Fun With HARDWARE HACKING!!! - UART ROOT SHELLS and Finding SECRETS!
Vložit
- čas přidán 17. 06. 2024
- Recently I've been learning about IoT and hardware hacking, so I thought it would be fun to crack open a wifi router that was so generously donated to me and see if I could find a UART and connect to it. From there I hope to see if I could find any sensitive data and use that to gain access to the router through the admin web-portal. So hold on to your multi-meter and let's hack a router!!! :)
Chapters
=================
00:00 Intro
01:00 The Plan of Attack
01:55 The Gear
06:02 Identifying UART Pins with Multi-meter
16:33 Connecting UART to TTL-to-USB
20:00 Terminal Emulator Settings
22:08 We Have SHELL!!!
24:58 Finding Secrets
29:45 Closing Thoughts
#iot #iotsecurity #hardwarehacking #iothacking #uart #jtag #jtagulator #redteam #redteaming #arduino #raspberrypi #cybersecurity #hacker #hacking #informationsecurity #infosec #penetrationtester #pentesting #ethicalhacker #ethicalhacking - Věda a technologie
Just proves everything runs linux pretty much. Such a cool thing. I love it when i get to see the boot process of a device for myself instead of waiting silently for the device to come online. Also uboot has some great tools and you can even set env variables so it will boot into the shell by setting init=/bin/sh or init=/bin/bash
Spot on! Being able to watch the boot process has helped me bring a few devices back to working condish
I am so excited to watch the new series and really want to do some of this. Thank-you for inspireing me to try something new
I'm really glad I could inspire you to branch out, Wayne! Gotta keep reaching just beyond our grasp so that we continue to grow 👍
that was really cool! hope you have more of these. Take it easy Daniel. Merry Christmas
Glad you enjoyed the video! I should definitely do another hardware episode. Hardware hacking is a lot of fun!👍
Found your Channel on YT, video is great. You have cool ideas, thanks a lot. Great Job :-)
Thanks for watching, John and I'm glad you enjoyed it 😀👍
Really solid stuff! I am pretty sure you are gonna show it in the IoT Pentesting series as well.
Thanks, Rahul! You will definitely see this and a whole lot more 😉👍
Great content.
I always like what you bring to us
Thanks, Anthony! I'm glad to hear you enjoy the content 👍
Appreciate you helping us with this topic
No problem! I'm glad to do it 👍
Woohoo hardware hacking… my absolute fav iT topic. Thanks Dan
I'm really diggin' your enthusiasm, Brian! 😀
⌨️⌨️ That was pretty cool Daniel
Thanks, Mehpew! It was a ton of fun to learn all that and doing the demo. I want to do more with hardware/IoT/embedded in the future 👍💯
That was VERY useful. Thank you.
You're very welcome! So glad to hear that this was helpful to you😀👍
thank you Daniel for this video, easy and straight forward, good content :)
Thanks for watching! So glad you enjoyed the content 😃
This is great!!! You are a wealth of knowledge
You're great, Lauren! Thanks for the sub! 😃
I have iot hacking in my course curriculum and I'm really - really excited to deep dive into some hardware hacking and do something different from traditional web/api hacking 🎉❤
I hope your ready to find a new level of passion for hacking, because hardware hacking is so much fun and fairly addictive!
Thanks for sharing your knowledge. 🙂🖐💥🖐
You're welcome, zer0 and thanks for watching!
And he is back lol. How are you Daniel? Its been a while
I'm good, Jake! Thanks for asking and it's good to be back. 😀👍
Great video. You need an oscilloscope so you can have a visual representation of the voltage variations. They will be highs and lows; 1’s and 0’s. Have fun
Funny you say that! I was just looking at oscilloscopes the other day because I want to do more with hardware and it seemed like a good tool to have in the kit. Thanks for the suggestion!
Awesome Content sir
Thank you very much for the compliment, Mohd. I'm glad you enjoyed it and thanks for watching 👍
Dynanomite ma man exactly what i wanted to see to push this mush along
Thanks! Glad you enjoyed the video. Hardware hacking is super fun 👍
Awesome stuff
Thanks, Michi! Glad you liked it 😃👍
Extra like for Arnie voice impression!
I like your extra like and raise you 2 likes 😁
Thank you , great video ,
Totally going to try!
So glad to hear that you enjoyed the video! 😀👍
i loved it make similar videos
I love that you loved it! 😁
Thanks for this video, helped a lot.
I have to stay at home for some time, so I grabed an old modem from the early 2010 and found out, that there is a password for UART.
Is there a good forum you can recommend for questions about this topic?
Glad to hear you enjoyed the video, Karl! I don't know of any forums off the top of my head, but you may be able to grab the password hash from the firmware using binwalk or firmware modkit and see if you can crack it with something like hashcat.
This video is good for the economy!
Thanks Dave! I'm just trying to do my part 😁👍
Cool
Hey friend great videos. I'm trying something similar at home. I've identified the Ground port, and Im pretty sure VCC (it's steady 3.30, 3.29) but the other two ports are both reading 0 volts throughout the whole boot process. Any idea what is happening? I know you mentioned one could possibly read 0.00V being the Rx port, but im confused why both :(
This is such a great question, and honestly I'm surprised at myself for not addressing it in the video! My guess would be that the UART RX and/or TX ports are not connected. I've seen manufacturers do that before and when that happens you have to expose the lead wire and jump the pin to the wire. I hope that helps. Cheers!
@Daniel Lowrie Heya thanks for the reply yep that's exactly right. I put it under a scope and I can see the traces have been disconnected. I'm trying to bridge them (theres two pins that can reconnect the traces) with solder but boy is it ever small.. the thinnest solder I have is still too big for it! It's like doing a surgery.
@@lukeschmidt7872 Oh yeah, those traces are soooo stinkin' small! At least you know what the issue is and can attempt to work around it. Even if you're unsuccessful, at least you've gained so much useful experience.
tx pin will have oscillations when you turn on the device. So check voltage oscillation in tx and rx pins while powering on.
Thanks
Happy to oblige 👍
Wow look who decided to pop up 😂. Man u just post some great content and be like gone for months . Anyways good to see some great hardware hacking
I'm like a hacking phantasm! 😝 I sure do appreciate your viewership, firos and I'm glad you feel it's worth the wait 😁👍
@@daniellowrie ya I thnk its also the wait that does it . I see ur vedios and the phrase "quality over quantity" comes to my mind
Thanks, @@firosiam7786 , that's the highest praise I could hope to get 🙂
Thank you for this.,,
I'm super new to the whole electronics thing. In fact the Flipper Zero GPIO pins got me interested & then I came upon Arduino & GPIO & now I'm seeing hacking on this level.
I'll bet you could sell this type of thing to people.
Like ship them that hardware & have different things to try to accomplish.
Things like:
- don't tell them what to try to find & see what all they can find on their own.
-then after they've tried to totally crack this thing, list the things & see if they've found everything & if not, go do those things
-then whatever they couldn't do have a walkthrough video & explanation of the why & how to handle these things
I think people would pay for this type of thing & as long as it's legit it'll be such a powerful tool.
Sounds like you're proposing a Hardware Hacking Scavenger Hunt. A very cool idea! 😀
@@daniellowrie Yes. That's it.
I've seen some CZcams crime channels have started selling these "See if you can solve the crime" kits.
I could see this being a thing like that.
I don't know a lot about this (yet) but it seems like finding hardware is cheap & the kits could be either left as is or tinkered with to add to the lesson.
Hallo, can you pleas make video about how to scan another network that security cameras connected to and how to break them or hack them for learning purpose 🙏thank you
That's not a bad idea. I just need to get my hands on a security camera.👍
We got arnie, I think I see hanz, I can be franz. And we are here to pump👏 you up!
Love the reference! LOL. Here's a clip of what I consider to be Arnie's best work. czcams.com/video/MpQN3HLHrJA/video.html Enjoy and thanks for commenting 😁
@@daniellowrie he definitely sells the character in that scene
@@daniellowrie love the video btw, I'm waiting for my uart connector now. So I got a long rabbit hole ahead of me
@@PhilieBlunt666 honestly I'm surprised he didn't win an Oscar for this performance. Shame on the Academy for this oversight. Shame, I say!
@@PhilieBlunt666 thanks, and I'm glad to hear it. There is something very satisfying about hardware and firmware hacking to me, so I for one really enjoyed the rabiit hole 😁👍
Sorry for n00b question but when I plug it in to my computer I don’t get COM5, it just says ”serial port”. Did I mess something up?
I assume you're using Windows as your OS, but if you're not getting assigned a COM port then there might be a driver issue. Verify that your device is being recognized by your system by checking under "Universal Serial Bus controllers" > "USB Serial Converter". You may just need to reinstall the driver for it. You might even try plugging into a different USB port. If none of that works then it may just be a bad device that you're plugging in and you'll need to exchange it for another. I hope that helps 👍
Is it possible to found UART Ports inside Smart Phones, like iphone?
Good news. It is possible. You should check out Joe Grand's CZcams channel and watch him crack into smartphones and other hardware. He has excellent content! czcams.com/users/JoeGrand
Hey Daniel can u give links of the stuff where to buy these pls
www.amazon.com/EDGELEC-Breadboard-Optional-Assorted-Multicolored/dp/B07GD2BWPY/ref=mp_s_a_1_3?crid=JR9MZIJISAG2&keywords=Pin+wires&qid=1671558358&sprefix=pin+wires%2Caps%2C126&sr=8-3
www.amazon.com/DSD-TECH-SH-U09C5-Converter-Support/dp/B07WX2DSVB/ref=mp_s_a_1_3?crid=2Q32JOBJJ29Y4&keywords=uart+to+usb&qid=1671558459&sprefix=Uart%2Caps%2C120&sr=8-3
Love to watch, but sound is not in sync with the video, not working with my ocd :( ... still listen with no video, only sound and it's perfect
Sorry about that, Jim. I've been working on getting the sound to sync up better, but it's been an odd issue. I'll keep at it though and thanks for watc...listening 😁👍
what is the name of the usb device?
That device is called uart-to-usb. Hope that helps
What the name of that strange USB Daniel?
TTL-to-USB 👍
@@daniellowrie thanks so much, really enjoying your videos, gonna recommend them
@@MalongaModeste I really appreciate the support, thanks!
mine is looking for password after starting putty. i have a archer mr200 router. what should i enter?
I would try all the common passwords and even no password at all. If that doesn't work then you can try extracting the shadow file from the firmware and brute-forcing it with hashcat or using an online password cracker like crackstation.net. You might be able to grab a copy of the firmware from the device's support page. Then try extracting with binwalk.
I hope that helps and best of luck!
@@daniellowrie i have it opened with binwalk but the shadow file is not in it
Is it possible to use Arduino as a usb to serial converter
I'm not sure, but my guess would be "Yes" especially since they used to make this docs.arduino.cc/retired/boards/arduino-usb-2-serial-micro/.
Edit: I just read through the info for the retired arduino usb-2-serial micro and it says that it has the same chip as the Arduino Uno.
"It features an Atmega16U2 programmed as a USB-to-serial converter, the same chip found on the Arduino Uno."
This makes me more confident that you could use an Arduino Uno as a usb to serial converter.
@@daniellowriebe warned, some arduinos use 5volt and can absolutely break your target if its 3.3volt. some serial ports cant tolerate 5volt for long. I learned it the hard way and lost my test router
@@309electronics5 Great advice! Thanks for the heads-up 👍
Bruh, is that a Harbor Freight multimeter? 😅
I got it at Auto Zone thank you 😂😁
How to dump firmware
Thanks for the suggestion, No Name 👍
Is this a copy of youtube.com/@mattbrwn?si=ZMHd7XM5hPeFCqUq Matt Brown video?
Hey Mauricio, Great question!
🤔 I don't know that "copy" would best describe the situation as it may lead someone to think that something negative or nefarious is happening. I think "similar" would be a better descriptor.
We are exploring the same topic, so you've got to expect that we're going to cover some, if not all of the same materials (concepts, tools, techniques, procedures).
I would say that this video is only a "copy" of Matt's video insofar as Matt's video is a "copy" of...
Tony Gambacorta's video ( czcams.com/video/ZmZuKA-Rst0/video.htmlsi=JBBk2jAO9b78CnFW )
Valerio Di Giampietro's video ( czcams.com/video/6_Q663YkyXE/video.htmlsi=CxMHJV1OnCWmpXdu )
The Flashback Team's video ( czcams.com/video/01mw0oTHwxg/video.htmlsi=fL0fHQqyKQPu4qJ8 )
...all of which helped me greatly when learning about this topic. So, like I said, not a copy but definitely similar.
That said, I'd not seen Matt's channel before, so a big thanks to you for bringing his content to my attention as it's a really great channel with content! Everyone that watches this video should absolutely jump over to Matt's channel ( www.youtube.com/@mattbrwn ) and subscribe. 👍
I would also recommend Joe Grand's channel ( www.youtube.com/@JoeGrand ) if you're looking for some amazing hardware hacking content. 😃
This video could have been 5 minutes long lol
I do have a tendency to be loquacious, for sure! But hey, that's who God made me and I totally understand if my content isn't your "cup of tea".
If you're looking for cyber security channels that focus on hardware, might I suggest...
Joe Grand - www.youtube.com/@JoeGrand
Make Me Hack - www.youtube.com/@MakeMeHack
Flashback Team - www.youtube.com/@FlashbackTeam
They all have great content and you won't have to listen to me drone on and on. 😅
Cheers!
blablabla and the you got 2 receive pins, nice. u svck
Oh man, I can be a bit verbose for sure 😅 I'm sorry to hear that it bothered you so much.
I totally get that my content isn't for everyone, but maybe you'd enjoy Matt Brown or Joe Grand. They are both very skilled at hardware and great presenters too. Cheers 😀👍