This blog post has been created for completing the requirements of the SecurityTube Offensive Internet of Things course. http://www.securitytube-training.com/online-courses/offensive-internet-of-things- exploitation/index.html Student ID: IoTE-728 In this post I will show how I debugged an application with gdb remotely. The application can be debugged on the IoT device. In this case the gdb should be installed…
Offensive IoT Exploitation Exam – Replay attack with HackRF
This blog post has been created for completing the requirements of the SecurityTube Offensive Internet of Things course. http://www.securitytube-training.com/online-courses/offensive-internet-of-things- exploitation/index.html Student ID: IoTE-728 In this post I show you how I used the HackRF to capture a remote controller signal of a smart plug and used the captured signal for a replay attack. Replay…
Offensive IoT Exploitation Exam – JTAG on MIPS Creator Ci40
This blog post has been created for completing the requirements of the SecurityTube Offensive Internet of Things course. http://www.securitytube-training.com/online-courses/offensive-internet-of-things- exploitation/index.html Student ID: IoTE-728 In this post I will show how I connected to the MIPS Creator Ci40 with Bus Blaster V3c via JTAG. The MIPS Creator Ci40 board has a MIPS EJTAG interface. I…
Offensive IoT Exploitation Exam – Determine JTAG pinout with Arduino
This blog post has been created for completing the requirements of the SecurityTube Offensive Internet of Things course. http://www.securitytube-training.com/online-courses/offensive-internet-of-things- exploitation/index.html Student ID: IoTE-728 The most interesting part of the Offensive IoT Exploitation course was the JTAG part. I did not have any device with JTAG capabilities, so I bought a MIPS Creator Ci40 IoT…
Offensive IoT Exploitation Exam – Sniffing BLE traffic with Adafruit
This blog post has been created for completing the requirements of the SecurityTube Offensive Internet of Things course. http://www.securitytube-training.com/online-courses/offensive-internet-of-things- exploitation/index.html Student ID: IoTE-728 I examined a smart light bulb which can be controlled via Bluetooth Low Energy. After I installed the device and installed and configured the mobile phone application of the smart bulb,…
Offensive IoT Exploitation Exam – Analysis of the Android app of the mylink web camera
This blog post has been created for completing the requirements of the SecurityTube Offensive Internet of Things course. http://www.securitytube-training.com/online-courses/offensive-internet-of-things- exploitation/index.html Student ID: IoTE-728 My web camera can be used with MyDLink Lite android application. It can search web cameras on local network, but it can also connect to a cloud service and display a registered…
Offensive IoT Exploitation Exam – Format string vulnerability on ARM architecture
This blog post has been created for completing the requirements of the SecurityTube Offensive Internet of Things course. http://www.securitytube-training.com/online-courses/offensive-internet-of-things- exploitation/index.html Student ID: IoTE-728 During the Offensive IoT Exploitation course I learned the basics of writing buffer overflow exploits on ARM and MIPS architecture. I also learned how to debug and analyze applications on those…
Offensive IoT Exploitation Exam – WPS on TP-Link WR841n v11
This blog post has been created for completing the requirements of the SecurityTube Offensive Internet of Things course. http://www.securitytube-training.com/online-courses/offensive-internet-of-things- exploitation/index.html Student ID: IoTE-728 On the back of my TP-Link router I found some information regarding the device including the default WPS PIN number and SSID. WPS is a fast way of connecting wifi devices…
Offensive IoT Exploitation Exam – Dynamic analysis of a mydlink web camera
This blog post has been created for completing the requirements of the SecurityTube Offensive Internet of Things course. http://www.securitytube-training.com/online-courses/offensive-internet-of-things- exploitation/index.html Student ID: IoTE-728 In my previous post, I examined the firmware of a mydlink web camera with the binwalk tool. In this post I continue the examination of the IoT device with dynamic analysis. I configured…
Offensive IoT Exploitation Exam – Backdooring a firmware
This blog post has been created for completing the requirements of the SecurityTube Offensive Internet of Things course. http://www.securitytube-training.com/online-courses/offensive-internet-of-things- exploitation/index.html Student ID: IoTE-728 In this post I am going to create a backdoored firmware. I am going to use the firmware of my TP-Link WR841n v11 router. The original firmware can be downloaded from here….
- This blog is dedicated to my research and experimentation on ethical hacking. The methods and techniques published on this site should not be used to do illegal things. I do not take responsibility for acts of other people.
-
Recent Posts
Categories
- Android (5)
- Fusion (2)
- IoT (13)
- Main (3)
- Mobile (6)
- Protostar (24)
- SLAE32 (8)
- VulnServer (6)
- Windows Reverse Shell (2)