BlackMarble

0x02 0DAYALLDAY RESEARCH EVENT - Hardware Hacking

Hacking, Drinking, & Hacking...

When: September 29th, 2018
Time: 10:00 AM to 11:59 PM
Where: GeniusDen 3106 Commerce St, Dallas, TX 75226

RSVP on Meetup

Food & Drinks:

  • There are several great places nearby to grab food.
  • There will be some free booze (vodka, whiskey, beer) If you want you can bring some more.

Rules:

  • Must participate. Researching for others counts
  • If you find a vulnerability it's yours. (Unless otherwise noted. Vulnerabilities that involve health or known to be sue happy it will be required to do full disclosure to protect all involved.)
  • If there is a bug bounty you get to choose what to do with the money. Sponsor next event or keep it. Maybe a little of both.
  • Smoking analog or vape please step outside.
  • Don't be a dick.

Prize's:

  • Most found CVE's - $50 Gift Card to Amazon
  • Best vulnerability found - $25 Gift Card to Amazon
  • Community MVP - $25 Gift Card to Amazon
  • Miss Congeniality - Hugs and Free 0DayAllDay T-Shirt

Hacking:

This quarters theme is Hardware Hacking.

  • Arris Surfboard - Model SB6141 (Forced full disclosure)
  • Netgear - CM500-100NAS Cable Modem (Forced full disclosure)
  • AT&T Router/Gateway - Model 5268ac
  • Guardzilla - All-In-One Video Security System
  • D-Link N300 WiFi Router - Model DIR-605L H/W Ver.: B3, F/W Ver.: 2.09UI
  • TP-Link 300 Wireless N Router - Model TL-WR841N
  • TP-Link 150 Wireless N Router - Model TL-WR741ND
  • Carl and Stuart Flexi Cam
  • Space Invaders
  • WYZE Cam - Model WYZECP1
  • Couple surprise targets as well.
  • If you have something you want to hack on feel free to bring it. (Please note you will have to relieve us of any damage that might happen, aka we will most likely break it.)

Details of targets

Listed here is any work done by others and can be used as reference or to jump start our work.

  • Car and Stuart Flexi Cam Blog
  • AT&T Router/Gateway Blog
  • AT&T Router/Gateway Slides
  • Guardzilla Not really vulnerabilities but interesting info that should be validated Post
  • TP-Link 300 TL-WR841N We have already done some work on this one and found some easy wins.
  • All targets should be Googled before hand just to double check if there is any pre-existing work.

Getting started

  • Slides INIT_6 did for PWN School. Brief overview Slides

Tools & Equipment

  • Laptop is required
  • If you have a Bus Pirate, Shikra, OSEPP FTDI, JTagulator, or any UART or JTAG equipment you should bring it.  We will have enough equipment for teams of 3 or 4 people. That being said more is always better.
  • We will have 2 soldering irons, Header pins, jumper wires, etc However, if you have some feel free to bring it.

Software

  • Kali Linux (Already has most of the tools needed, You can use Windows but Linux will be better)
  • Binwalk GitHub Make sure you follow the this install guide and do all the dependencies. GitHub Wiki
  • OpenOCD for JTag Site
Author image
About INIT_6
DFW Website
Jason is well known in the InfoSec field as an expert in hardware, web app, and mobile applications exploit research. Jason frequently speaks at security events, and active in the local community.