Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Deral Heiland is one of the best IoT Hackers out there. He helps at IoT Village, works at Rapid7 and has done many, many talks/posts throughout the years. In this instance, he gives us a live demo of how he does things.

UBoot is the main boot mechanism used on embedded devices. So, finding vulnerabilities in a device that allow you to boot in this way are fairly significant!

UBoot is a unique compilation for each device it is on. So, features and things are majorly differ depending on the company using it.

He shares a few tricks throughout this presentation. To start with, there may be a button to press in order to interrupt the boot process (such as CTRL+C). Pressing this may work, but differs per compilation.

Another trick he shows (for getting into the UBoot console) is shorting out the data line for the kernel being read from external memory. By doing this, UBoot just drops into a shell because the loading of the OS failed.

Finally, he goes over the UBoot interface itself and how it can be used in order to get data/control the device.

This video goes step-by-step (with a camera on the device) on how to do all of the stuff described above. Super awesome talk with many demos included from a legend in the field.