Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

When my wife and I were expecting our first child, a good baby monitor was one of the top items on our shopping list. They decided on the Motorola Halo+. The security of a baby monitor is important; you do not want creepers looking in.

After reverse engineering the Android application, the author found a command injection on the device via the set_city_timezone function. They used a reboot command to see if the attack had worked.

The command injection would process spaces from the URL as %20 instead of a space. As a result, they had to use {IFS} for spaces in their command injection payload.

While doing additional research into how the MQTT API worked, they went into the MQTT explorer. Immediately, they started seeing messages from all of the other devices! The credentials must have been shared amongst all of the devices, which is horrible.

Good bug description and reverse engineering!