Hardware Hacking 101 – Lesson 1: Beauty, Your Home Lab and Basic Electronics

Hardware hacking is one of those subjects that a lot of hackers appear to have great interest, but most don’t act on that interest. There are a variety of reasons why this may be such as a perceived steep learning curve, financial barrier to entry, and lack of applicability. I’m here to say that these reasons are silly. Hardware hacking can be cheap and easy! And, more importantly, adding hardware hacking to your repertoire of skills can be quite advantageous. Nothing has made this more clear to me than some of the comments I’ve received from other hackers. Here’s a few gems:

“How do you have root already? You haven’t even had the device for half an hour."
"It shouldn’t be able to broadcast that… Can you unlock mine, too?"
"Why does your keyboard have a rave light?"

But, most alarmingly, a lot of the comments are along the lines of "I could never do that." Yes you can! And, if you stick around a bit, I’ll prove it. Throughout this series, we’ll work our way from noob’s first LED swap all the way to dumping secrets from a destroyed IoT device. Any and all ages and experience levels are welcome.
The post Hardware Hacking 101 – Lesson 1: Beauty, Your Home Lab and Basic Electronics appeared first on The Ethical Hacker Network.

Link: https://www.ethicalhacker.net/columns/sindermann/hardware-hacking-101-lesson-1/

Hardware Hacking 101 – Lesson 3: Abusing UART (U Are RooT)

As a reminder, Lesson 1 was a primer on electronics and setting up your lab, and Lesson 2 was an introduction to classical hardware hacking. To get started with security-focused hardware hacking, let’s look at a pretty simple example: getting a root shell by breaking into U-Boot via a serial console. Basically, we’re just going to connect to a serial port, change a boot flag, and get a shell. Sounds simple, right? To some extent, it is! The only real hard parts are finding the serial port, determining the pinout, and determining the timing. No problem, right? By the end of this lesson, you’ll be abusing UART with the best of them.
The unassuming target of this lesson is a Synology RT2600ac wireless router. This is one of the devices that the ISE Labs team assessed as part of our SOHO 2.0 project, but we had a bit of a problem. We had used the device but failed to record the credentials. And the reset button? Broken. This is where getting a hardware shell came in handy. By using a UART to get a shell, I was able to reset the password and get the assessment back on track. Hardware shells allow you to do so much more though, both in the context of repair and in the context of security. It’s a root shell, you can usually do whatever you like.
The post Hardware Hacking 101 – Lesson 3: Abusing UART (U Are RooT) appeared first on The Ethical Hacker Network.

Link: https://www.ethicalhacker.net/columns/sindermann/hardware-hacking-101-lesson-3-abusing-uart-u-are-root/