hacking consumer devices for fun and profit
play

Hacking Consumer Devices for Fun and Profit An Insider's View of - PowerPoint PPT Presentation

Apr 13, 2023 •25 likes •285 views

Hacking Consumer Devices for Fun and Profit An Insider's View of the NSLU2-Linux Open-Source Project Rod Whitby <rod@whitby.id.au> NSLU2-Linux Project Lead Hacking Consumer Devices for Fun and Profit 5. Official Kernel Support 1.

  1. Hacking Consumer Devices for Fun and Profit An Insider's View of the NSLU2-Linux Open-Source Project Rod Whitby <rod@whitby.id.au> NSLU2-Linux Project Lead

  2. Hacking Consumer Devices for Fun and Profit 5. Official Kernel Support 1. The Linksys NSLU2 NSLU2, NAS100D, Loft, … � Hardware Specs � 6. Official Debian Support Linksys Firmware � Debian Etch Loves The Slug RedBoot Bootloader � � 7. The Fun 2. Unslung Firmware NSLU2-Linux Exhibitions � Project Inception � NSLU2-Linux Community � Unslung 1.x � NSLU2-Linux Development � Unslung 2.x to 5.x � Project Infrastructure � Unslung 6.x � 8. The Profit 3. Optware Packages How to Make a Small Fortune � NSLU2, WL500g, … � Donations for Hardware � Distributed Development � 9. The Future 4. SlugOS Firmware What to do next � OpenSlug, “DebianSlug” � 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 2 Rod Whitby <rod@whitby.id.au>

  3. The Linksys NSLU2 - Hardware Specs Network Attached Storage (NAS) � Consumer Device 27.5mm x 135mm x 96mm � 5V DC, Maximum 2 Amps � Intel XScale IXP420 � Big-endian ARM � 133MHz (under-clocked) � 10/100 Ethernet � 2 x USB 2.0 Host Ports � 32 MB RAM � 8 MB Flash � Serial, JTAG, I2C, … � NSLU2 -> NSLUG -> “Slug” � 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 3 Rod Whitby <rod@whitby.id.au>

  4. The Linksys NSLU2 - Stock Linksys Firmware Designed to be a stand-alone Samba � server for attached USB hard disks. Ext3 filesystem with 3 partitions � Must be formatted on the device � Linux 2.4.22 Kernel � Major modifications to the � USB and SCSI subsystems Snapgear-based root filesystem � busybox, samba, thttpd, etc. � Linksys binary-only utilities � Set_Led, USB_Detect, Watchdog, � CheckPowerButton, CheckResetButton Source code available for kernel and root � filesystem, but not for Linksys binaries 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 4 Rod Whitby <rod@whitby.id.au>

  5. The Linksys NSLU2 - RedBoot Bootloader Loads kernel and initial ramdisk into memory, then executes kernel. � Kernel size is limited to 1MB � Ramdisk size is set at 10MB (can extend to 12MB if required) � MAC address for internal ethernet interface stored alongside Redboot � Significant modifications by Linksys � Addition of “move”, “boot”, and “upgrade” commands � Removal of FIS directory functions � Not intended to be user-accessible � … unless you solder on a connector for a serial port � Linksys left in a telnet 2 second window of opportunity � Upgrade mode is another exploit mechanism � “Good enough” for our purposes, so left alone. � 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 5 Rod Whitby <rod@whitby.id.au>

  6. Unslung Firmware - Project Inception 12 July 2004 18 Aug 2004 Jim Buzbee finds the Telnet exploit. Slug sacrificed to find JTAG traces. � � 31 July 2004 Jim’s journal page is slashdotted, and � the mailing list feels the effect. nslu2-linux mailing list is created. � 19 Aug 2004 5 Aug 2004 nslu2-linux.org domain registered. � Tom’s Hardware article published. � 22 Aug 2004 Mailing list has 13 members. � nslu2-general mailing list created. � 10 Aug 2004 24 Aug 2004 First successfully modified image. � First boot from external hard disk. � 11 Aug 2004 Serial port mod published. � Serial port and Redboot TFTP. � 25 Aug 2005 “Unslung” concept based on /linuxrc. � Linksys releases kernel source. � Jim’s journal links to the mailing list. � 30 Aug 2005 15 Aug 2004 RedBoot telnet access found. � iTunes server ported. � RedBoot upgrade mode found. � 16 Aug 2004 31 Aug 2005 Busybox, dropbear and wget ported. � 700 members and 1000 list emails. � Donations requested ($240 on first day). � 13 Sep 2005 17 Aug 2004 Wiki installed at www.nslu2-linux.org � Rod’s NSLU2 arrives in the post. � 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 6 Rod Whitby <rod@whitby.id.au>

  7. Unslung Firmware - Unslung 1.x Designed to be a minimal-changes firmware replacement � Retains all of the standard NSLU2 product functionality unchanged � Adds the capability to load the root filesystem from external storage � and download and install packages onto that external storage to be used alongside the standard product functionality. Also defines the package format for downloadable packages. � Unslung 1.7-alpha source code was released on 3 Sep 2004. � The goal was to free up 10MB of RAM by pivoting from an initial � “switchbox” ramdisk to JFFS2 or an external disk or NFS root filesystem. Built from a Makefile in a SourceForge CVS repository. � Used a binary sed to modify the Linksys kernel. � Unslung 1.11-beta binary image was released on 14 Sep 2004. � There were well over 1000 downloads of Unslung 1.x � 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 7 Rod Whitby <rod@whitby.id.au>

  8. Unslung Firmware - Unslung 2.x and 3.x Unslung 2.12-beta binary image was released on 6 Nov 2004. � The goal was to build the firmware from source. � Support for ext3 flash disks on Port 1 � Full downloadable package support � USB enclosure fixes (Genesys) � Kernel compiled from source (including some fixes) � Unslung 3.16-beta binary image was released on 25 Dec 2004. � The goal was to add a persistent JFFS2 root file system. � USB devfs support (driven by Topfield “puppy” development) � NFS kernel support � Recovery mode and Maintenance mode added. � 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 8 Rod Whitby <rod@whitby.id.au>

  9. Unslung Firmware - Unslung 4.x and 5.x Unslung 4.20-beta binary image was released on 15 May 2005. � The goal was to become self-hosting – being able to build Optware � packages natively, and to free up another 1MB of RAM by booting directly to a /linuxrc in JFFS2 instead of using the “switchbox” initrd. The internal JFFS2 partition became an initfs and recovery filesystem. � More kernel modules were enabled (and kernel module ipkg feed added) � RAID, USB Audio, USB Cameras, Traffic Shaping, Tape Drives, etc. � Quite a few people stuck with 3.18-beta until 5.5-beta was released. � Unslung 5.5-beta binary image was released on 14 June 2005. � Upgraded to be based on Linksys V2.3R29 firmware. � Changed from broken maintenance mode to stable upgrade mode. � Disabled the Linksys download daemon (in favor of upgrade mode). � There have been almost 18000 downloads of Unslung 5.5-beta. � 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 9 Rod Whitby <rod@whitby.id.au>

  10. Unslung Firmware - Unslung 6.x Unslung 6.8-beta binary image was released on 12 April 2006. � Updated to Linksys R63 firmware, which includes the Paragon � commercial NTFS kernel module with full write support. Many usability improvements (to try and reduce the number of � installation-related questions on the mailing list). The new Unslung logo is now featured in the Web GUI ☺ � There have been over 28000 downloads of Unslung 6.8-beta. � 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 10 Rod Whitby <rod@whitby.id.au>

  11. Optware Packages - NSLU2, WL500g, … Began as “Unslung Packages” – now over 750 packages strong. � The set of packages have been ported to many targets: � Linksys NSLU2 (armeb, glibc) � Asus WL500g/gx (mipsel, uclibc) � Synology DS-101 (armeb, glibc) � Freecom FSG-3 (armeb, glibc) � Maxtor Shared Storage (armeb, uclibc) � Iomega NAS 100d (armeb, glibc) � Synology DS-101g+ (powerpc, glibc) � Linksys WRT54G* (mipsel, uclibc) � Technologic Systems TS72xx (arm, glibc) � Diverse range of packages: � Apache, MySQL, Perl/PHP/Python, Squid � Email, IRC, CUPS, Torrent, CVS, SVN, Git, Monotone � Webcam, Network Sound, USB PVR, X10, Samba PDC, Topfield EPG � MediaWiki, Asterisk, Gallery, iTunes Server, CCXStream, TwonkyVision � 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 11 Rod Whitby <rod@whitby.id.au>

  12. Optware Packages - Distributed Development More than 100 Optware package � developers. Send a new package.mk file to the � nslu2-developers mailing list and you are granted CVS write access. An identified package feed manager � for each of the targets. New and modified packages are built � automatically every half hour, and the package feeds for all targets are updated upon successful builds. Build logs are published on the web for � NSLU2 Asterisk PBX package developers to peruse (and fix (on 512MB flash stick) any problems). Sipura SPA-3000 ATA/Gateway 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 12 Rod Whitby <rod@whitby.id.au>

Recommend

Security in Mobile Devices Hacking Mobiles for Fun and Profit Tobias Mueller Universit at

Security in Mobile Devices Hacking Mobiles for Fun and Profit Tobias Mueller Universit at

Intro Hardware Security Platform Security Hacking Q&amp;A Security in Mobile Devices Hacking Mobiles for Fun and Profit Tobias Mueller Universit at Hamburg &amp; Dublin City University 2010-12-16 1 / 54 Intro Hardware Security

974 views • 79 slides
Web Hacking 101: Burping for fun and maybe some profit Magno (Logan) Rodrigues magnologan at

Web Hacking 101: Burping for fun and maybe some profit Magno (Logan) Rodrigues magnologan at

Web Hacking 101: Burping for fun and maybe some profit Magno (Logan) Rodrigues magnologan at gmail dot com WHO AM I? ARE YOU SURE YOU WANNA KNOW? - Parker, Peter (Spider Man 2002) InfoSec/AppSec Specialist / CompTIA Instructor Focusing

702 views • 44 slides
ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical?

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical?

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical? Legality VS Ethics State Sanctioned hacking BLACK HAT - Stereotypical Hacker -Stealing data for personal gain -Obviously not ethical -Using

1.17k views • 10 slides
HL7 2.x Security Hacking medical devices Anirudh Duggal Disclaimer: All the views/ research

HL7 2.x Security Hacking medical devices Anirudh Duggal Disclaimer: All the views/ research

HL7 2.x Security Hacking medical devices Anirudh Duggal Disclaimer: All the views/ research done and presented is of my own and does not reflect my employer. Do not try this on a live environment. This can harm someone. #whoAmI Graduate

1.23k views • 46 slides
Information Exposure From Consumer IoT Devices: A Multidimensional Network-Informed Approach

Information Exposure From Consumer IoT Devices: A Multidimensional Network-Informed Approach

Information Exposure From Consumer IoT Devices: A Multidimensional Network-Informed Approach Jingjing Ren, Daniel J. Dubois , David Cho ff nes Anna Maria Mandalari, Roman Kolcun, Hamed Haddadi Motivation 7+ billion IoT devices deployed worldwide

501 views • 27 slides
Hacking NodeJS applications for fun and profit Testing NodeJS Security by @jmortegac Agenda

Hacking NodeJS applications for fun and profit Testing NodeJS Security by @jmortegac Agenda

Hacking NodeJS applications for fun and profit Testing NodeJS Security by @jmortegac Agenda Introduction nodejS security Npm security packages Node Goat project Tools Node JS JavaScript in the backend Built on

762 views • 43 slides
Hacking Your Own Virtual and Augmented Hacking Your Own Virtual and Augmented Reality Apps for

Hacking Your Own Virtual and Augmented Hacking Your Own Virtual and Augmented Reality Apps for

Hacking Your Own Virtual and Augmented Hacking Your Own Virtual and Augmented Reality Apps for Fun and Profit! Reality Apps for Fun and Profit! Tutorial Presentation Tutorial Presentation Linux Conf Au - Adelaide, SA Linux Conf Au - Adelaide,

621 views • 61 slides
The challenges of regulating direct to consumer digital medical devices Dr Elizabeth McGrath

The challenges of regulating direct to consumer digital medical devices Dr Elizabeth McGrath

The challenges of regulating direct to consumer digital medical devices Dr Elizabeth McGrath Director Emerging Technologies Medical Devices and Product Quality Division ARCS Annual Conference 6 August 2019 What are digital medical

605 views • 37 slides
Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking

Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking

Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking AI-Corp Hacking RL 1. Information gathering 2. Scanning 3. Exploitation &amp; privilege escalation 4. Maintaining access &amp; covering tracks

960 views • 62 slides
IOT SECURITY: CONSUMER DEVICES AND THE EXTENDED CORPORATE NETWORK Get CPE Credits for this

IOT SECURITY: CONSUMER DEVICES AND THE EXTENDED CORPORATE NETWORK Get CPE Credits for this

IOT SECURITY: CONSUMER DEVICES AND THE EXTENDED CORPORATE NETWORK Get CPE Credits for this Webcast Attendees of this Webcast are eligible for 1 CPE credit Self-report on your organizations website Keep the email invitation as

953 views • 59 slides
Nonconforming Product Vidya Gopal Consumer Safety Officer Postmarket and Consumer Branch

Nonconforming Product Vidya Gopal Consumer Safety Officer Postmarket and Consumer Branch

Nonconforming Product Vidya Gopal Consumer Safety Officer Postmarket and Consumer Branch Division of Industry and Consumer Education Office of Communication and Education Center for Devices and Radiological Health U.S. Food and Drug

1.29k views • 46 slides
Introduc)on Tradi&amp;onal Cable UI Technology Consumer Owned

Introduc)on Tradi&amp;onal Cable UI Technology Consumer Owned

Introduc)on Tradi&amp;onal Cable UI Technology Consumer Owned Devices Home Networking Web Technologies Operator Leased Devices Architecture Demo

639 views • 10 slides
Platforms, brokers and connected devices What are the implications of the use of consumer data?

Platforms, brokers and connected devices What are the implications of the use of consumer data?

Platforms, brokers and connected devices What are the implications of the use of consumer data? Introduction Which? have been looking into the implications for consumers of the increasing use of data about individuals. As part of our wider

115 views • 7 slides
CYBER SECURITY : WI-FI HACKING WITH A RASPBERRY PI NAME : ZUKISA SURNAME : DYANTYI STUDENT #

CYBER SECURITY : WI-FI HACKING WITH A RASPBERRY PI NAME : ZUKISA SURNAME : DYANTYI STUDENT #

CYBER SECURITY : WI-FI HACKING WITH A RASPBERRY PI NAME : ZUKISA SURNAME : DYANTYI STUDENT # : 3567302 TERM 3 : IMPLEMENTATION SUPERVISOR : DR. M NORMAN CO-SUPERVISOR : MR. M MUYOWA BACKGROUND INCREASE OF CONNECTED DEVICES

122 views • 8 slides
Hacking SecondLife Michael Thumann Hacking SecondLife by Michael Thumann 2/24/08 1

Hacking SecondLife Michael Thumann Hacking SecondLife by Michael Thumann 2/24/08 1

Hacking SecondLife Michael Thumann Hacking SecondLife by Michael Thumann 2/24/08 1 Disclaimer Everything you are about to see, hear, read and experience is for educational purposes only. No warranties or guarantees implied or

692 views • 47 slides
The New Digital Consumer in a Multi-Device World Presented by Alex Lirtsman Co-Founder/Chief

The New Digital Consumer in a Multi-Device World Presented by Alex Lirtsman Co-Founder/Chief

The New Digital Consumer in a Multi-Device World Presented by Alex Lirtsman Co-Founder/Chief Strategist, Ready Set Rocket Who is the new consumer? Todays new consumer is highly connected and engages with brands across many devices

881 views • 46 slides
Who am I? Nathaniel T. Schutta Hacking Your Brain For http://www.ntschutta.com/jat/

Who am I? Nathaniel T. Schutta Hacking Your Brain For http://www.ntschutta.com/jat/

Who am I? Nathaniel T. Schutta Hacking Your Brain For http://www.ntschutta.com/jat/ @ntschutta Fun and Profit Foundations of Ajax &amp; Pro Ajax and Java Nathaniel T. Schutta Frameworks UI guy Author, speaker, teacher

844 views • 58 slides
Drone Hacking Basics Intro to UAS Architectures, Attack Vectors and RF Hacking Matt Koskela June

Drone Hacking Basics Intro to UAS Architectures, Attack Vectors and RF Hacking Matt Koskela June

Drone Hacking Basics Intro to UAS Architectures, Attack Vectors and RF Hacking Matt Koskela June 15, 2017 Outline Drone Architectures RF Basics Information Gathering RF Hacking Tools Exploits &amp; Demos Q&amp;A Why? Wrights Law

486 views • 27 slides
Hacking, Hacktivism, and Counterhacking April 22, 2015 Outline Vocabulary Hacking motivated by

Hacking, Hacktivism, and Counterhacking April 22, 2015 Outline Vocabulary Hacking motivated by

Hacking, Hacktivism, and Counterhacking April 22, 2015 Outline Vocabulary Hacking motivated by benign purposes Hacktivism Counterhacking Case Studies Site defacement Network exploration / Port scanning / SQL injection / . . .

522 views • 18 slides
Hacking Copenhagen ITS World Congress, Copenhagen 2018 Hacking Copenhagen Digitalising (life in)

Hacking Copenhagen ITS World Congress, Copenhagen 2018 Hacking Copenhagen Digitalising (life in)

ECF gratefully acknowledges financial support from the European Commission. Hacking Copenhagen ITS World Congress, Copenhagen 2018 Hacking Copenhagen Digitalising (life in) the city of Copenhagen using bicycles. Bicycle-as-a-Sensor 1.

278 views • 11 slides
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 10 Hacking Web Servers

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 10 Hacking Web Servers

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 10 Hacking Web Servers Objectives After reading this chapter and completing the exercises, you will be able to: Describe Web applications Explain Web application

530 views • 9 slides
Todays Topics What is a Consumer Operated and Oriented Plan ( CO-OP )? Authorized in the ACA, a

Todays Topics What is a Consumer Operated and Oriented Plan ( CO-OP )? Authorized in the ACA, a

To be a leader in transforming the health of Maine people and positively affecting the Maine economy Todays Topics What is a Consumer Operated and Oriented Plan ( CO-OP )? Authorized in the ACA, a CO-OP is a non-profit, consumer-focused

351 views • 10 slides
Devices in the German Hospital Sector Oliver Martini Director Government Affairs &amp; Policy

Devices in the German Hospital Sector Oliver Martini Director Government Affairs &amp; Policy

Market Access Pathways for Medical Devices in the German Hospital Sector Oliver Martini Director Government Affairs &amp; Policy Germany Medical Devices, Pharmaceuticals and Consumer Funding Pathways for Medical Devices Medical Devices

478 views • 13 slides
Presenter: Shervin Amini Motivation Indoor localization of consumer mobile devices

Presenter: Shervin Amini Motivation Indoor localization of consumer mobile devices

Presenter: Shervin Amini Motivation Indoor localization of consumer mobile devices Previous works focuses on accuracy of the localization Less work on scalability and energy consumption Challenge: accuracy and energy consumption

463 views • 14 slides

More recommend