Ok, you are tired of searching for XSS and XSRF in the web interface of a router to make it yours (root access)
So how can we attack or hack the hardware?
Hardware is any type of device with a PCB you can physically access.
This post wil be a reference list for what tools you want to (MUST) have
Follow up blogposts will go through the tools in more detail
Tools (HW):
- Buspirate by Dangerous Prototypes
–Open Source Hardware design!
–So many different features that I wont even start enumerating them..
I recommend the 3.6 Version as 4.X has been in “development” phase for many years and you get most compatibility with tools using that version. - A general USB to FTDI serial communications card
–Dirt cheap
–Be sure to buy one with support for Vcc=3.3V and Vcc=5V - Soldering station
- General GPIO pins for attaching to PCBs
- Jumper cables or dupont cables
- At least some decent wires/cables
- Multimeter(!!)
Tools (SW):
- Flashrom
- Binwalk
- Firmware toolkit
- Refirmware
- TTY interpreter (Windows)
Linux has built in via terminal, command is
> monitor /dev/ttyX %BAUDRATE%
Be sure to either run as root via sudo or add your user to the singnals-out permission usergroup.
Brainware:
- Patience, a lot of patience
- Think before you act
- Never try to connect to something attached to its normal PSU or that is on and running.
- A curiosity that survives all the first failed attempts. Take note and analyze what went wrong.
