hacking consumer devices for fun and profit
play

Hacking Consumer Devices for Fun and Profit An Insider's View of - PowerPoint PPT Presentation

Apr 13, 2023 •25 likes •285 views

Hacking Consumer Devices for Fun and Profit An Insider's View of the NSLU2-Linux Open-Source Project Rod Whitby <rod@whitby.id.au> NSLU2-Linux Project Lead Hacking Consumer Devices for Fun and Profit 5. Official Kernel Support 1.

  1. Hacking Consumer Devices for Fun and Profit An Insider's View of the NSLU2-Linux Open-Source Project Rod Whitby <rod@whitby.id.au> NSLU2-Linux Project Lead

  2. Hacking Consumer Devices for Fun and Profit 5. Official Kernel Support 1. The Linksys NSLU2 NSLU2, NAS100D, Loft, … � Hardware Specs � 6. Official Debian Support Linksys Firmware � Debian Etch Loves The Slug RedBoot Bootloader � � 7. The Fun 2. Unslung Firmware NSLU2-Linux Exhibitions � Project Inception � NSLU2-Linux Community � Unslung 1.x � NSLU2-Linux Development � Unslung 2.x to 5.x � Project Infrastructure � Unslung 6.x � 8. The Profit 3. Optware Packages How to Make a Small Fortune � NSLU2, WL500g, … � Donations for Hardware � Distributed Development � 9. The Future 4. SlugOS Firmware What to do next � OpenSlug, “DebianSlug” � 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 2 Rod Whitby <rod@whitby.id.au>

  3. The Linksys NSLU2 - Hardware Specs Network Attached Storage (NAS) � Consumer Device 27.5mm x 135mm x 96mm � 5V DC, Maximum 2 Amps � Intel XScale IXP420 � Big-endian ARM � 133MHz (under-clocked) � 10/100 Ethernet � 2 x USB 2.0 Host Ports � 32 MB RAM � 8 MB Flash � Serial, JTAG, I2C, … � NSLU2 -> NSLUG -> “Slug” � 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 3 Rod Whitby <rod@whitby.id.au>

  4. The Linksys NSLU2 - Stock Linksys Firmware Designed to be a stand-alone Samba � server for attached USB hard disks. Ext3 filesystem with 3 partitions � Must be formatted on the device � Linux 2.4.22 Kernel � Major modifications to the � USB and SCSI subsystems Snapgear-based root filesystem � busybox, samba, thttpd, etc. � Linksys binary-only utilities � Set_Led, USB_Detect, Watchdog, � CheckPowerButton, CheckResetButton Source code available for kernel and root � filesystem, but not for Linksys binaries 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 4 Rod Whitby <rod@whitby.id.au>

  5. The Linksys NSLU2 - RedBoot Bootloader Loads kernel and initial ramdisk into memory, then executes kernel. � Kernel size is limited to 1MB � Ramdisk size is set at 10MB (can extend to 12MB if required) � MAC address for internal ethernet interface stored alongside Redboot � Significant modifications by Linksys � Addition of “move”, “boot”, and “upgrade” commands � Removal of FIS directory functions � Not intended to be user-accessible � … unless you solder on a connector for a serial port � Linksys left in a telnet 2 second window of opportunity � Upgrade mode is another exploit mechanism � “Good enough” for our purposes, so left alone. � 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 5 Rod Whitby <rod@whitby.id.au>

  6. Unslung Firmware - Project Inception 12 July 2004 18 Aug 2004 Jim Buzbee finds the Telnet exploit. Slug sacrificed to find JTAG traces. � � 31 July 2004 Jim’s journal page is slashdotted, and � the mailing list feels the effect. nslu2-linux mailing list is created. � 19 Aug 2004 5 Aug 2004 nslu2-linux.org domain registered. � Tom’s Hardware article published. � 22 Aug 2004 Mailing list has 13 members. � nslu2-general mailing list created. � 10 Aug 2004 24 Aug 2004 First successfully modified image. � First boot from external hard disk. � 11 Aug 2004 Serial port mod published. � Serial port and Redboot TFTP. � 25 Aug 2005 “Unslung” concept based on /linuxrc. � Linksys releases kernel source. � Jim’s journal links to the mailing list. � 30 Aug 2005 15 Aug 2004 RedBoot telnet access found. � iTunes server ported. � RedBoot upgrade mode found. � 16 Aug 2004 31 Aug 2005 Busybox, dropbear and wget ported. � 700 members and 1000 list emails. � Donations requested ($240 on first day). � 13 Sep 2005 17 Aug 2004 Wiki installed at www.nslu2-linux.org � Rod’s NSLU2 arrives in the post. � 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 6 Rod Whitby <rod@whitby.id.au>

  7. Unslung Firmware - Unslung 1.x Designed to be a minimal-changes firmware replacement � Retains all of the standard NSLU2 product functionality unchanged � Adds the capability to load the root filesystem from external storage � and download and install packages onto that external storage to be used alongside the standard product functionality. Also defines the package format for downloadable packages. � Unslung 1.7-alpha source code was released on 3 Sep 2004. � The goal was to free up 10MB of RAM by pivoting from an initial � “switchbox” ramdisk to JFFS2 or an external disk or NFS root filesystem. Built from a Makefile in a SourceForge CVS repository. � Used a binary sed to modify the Linksys kernel. � Unslung 1.11-beta binary image was released on 14 Sep 2004. � There were well over 1000 downloads of Unslung 1.x � 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 7 Rod Whitby <rod@whitby.id.au>

  8. Unslung Firmware - Unslung 2.x and 3.x Unslung 2.12-beta binary image was released on 6 Nov 2004. � The goal was to build the firmware from source. � Support for ext3 flash disks on Port 1 � Full downloadable package support � USB enclosure fixes (Genesys) � Kernel compiled from source (including some fixes) � Unslung 3.16-beta binary image was released on 25 Dec 2004. � The goal was to add a persistent JFFS2 root file system. � USB devfs support (driven by Topfield “puppy” development) � NFS kernel support � Recovery mode and Maintenance mode added. � 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 8 Rod Whitby <rod@whitby.id.au>

  9. Unslung Firmware - Unslung 4.x and 5.x Unslung 4.20-beta binary image was released on 15 May 2005. � The goal was to become self-hosting – being able to build Optware � packages natively, and to free up another 1MB of RAM by booting directly to a /linuxrc in JFFS2 instead of using the “switchbox” initrd. The internal JFFS2 partition became an initfs and recovery filesystem. � More kernel modules were enabled (and kernel module ipkg feed added) � RAID, USB Audio, USB Cameras, Traffic Shaping, Tape Drives, etc. � Quite a few people stuck with 3.18-beta until 5.5-beta was released. � Unslung 5.5-beta binary image was released on 14 June 2005. � Upgraded to be based on Linksys V2.3R29 firmware. � Changed from broken maintenance mode to stable upgrade mode. � Disabled the Linksys download daemon (in favor of upgrade mode). � There have been almost 18000 downloads of Unslung 5.5-beta. � 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 9 Rod Whitby <rod@whitby.id.au>

  10. Unslung Firmware - Unslung 6.x Unslung 6.8-beta binary image was released on 12 April 2006. � Updated to Linksys R63 firmware, which includes the Paragon � commercial NTFS kernel module with full write support. Many usability improvements (to try and reduce the number of � installation-related questions on the mailing list). The new Unslung logo is now featured in the Web GUI ☺ � There have been over 28000 downloads of Unslung 6.8-beta. � 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 10 Rod Whitby <rod@whitby.id.au>

  11. Optware Packages - NSLU2, WL500g, … Began as “Unslung Packages” – now over 750 packages strong. � The set of packages have been ported to many targets: � Linksys NSLU2 (armeb, glibc) � Asus WL500g/gx (mipsel, uclibc) � Synology DS-101 (armeb, glibc) � Freecom FSG-3 (armeb, glibc) � Maxtor Shared Storage (armeb, uclibc) � Iomega NAS 100d (armeb, glibc) � Synology DS-101g+ (powerpc, glibc) � Linksys WRT54G* (mipsel, uclibc) � Technologic Systems TS72xx (arm, glibc) � Diverse range of packages: � Apache, MySQL, Perl/PHP/Python, Squid � Email, IRC, CUPS, Torrent, CVS, SVN, Git, Monotone � Webcam, Network Sound, USB PVR, X10, Samba PDC, Topfield EPG � MediaWiki, Asterisk, Gallery, iTunes Server, CCXStream, TwonkyVision � 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 11 Rod Whitby <rod@whitby.id.au>

  12. Optware Packages - Distributed Development More than 100 Optware package � developers. Send a new package.mk file to the � nslu2-developers mailing list and you are granted CVS write access. An identified package feed manager � for each of the targets. New and modified packages are built � automatically every half hour, and the package feeds for all targets are updated upon successful builds. Build logs are published on the web for � NSLU2 Asterisk PBX package developers to peruse (and fix (on 512MB flash stick) any problems). Sipura SPA-3000 ATA/Gateway 10 Feb 2007 Hacking Consumer Devices for Fun and Profit 12 Rod Whitby <rod@whitby.id.au>

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Security in Mobile Devices Hacking Mobiles for Fun and Profit Tobias Mueller Universit at

Security in Mobile Devices Hacking Mobiles for Fun and Profit Tobias Mueller Universit at

Intro Hardware Security Platform Security Hacking Q&amp;A Security in Mobile Devices Hacking Mobiles for Fun and Profit Tobias Mueller Universit at Hamburg &amp; Dublin City University 2010-12-16 1 / 54 Intro Hardware Security

974 views • 79 slides
Web Hacking 101: Burping for fun and maybe some profit Magno (Logan) Rodrigues magnologan at

Web Hacking 101: Burping for fun and maybe some profit Magno (Logan) Rodrigues magnologan at

Web Hacking 101: Burping for fun and maybe some profit Magno (Logan) Rodrigues magnologan at gmail dot com WHO AM I? ARE YOU SURE YOU WANNA KNOW? - Parker, Peter (Spider Man 2002) InfoSec/AppSec Specialist / CompTIA Instructor Focusing

702 views • 44 slides
ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical?

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical?

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical? Legality VS Ethics State Sanctioned hacking BLACK HAT - Stereotypical Hacker -Stealing data for personal gain -Obviously not ethical -Using

1.17k views • 10 slides
HL7 2.x Security Hacking medical devices Anirudh Duggal Disclaimer: All the views/ research

HL7 2.x Security Hacking medical devices Anirudh Duggal Disclaimer: All the views/ research

HL7 2.x Security Hacking medical devices Anirudh Duggal Disclaimer: All the views/ research done and presented is of my own and does not reflect my employer. Do not try this on a live environment. This can harm someone. #whoAmI Graduate

1.23k views • 46 slides
Information Exposure From Consumer IoT Devices: A Multidimensional Network-Informed Approach

Information Exposure From Consumer IoT Devices: A Multidimensional Network-Informed Approach

Information Exposure From Consumer IoT Devices: A Multidimensional Network-Informed Approach Jingjing Ren, Daniel J. Dubois , David Cho ff nes Anna Maria Mandalari, Roman Kolcun, Hamed Haddadi Motivation 7+ billion IoT devices deployed worldwide

501 views • 27 slides
Hacking NodeJS applications for fun and profit Testing NodeJS Security by @jmortegac Agenda

Hacking NodeJS applications for fun and profit Testing NodeJS Security by @jmortegac Agenda

Hacking NodeJS applications for fun and profit Testing NodeJS Security by @jmortegac Agenda Introduction nodejS security Npm security packages Node Goat project Tools Node JS JavaScript in the backend Built on

762 views • 43 slides
Hacking Your Own Virtual and Augmented Hacking Your Own Virtual and Augmented Reality Apps for

Hacking Your Own Virtual and Augmented Hacking Your Own Virtual and Augmented Reality Apps for

Hacking Your Own Virtual and Augmented Hacking Your Own Virtual and Augmented Reality Apps for Fun and Profit! Reality Apps for Fun and Profit! Tutorial Presentation Tutorial Presentation Linux Conf Au - Adelaide, SA Linux Conf Au - Adelaide,

621 views • 61 slides
The challenges of regulating direct to consumer digital medical devices Dr Elizabeth McGrath

The challenges of regulating direct to consumer digital medical devices Dr Elizabeth McGrath

The challenges of regulating direct to consumer digital medical devices Dr Elizabeth McGrath Director Emerging Technologies Medical Devices and Product Quality Division ARCS Annual Conference 6 August 2019 What are digital medical

605 views • 37 slides
Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking

Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking

Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking AI-Corp Hacking RL 1. Information gathering 2. Scanning 3. Exploitation &amp; privilege escalation 4. Maintaining access &amp; covering tracks

960 views • 62 slides
IOT SECURITY: CONSUMER DEVICES AND THE EXTENDED CORPORATE NETWORK Get CPE Credits for this

IOT SECURITY: CONSUMER DEVICES AND THE EXTENDED CORPORATE NETWORK Get CPE Credits for this

IOT SECURITY: CONSUMER DEVICES AND THE EXTENDED CORPORATE NETWORK Get CPE Credits for this Webcast Attendees of this Webcast are eligible for 1 CPE credit Self-report on your organizations website Keep the email invitation as

953 views • 59 slides
Nonconforming Product Vidya Gopal Consumer Safety Officer Postmarket and Consumer Branch

Nonconforming Product Vidya Gopal Consumer Safety Officer Postmarket and Consumer Branch

Nonconforming Product Vidya Gopal Consumer Safety Officer Postmarket and Consumer Branch Division of Industry and Consumer Education Office of Communication and Education Center for Devices and Radiological Health U.S. Food and Drug

1.29k views • 46 slides
Introduc)on Tradi&amp;onal Cable UI Technology Consumer Owned

Introduc)on Tradi&amp;onal Cable UI Technology Consumer Owned

Introduc)on Tradi&amp;onal Cable UI Technology Consumer Owned Devices Home Networking Web Technologies Operator Leased Devices Architecture Demo

639 views • 10 slides
Platforms, brokers and connected devices What are the implications of the use of consumer data?

Platforms, brokers and connected devices What are the implications of the use of consumer data?

Platforms, brokers and connected devices What are the implications of the use of consumer data? Introduction Which? have been looking into the implications for consumers of the increasing use of data about individuals. As part of our wider

115 views • 7 slides
CYBER SECURITY : WI-FI HACKING WITH A RASPBERRY PI NAME : ZUKISA SURNAME : DYANTYI STUDENT #

CYBER SECURITY : WI-FI HACKING WITH A RASPBERRY PI NAME : ZUKISA SURNAME : DYANTYI STUDENT #

CYBER SECURITY : WI-FI HACKING WITH A RASPBERRY PI NAME : ZUKISA SURNAME : DYANTYI STUDENT # : 3567302 TERM 3 : IMPLEMENTATION SUPERVISOR : DR. M NORMAN CO-SUPERVISOR : MR. M MUYOWA BACKGROUND INCREASE OF CONNECTED DEVICES

122 views • 8 slides
Hacking SecondLife Michael Thumann Hacking SecondLife by Michael Thumann 2/24/08 1

Hacking SecondLife Michael Thumann Hacking SecondLife by Michael Thumann 2/24/08 1

Hacking SecondLife Michael Thumann Hacking SecondLife by Michael Thumann 2/24/08 1 Disclaimer Everything you are about to see, hear, read and experience is for educational purposes only. No warranties or guarantees implied or

692 views • 47 slides
The New Digital Consumer in a Multi-Device World Presented by Alex Lirtsman Co-Founder/Chief

The New Digital Consumer in a Multi-Device World Presented by Alex Lirtsman Co-Founder/Chief

The New Digital Consumer in a Multi-Device World Presented by Alex Lirtsman Co-Founder/Chief Strategist, Ready Set Rocket Who is the new consumer? Todays new consumer is highly connected and engages with brands across many devices

881 views • 46 slides
Parallel Nonnegative Matrix Factorization Algorithms for Hyperspectral Images A Masters Thesis

Parallel Nonnegative Matrix Factorization Algorithms for Hyperspectral Images A Masters Thesis

Parallel Nonnegative Matrix Factorization Algorithms for Hyperspectral Images A Masters Thesis Lukasz Grzegorz Maciak Montclair State University Department of Computer Science 1 Objectives 1. Background 2. Investigate Novel Feature Extraction

887 views • 61 slides
Lecture 23 Reminders: Programming Project 5 (reassigned Homework Problem 5.48) due on

Lecture 23 Reminders: Programming Project 5 (reassigned Homework Problem 5.48) due on

Lecture 23 Reminders: Programming Project 5 (reassigned Homework Problem 5.48) due on Thursday. Homework 7 due next Tuesday. Questions? Tuesday, November 15 CS 475 Networks - Lecture 23 1 Outline Chapter 7 - End-to-End Data 7.1

602 views • 20 slides
Exploring vulnerabilities in Android 6.0 fingerprint authentication Thom Does &amp; Mike Maarse

Exploring vulnerabilities in Android 6.0 fingerprint authentication Thom Does &amp; Mike Maarse

Exploring vulnerabilities in Android 6.0 fingerprint authentication Thom Does &amp; Mike Maarse KPMG 02-02-2016 Thom Does &amp; Mike Maarse (KPMG) RP1 Presentation 02-02-2016 1 / 34 Introduction Motivation/relevance Preferred

586 views • 34 slides
IP Flow Information eXport IP Flow Information eXport (IPFIX) (IPFIX)

IP Flow Information eXport IP Flow Information eXport (IPFIX) (IPFIX)

IP Flow Information eXport IP Flow Information eXport (IPFIX) (IPFIX) elisa.boschi@hitachi-eu.com {boschi, zseby, mark, hirsch}@fokus.fraunhofer.de Outline Outline IPFIX Terminology Applicability Initial Goals

212 views • 19 slides
308-435 Socket Programming Juan de Lara, Hans Vangheluwe Edited for Fall 2001 by Clark Verbrugge

308-435 Socket Programming Juan de Lara, Hans Vangheluwe Edited for Fall 2001 by Clark Verbrugge

308-435 Socket Programming Juan de Lara, Hans Vangheluwe Edited for Fall 2001 by Clark Verbrugge McGill University Fall Term 2001 Background In order to use sockets, you need some understanding of how addressing over sockets works. The

343 views • 17 slides
Data visualization on Cell Broadband Engine VUT FEL v Praze 36SPA 21. kvtna 2007 Martin

Data visualization on Cell Broadband Engine VUT FEL v Praze 36SPA 21. kvtna 2007 Martin

Intro GNU/Linux OpenGL SDL Data visualization on Cell Broadband Engine VUT FEL v Praze 36SPA 21. kvtna 2007 Martin BruXy Bruchanov brucham@fel.cvut.cz Data visualization on Cell Broadband Engine Intro GNU/Linux OpenGL SDL

517 views • 8 slides
Internet publishing recommended software, encoding HTML, publishing on webserver Petr Zmostn

Internet publishing recommended software, encoding HTML, publishing on webserver Petr Zmostn

Internet publishing recommended software, encoding HTML, publishing on webserver Petr Zmostn room: A-72a phone: 4222 e-mail: petr.zamostny@vscht.cz PSPad editor Freeware http://www.pspad.com/cz/download.php Making the first

149 views • 14 slides
On behalf of the Committeeeee! Best of Order Thank you Please! Star Name Tours Live

On behalf of the Committeeeee! Best of Order Thank you Please! Star Name Tours Live

On behalf of the Committeeeee! Best of Order Thank you Please! Star Name Tours Live Edgy Bands Themed Events Russian Winter Palace Haunted Castle Narnia Lets Make Cinderella Jealous! Fire Performers Stilt

534 views • 19 slides

More recommend