Jump to content

Where to start with finding vulnerabilities in hardware?


Recommended Posts

Before even opening it up, I'd recommend port scanning it. Some devices have open telnet ports that you can connect to, sometimes with no password or a factory preset one. You could try bruteforcing it, but opening it up might be easier. I'd recommend searching the net before attempting to brute force it; most of the time, somebodies tried to get into it before you. 

Next, open it up. Look for serial connections (rx, tx and gnd). You're going to need some tools. Me and a few of my friends compiled this list of electronics from china. You want the CP2102 or the usb to serial adapter. They're the same thing, and you can pick one up for around $2. Often, when you connect over serial, you'll get a root shell on the device. 

From there, it's up to you. IIRC, samy kamkar has a pretty good talk on this at Hackaday Superconductor. 

  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...