev=/dev/ttyUSB0,spispeed=1M –c (Chip name) –r (Name.bin)
|
||||||
```
|
```
|
|
@ -1,50 +1,36 @@
|
||||||
---
|
|
||||||
description: https://flipperzero.one/
|
|
||||||
---
|
|
||||||
|
|
||||||
# Flipper Zero
|
# Flipper Zero
|
||||||
|
|
||||||
![FlipperZero](../assets/image.png)
|
![FlipperZero](../assets/image.png)
|
||||||
|
|
||||||
### **Firmwares**
|
### **Firmwares**
|
||||||
|
|
||||||
* Flipper Zero Firmware\
|
* [Flipper Zero Firmware](https://github.com/flipperdevices/flipperzero-firmware)
|
||||||
[https://github.com/flipperdevices/flipperzero-firmware](https://github.com/flipperdevices/flipperzero-firmware)
|
* [Flipper Zero Unleashed Firmware](https://github.com/Eng1n33r/flipperzero-firmware)
|
||||||
* Flipper Zero Unleashed Firmware
|
* [Flipper Zero FW RogueMaster](https://github.com/RogueMaster/flipperzero-firmware-wPlugins)
|
||||||
|
|
||||||
[https://github.com/Eng1n33r/flipperzero-firmware](https://github.com/Eng1n33r/flipperzero-firmware)
|
* [Awesome FlipperZero](https://github.com/djsime1/awesome-flipperzero)
|
||||||
* Flipper Zero FW \[ROGUEMASTER]
|
|
||||||
|
|
||||||
[https://github.com/RogueMaster/flipperzero-firmware-wPlugins](https://github.com/RogueMaster/flipperzero-firmware-wPlugins)
|
|
||||||
|
|
||||||
Awesome FlipperZero: [https://github.com/djsime1/awesome-flipperzero](https://github.com/djsime1/awesome-flipperzero)
|
|
||||||
|
|
||||||
#### Firmware Update
|
#### Firmware Update
|
||||||
|
|
||||||
1. Update to the latest firmware using https://flipperzero.one/update
|
1. Update to the latest firmware using [https://flipperzero.one/update](https://flipperzero.one/update)
|
||||||
2. Download and install qFlipper 
|
2. Download and install qFlipper
|
||||||
3. Connect your Flipper Zero via USB, update to the official firmware
|
3. Connect your Flipper Zero via USB, update to the official firmware
|
||||||
4. Disconnect from USB, power off the Flipper Zero, and remove the SD to prepare it for flashing.
|
4. Disconnect from USB, power off the Flipper Zero, and remove the SD to prepare it for flashing.
|
||||||
5. Download the latest RogueMaster firmware from their Github Page. https://github.com/RogueMaster/flipperzero-firmware-wPlugins
|
5. Download the latest [RogueMaster](https://github.com/RogueMaster/flipperzero-firmware-wPlugins) firmware from their Github Page.
|
||||||
6. Unzip the downloaded .zip and copy the content into /update of the Flipper SD card (including the .dfu)
|
6. Unzip the downloaded .zip and copy the content into /update of the Flipper SD card (including the .dfu)
|
||||||
7. On the Flipper Zero, once booted, press down, and left until you are on the 'Browser' screen. Scroll down until you see the 'update' directory and click on it. 
|
7. On the Flipper Zero, once booted, press down, and left until you are on the 'Browser' screen. Scroll down until you see the 'update' directory and click on it.
|
||||||
8. You should now see the contents you uploaded and an 'update' option. Hover over the 'update' option, click the center button on your Flipper, once again on the 'Run in App' option.
|
8. You should now see the contents you uploaded and an 'update' option. Hover over the 'update' option, click the center button on your Flipper, once again on the 'Run in App' option.
|
||||||
|
|
||||||
### Videos
|
### Videos
|
||||||
|
|
||||||
* Flipper Zero: Want some good news? - Penthertz 
|
* [Flipper Zero: Want some good news? - Penthertz](https://www.youtube.com/watch?v=tB0eYatvu0k)
|
||||||
|
* [Flipper Zero: is this for you? Follow our 1st tests! - Penthertz](https://www.youtube.com/watch?v=W5YYObSBUno)
|
||||||
[https://www.youtube.com/watch?v=tB0eYatvu0k](https://www.youtube.com/watch?v=tB0eYatvu0k)
|
|
||||||
* Flipper Zero: is this for you? Follow our 1st tests! - Penthertz
|
|
||||||
|
|
||||||
[https://www.youtube.com/watch?v=W5YYObSBUno](https://www.youtube.com/watch?v=W5YYObSBUno)
|
|
||||||
|
|
||||||
### Tutorials and Resources
|
### Tutorials and Resources
|
||||||
|
|
||||||
* [https://flipper.pingywon.com/flipper/](https://flipper.pingywon.com/flipper/)\
|
* [Flipper Zero Hacking 101 - pingywon](https://flipper.pingywon.com/flipper/)
|
||||||
[https://flipper.pingywon.com/](https://flipper.pingywon.com/)
|
* [Flipper Zero Playground - UberGuidoZ](https://github.com/UberGuidoZ/Flipper)
|
||||||
* [https://github.com/UberGuidoZ/Flipper](https://github.com/UberGuidoZ/Flipper)
|
* [Flashing Flipper Zero with RogueMaster CFW](https://interestingsoup.com/n00b-guide-flashing-flipper-zero-to-rougemaster/)
|
||||||
* [https://interestingsoup.com/n00b-guide-flashing-flipper-zero-to-rougemaster/](https://interestingsoup.com/n00b-guide-flashing-flipper-zero-to-rougemaster/)
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,10 +1,8 @@
|
||||||
# Micro::bit
|
# Micro::bit
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### Extract source code from firmware
|
### Extract source code from firmware
|
||||||
|
|
||||||
When the source has been build from https://makecode.microbit.org/#editor, the Javascript code is embedded into the firmware.
|
When the source has been build from [https://makecode.microbit.org/#editor](https://makecode.microbit.org/#editor), the Javascript code is embedded into the firmware.
|
||||||
|
|
||||||
```python
|
```python
|
||||||
import bincopy
|
import bincopy
|
||||||
|
|
|
@ -1,8 +1,6 @@
|
||||||
# Default IoT Passwords
|
# Default IoT Passwords
|
||||||
|
|
||||||
|
IoT Device Default Password Lookup : [https://www.defpass.com](https://www.defpass.com)
|
||||||
|
|
||||||
IoT Device Default Password Lookup : https://www.defpass.com
|
|
||||||
|
|
||||||
### Mirai Wordlist
|
### Mirai Wordlist
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,5 @@
|
||||||
# Links & Hardware Kits
|
# Links & Hardware Kits
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### Hardware Challenges & CTF
|
### Hardware Challenges & CTF
|
||||||
|
|
||||||
* [BLE CTF](https://github.com/hackgnar/ble\_ctf)
|
* [BLE CTF](https://github.com/hackgnar/ble\_ctf)
|
||||||
|
@ -31,4 +29,7 @@
|
||||||
|
|
||||||
### Hardware Kit
|
### Hardware Kit
|
||||||
|
|
||||||
![HW1](https://i.ibb.co/WW55LH4/Hardware-Toolkit.jpg) ![HW2](https://i.ibb.co/F3vRmgV/Hardware-Toolkit2.jpg) ![DVID1](https://github.com/Vulcainreo/DVID/raw/master/kit-contents.jpg) ![Ph0wn Basic](https://pbs.twimg.com/media/ELVWNyKWwAAPa0T?format=jpg\&name=900x900)
|
![HW1](https://i.ibb.co/WW55LH4/Hardware-Toolkit.jpg)
|
||||||
|
![HW2](https://i.ibb.co/F3vRmgV/Hardware-Toolkit2.jpg)
|
||||||
|
![DVID1](https://github.com/Vulcainreo/DVID/raw/master/kit-contents.jpg)
|
||||||
|
![Ph0wn Basic](https://pbs.twimg.com/media/ELVWNyKWwAAPa0T?format=jpg\&name=900x900)
|
||||||
|
|
|
@ -1,7 +1,5 @@
|
||||||
# LoRa
|
# LoRa
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### LoRa with Arduino on 868.1MHZ
|
### LoRa with Arduino on 868.1MHZ
|
||||||
|
|
||||||
[arduino-LoRa](https://github.com/sandeepmistry/arduino-LoRa)\
|
[arduino-LoRa](https://github.com/sandeepmistry/arduino-LoRa)\
|
||||||
|
|
|
@ -8,7 +8,7 @@ MQTT client:
|
||||||
* [MQTT CLI](https://asciinema.org/a/DlPmJwXbhuAURHseamGdMy4z3/embed?speed=2\&autoplay=true)
|
* [MQTT CLI](https://asciinema.org/a/DlPmJwXbhuAURHseamGdMy4z3/embed?speed=2\&autoplay=true)
|
||||||
* [MQTT Lens](https://chrome.google.com/webstore/detail/mqttlens/hemojaaeigabkbcookmlgmdigohjobjm)
|
* [MQTT Lens](https://chrome.google.com/webstore/detail/mqttlens/hemojaaeigabkbcookmlgmdigohjobjm)
|
||||||
* MQTT.fx
|
* MQTT.fx
|
||||||
* mosquitto\_tools
|
* mosquitto_tools
|
||||||
|
|
||||||
Scan an MQTT with nmap : `nmap -p 1883 -vvv --script=mqtt-subscribe -d sensors.domain.com`
|
Scan an MQTT with nmap : `nmap -p 1883 -vvv --script=mqtt-subscribe -d sensors.domain.com`
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,5 @@
|
||||||
# RFID NFC
|
# RFID NFC
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### Install and configuration
|
### Install and configuration
|
||||||
|
|
||||||
Dependencies to install first :\
|
Dependencies to install first :\
|
||||||
|
|
|
@ -1,7 +1,5 @@
|
||||||
# SPI
|
# SPI
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### Dump Firmware via SPI
|
### Dump Firmware via SPI
|
||||||
|
|
||||||
```powershell
|
```powershell
|
||||||
|
|
|
@ -1,7 +1,5 @@
|
||||||
# Wifi
|
# Wifi
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### Tools
|
### Tools
|
||||||
|
|
||||||
* Wifite - https://github.com/derv82/wifite
|
* Wifite - https://github.com/derv82/wifite
|
||||||
|
@ -689,6 +687,6 @@ aircrack-ng -J network network.cap
|
||||||
|
|
||||||
### References
|
### References
|
||||||
|
|
||||||
* https://uceka.com/2014/05/12/wireless-penetration-testing-cheat-sheet/
|
* [Wireless Penetration Testing Cheat Sheet [UPDATED – 2022]](https://uceka.com/2014/05/12/wireless-penetration-testing-cheat-sheet/)
|
||||||
* https://www.doyler.net/security-not-included/aireplay-0841-attack
|
* [Aireplay 0841 Attack – Introduction](https://www.doyler.net/security-not-included/aireplay-0841-attack)
|
||||||
* https://gist.github.com/s4vitar/3b42532d7d78bafc824fb28a95c8a5eb
|
* [Preparación para el OSWP (by s4vitar)](https://gist.github.com/s4vitar/3b42532d7d78bafc824fb28a95c8a5eb)
|
Loading…
Reference in New Issue