In this episode of Critical Thinking - Bug Bounty Podcast we talk about some basic/intermediate concepts related to Hardware Hacking. Specifically, we dive into extracting data from eMMC chips in order to get our hands on source code for IoT devices. Don't miss this episode packed with valuable insights, tips, and strategies for beginners and seasoned bug bounty hunters alike!
Follow us on twitter at: https://twitter.com/ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker (https://twitter.com/realytcracker) for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater & Teknogeek on twitter:
- https://twitter.com/0xteknogeek
- https://twitter.com/rhynorater
Checkout NahamCon: https://bit.ly/42vnpMS
RiverLoop Security Write-up: https://bit.ly/3oSKL1o
Good Chip-Off Write-up: https://bit.ly/3IWym3q
Scratching chips to expose pins:
- https://bit.ly/45Tj21i
- https://bit.ly/3oJJt8Z
Chat with Corben on Degrees: https://youtu.be/N9P5PUx-PNQ?t=2311
Gareth Hayes Tweet: https://bit.ly/3qvFNYW
Huntress - John Hammond - MoveIt Response: https://bit.ly/42vTTXv
*NOTE*: The following links are Amazon Associate AFFILIATE LINKS, which means that we earn a percentage of qualifying purchases generated through their use
Critical Thinking HW Hacking Setup:
Handy Hands: https://amzn.to/3WU6bHT
AllSocket eMMC Chip Reader: https://amzn.to/3WWizHj
MultiMeter: https://amzn.to/43qqI9B
T56: https://amzn.to/43rUMl0
Analog Discovery 2 Logic Analyzer: https://amzn.to/3IYFps4
Saleae Logic Analyzer:
https://amzn.to/3oWq4Bx
Soldering Pen:
https://amzn.to/3MYl5Zh
Soldering Mat:
https://amzn.to/3IWG7Gv
Hot Air Station:
https://amzn.to/3WTRNiU
USB SD Card Reader:
https://amzn.to/3qvEE3A
Solder:
https://amzn.to/3MYl5Zh
99% Isopropyl Alcohol:
https://amzn.to/3qo5DxM
Timestamps:
(00:00:00) Introduction
(01:03) NahamCon's Live Hacking Event and Justin's Presentation on PCI DSS
(02:40) Depreciation of Data URLs in SVG Use Element
(04:55) Gareth Hayes and knowledge sharing in the hacking community
(07:50) Move It vulnerability and and John Hammond’s epic 4 am rants
(12:18) Identifying promising leads in bug bounty hunting, and knowing when to move on
(Start of main content)
(21:40) Hardware Recon, and using Test Pins to Access EMMC Chip
(26:16) Identifying Chip Pinouts and Continuity Testing
(29:01) Using Logic Analyzers for Hardware Hacking
(33:01) Importance of Fundamental Knowledge in Hacking
(35:46) Replay Protected Memory Block Protocol
(40:00) Bug Bounty Programs and Hardware Testing Support
(41:05) Chip Pulling techniques and Essential Equipment for Hardware Hacking
(59:50) Tips for Buying Hardware Hacking Tools: Research and Specific Use Cases
(01:06:35) Hardware Hacking: Just scratching the surface.
(01:08:45) Vulnerability Disclaimer: Pulling OS from a chip does not constitute a Vulnerability.
