SlideShare une entreprise Scribd logo

Hardware-Hacking-101 By Asutosh Kumar.pdf

null - The Open Security Community
null - The Open Security Community

Talk on "Beginners guide to Hardware Hacking" by "Asutosh Kumar" at null/OWASP Kolkata Meetup on 27 January 2024

Technologie
1  sur  25
Télécharger pour lire hors ligne
Beginner’s Guide to Hardware Hacking Asutosh Kumar
Asutosh Kumar (h4ckibl3) Electronics Undegrad. Noob , Learning everyday Cyber Security Lead @bytelabs Author @autosecurityy Find me making memes for security conferences $ ./about-me.sh
Hardware != Iot
What is Hardware Hacking ? Hardware hacking, in simple terms, refers to the process of manipulating or modifying electronic hardware to achieve a desired outcome that may not have been originally intended by the manufacturer. Hardware hacking can be done for various reasons, including: Customization Exploration and Learning Security Testing Creating Unofficial Modifications
Fundamentals Level - 1
Hardware Tools Multimeter A multimeter is like a detective tool for electronics. It helps us check and measure things in circuits, like how much electricity is there (voltage), how hard it is for electricity to flow (resistance), and whether the path for electricity is clear (continuity). It's like a super-spy for understanding and fixing electrical stuff! Soldering Kit / Desoldering Pump Screwdriver Set Wires/Jumper Wires Vise Stand Brain !!
Basic Electronics 1. Resistor: It adds resistance between two components. It is measured in ohms. 2. Capacitor: It charges and discharges in specific interval of time and used to stabilize the power supply in Circuit. It is measured in farad. 3. Inductors: They are used for filtering and smoothing high-frequency noise in the circuit using electromagnetic discharge. It is measured in Henry. 4. IC: Integrated Circuits is a set of electronic circuits on small pieces of silicon. 5. EEPROM (Electrically Erasable Programmable Read-Only Memory): Embedded devices use these as a means of storage. 6. Transformers: They are used to convert voltage levels. Mostly used for converting AC mains to DC supply with some extra circuitry. 7. Microcontroller/Microprocessor: It is a tiny little computer on a single metal-oxidesemiconductor (MOS) integrated circuit (IC) chip. 8. SoC (System on Chip): They can be just a Processor or Processor + memory + peripherals. 9. Transistor,Battery,PCB
Packages Through Hole Mount Package Surface Mount Package
? ? Bored ????
through-hole surface-mount Bored ????
Where to mount all this stuff ? PCB (Printed Circuit Board)
Recon Time
DLINK DIR-806 IN
External Inspection Buttons Ports , Sd card slot Fcc id Why i shared this image here ? JMR 540/Jio fi 3
Internal Inspection PCB Board analysis Datasheets Debug ports (UART,JTAG SPI & I2C) Pinouts
UART
UART UART(Universal Asynchronous Receiver-Transmitter) is one of the most often used communication protocols in embedded devices. It converts the parallel data it receives into a serial bit stream of data that may possibly be interacted with more easily. The transmitting UART translates parallel data from a controlling device, such as a CPU, into serial data, which it then sends in serial to the receiving UART. Which turns the serial data back into parallel for the receiving device. serial communication with two wire protocol no ACK protocol easiest and simple way to transfer data directly to and from microcontrollers without the need of any device in between
UART Transmitting UART converts parallel data into serial and transmits Receiving UART converts received serial data into parallel Possible Attacks Getting root shell Smiffing comm.
What we need to know and do ? Pin Identification (GND,VCC,TX,RX) Baudrate (9600,11400) Pin Identification Manual Identification Automated Identification
Identifying GND power off the device , set the multimeter to conitinuity red probe on the pins , black probe on any metallic surface if it beeps boom , you got the gnd Identifying VCC power on the device , set the multimeter to voltage test red probe on the pins , black probe on the gnd i.e. ground. if it shows a voltage around 3.3v it’s vcc
Identifying Tx power on the device , set the multimeter to voltage test immediate test required red probe on the pins , black probe on the mettalic surface if it shows a changing voltage it’s tx Identifying Rx i want to learn this from you guyz :)
Getting Access Access the port via /dev/ttyUSB0 Power on the device and run a serial console utility Screen / Minicom screen - screen /dev/ttyUSB0 115200 minicom - minicom -b 9600 -D /dev/ttyUSB0 -b (baudrate) , -D (device) wait for a while and you got the access , try further expoiting it if you want to in this premises nothing is allowed.
Special thanks to Null And Owasp Kolkata Arindam Halder Souvik Roy Tanmay Bhattacharjee Soummya Mukhopadhyay

Recommandé

Arduino Workshop Day 1 - Basic Arduino
Arduino Workshop Day 1 - Basic ArduinoArduino Workshop Day 1 - Basic Arduino
Arduino Workshop Day 1 - Basic ArduinoVishnu
 
Intro_to_Arduino_-_v30.pptx
Intro_to_Arduino_-_v30.pptxIntro_to_Arduino_-_v30.pptx
Intro_to_Arduino_-_v30.pptxCephasMpandikaKalemb
 
Home Automation System
Home Automation SystemHome Automation System
Home Automation SystemMOHAMMAD TANVEER
 
Hardware hacking 101
Hardware hacking 101Hardware hacking 101
Hardware hacking 101Tiago Henriques
 
Chapter 4 Questions April
Chapter 4 Questions AprilChapter 4 Questions April
Chapter 4 Questions Aprilguestbf9301a
 
Chuan giao tiep rs232
Chuan giao tiep rs232Chuan giao tiep rs232
Chuan giao tiep rs232Đức Hữu
 
IDT Wireless Power IDTP9020, IDTP9030 IC and Evaluation Kit Overview
IDT Wireless Power IDTP9020, IDTP9030 IC and Evaluation Kit OverviewIDT Wireless Power IDTP9020, IDTP9030 IC and Evaluation Kit Overview
IDT Wireless Power IDTP9020, IDTP9030 IC and Evaluation Kit OverviewIntegrated Device Technology
 
embedded system
embedded system embedded system
embedded system Gopal Dhaker
 

Recommandé

Arduino Workshop Day 1 - Basic Arduino
Arduino Workshop Day 1 - Basic ArduinoArduino Workshop Day 1 - Basic Arduino
Arduino Workshop Day 1 - Basic ArduinoVishnu
 
Intro_to_Arduino_-_v30.pptx
Intro_to_Arduino_-_v30.pptxIntro_to_Arduino_-_v30.pptx
Intro_to_Arduino_-_v30.pptxCephasMpandikaKalemb
 
Home Automation System
Home Automation SystemHome Automation System
Home Automation SystemMOHAMMAD TANVEER
 
Hardware hacking 101
Hardware hacking 101Hardware hacking 101
Hardware hacking 101Tiago Henriques
 
Chapter 4 Questions April
Chapter 4 Questions AprilChapter 4 Questions April
Chapter 4 Questions Aprilguestbf9301a
 
Chuan giao tiep rs232
Chuan giao tiep rs232Chuan giao tiep rs232
Chuan giao tiep rs232Đức Hữu
 
IDT Wireless Power IDTP9020, IDTP9030 IC and Evaluation Kit Overview
IDT Wireless Power IDTP9020, IDTP9030 IC and Evaluation Kit OverviewIDT Wireless Power IDTP9020, IDTP9030 IC and Evaluation Kit Overview
IDT Wireless Power IDTP9020, IDTP9030 IC and Evaluation Kit OverviewIntegrated Device Technology
 
embedded system
embedded system embedded system
embedded system Gopal Dhaker
 
ITE7Ch1.pdf
ITE7Ch1.pdfITE7Ch1.pdf
ITE7Ch1.pdfJuanFcoDoloresMarrer1
 
ACCELEROMETER BASED GESTURE ROBO CAR
ACCELEROMETER BASED GESTURE ROBO CARACCELEROMETER BASED GESTURE ROBO CAR
ACCELEROMETER BASED GESTURE ROBO CARHarshit Jain
 
A+ computer hardware slide
A+ computer hardware slideA+ computer hardware slide
A+ computer hardware slideRajendra Tete
 
microcontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptx
microcontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptxmicrocontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptx
microcontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptxrakeshkr4208
 
ELECTRONIC AND - Copy (1)
ELECTRONIC AND - Copy (1)ELECTRONIC AND - Copy (1)
ELECTRONIC AND - Copy (1)Abu Md Choudhury
 
Bluetooth Home Automation
Bluetooth Home AutomationBluetooth Home Automation
Bluetooth Home AutomationApoorv Gupta
 
Microcontrollers (Rex St. John)
Microcontrollers (Rex St. John)Microcontrollers (Rex St. John)
Microcontrollers (Rex St. John)Future Insights
 
Intro_to_Arduino_-_v30_1.pdf
Intro_to_Arduino_-_v30_1.pdfIntro_to_Arduino_-_v30_1.pdf
Intro_to_Arduino_-_v30_1.pdfclementlesiba
 
MAJOR PROJECT PPT
MAJOR PROJECT PPTMAJOR PROJECT PPT
MAJOR PROJECT PPTChaitanya S
 
IRJET- Arduino based Single Phase Fault Detection System using IoT
IRJET- Arduino based Single Phase Fault Detection System using IoTIRJET- Arduino based Single Phase Fault Detection System using IoT
IRJET- Arduino based Single Phase Fault Detection System using IoTIRJET Journal
 
Automatic Enable and Disable Speed Breaker
Automatic Enable and Disable Speed BreakerAutomatic Enable and Disable Speed Breaker
Automatic Enable and Disable Speed BreakerSai Kumar Vegireddy
 
Intro_to_Arduino_-_v30 (3).ppt
Intro_to_Arduino_-_v30 (3).pptIntro_to_Arduino_-_v30 (3).ppt
Intro_to_Arduino_-_v30 (3).pptHebaEng
 
IntrotoArduino.ppt
IntrotoArduino.pptIntrotoArduino.ppt
IntrotoArduino.pptRohanBorgalli
 
Arduino Introduction.ppt
Arduino Introduction.pptArduino Introduction.ppt
Arduino Introduction.pptssuser631ea0
 
IntrotoArduino.ppt
IntrotoArduino.pptIntrotoArduino.ppt
IntrotoArduino.pptTalhaShahid49
 
Intro to arduino
Intro to arduinoIntro to arduino
Intro to arduinoBHUPATICh
 
Intro_to_Arduino_-_v30.ppt
Intro_to_Arduino_-_v30.pptIntro_to_Arduino_-_v30.ppt
Intro_to_Arduino_-_v30.pptxdarlord
 
Intro_to_Arduino_-_v30dadasdadadadaasda.ppt
Intro_to_Arduino_-_v30dadasdadadadaasda.pptIntro_to_Arduino_-_v30dadasdadadadaasda.ppt
Intro_to_Arduino_-_v30dadasdadadadaasda.pptCarloCimacio
 
Introducttion to robotics and microcontrollers
Introducttion to robotics and microcontrollersIntroducttion to robotics and microcontrollers
Introducttion to robotics and microcontrollersSandeep Kamath
 
TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...
TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...
TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...JayPaulTBadenas
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxnull - The Open Security Community
 

Contenu connexe

Similaire à Hardware-Hacking-101 By Asutosh Kumar.pdf

ACCELEROMETER BASED GESTURE ROBO CAR
ACCELEROMETER BASED GESTURE ROBO CARACCELEROMETER BASED GESTURE ROBO CAR
ACCELEROMETER BASED GESTURE ROBO CARHarshit Jain
 
A+ computer hardware slide
A+ computer hardware slideA+ computer hardware slide
A+ computer hardware slideRajendra Tete
 
microcontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptx
microcontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptxmicrocontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptx
microcontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptxrakeshkr4208
 
Bluetooth Home Automation
Bluetooth Home AutomationBluetooth Home Automation
Bluetooth Home AutomationApoorv Gupta
 
Microcontrollers (Rex St. John)
Microcontrollers (Rex St. John)Microcontrollers (Rex St. John)
Microcontrollers (Rex St. John)Future Insights
 
Intro_to_Arduino_-_v30_1.pdf
Intro_to_Arduino_-_v30_1.pdfIntro_to_Arduino_-_v30_1.pdf
Intro_to_Arduino_-_v30_1.pdfclementlesiba
 
MAJOR PROJECT PPT
MAJOR PROJECT PPTMAJOR PROJECT PPT
MAJOR PROJECT PPTChaitanya S
 
IRJET- Arduino based Single Phase Fault Detection System using IoT
IRJET- Arduino based Single Phase Fault Detection System using IoTIRJET- Arduino based Single Phase Fault Detection System using IoT
IRJET- Arduino based Single Phase Fault Detection System using IoTIRJET Journal
 
Automatic Enable and Disable Speed Breaker
Automatic Enable and Disable Speed BreakerAutomatic Enable and Disable Speed Breaker
Automatic Enable and Disable Speed BreakerSai Kumar Vegireddy
 
Intro_to_Arduino_-_v30 (3).ppt
Intro_to_Arduino_-_v30 (3).pptIntro_to_Arduino_-_v30 (3).ppt
Intro_to_Arduino_-_v30 (3).pptHebaEng
 
Arduino Introduction.ppt
Arduino Introduction.pptArduino Introduction.ppt
Arduino Introduction.pptssuser631ea0
 
Intro to arduino
Intro to arduinoIntro to arduino
Intro to arduinoBHUPATICh
 
Intro_to_Arduino_-_v30.ppt
Intro_to_Arduino_-_v30.pptIntro_to_Arduino_-_v30.ppt
Intro_to_Arduino_-_v30.pptxdarlord
 
Intro_to_Arduino_-_v30dadasdadadadaasda.ppt
Intro_to_Arduino_-_v30dadasdadadadaasda.pptIntro_to_Arduino_-_v30dadasdadadadaasda.ppt
Intro_to_Arduino_-_v30dadasdadadadaasda.pptCarloCimacio
 
Introducttion to robotics and microcontrollers
Introducttion to robotics and microcontrollersIntroducttion to robotics and microcontrollers
Introducttion to robotics and microcontrollersSandeep Kamath
 
TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...
TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...
TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...JayPaulTBadenas
 

Similaire à Hardware-Hacking-101 By Asutosh Kumar.pdf (20)

ITE7Ch1.pdf
ITE7Ch1.pdfITE7Ch1.pdf
ITE7Ch1.pdf
 
ACCELEROMETER BASED GESTURE ROBO CAR
ACCELEROMETER BASED GESTURE ROBO CARACCELEROMETER BASED GESTURE ROBO CAR
ACCELEROMETER BASED GESTURE ROBO CAR
 
A+ computer hardware slide
A+ computer hardware slideA+ computer hardware slide
A+ computer hardware slide
 
microcontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptx
microcontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptxmicrocontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptx
microcontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptx
 
ELECTRONIC AND - Copy (1)
ELECTRONIC AND - Copy (1)ELECTRONIC AND - Copy (1)
ELECTRONIC AND - Copy (1)
 
Bluetooth Home Automation
Bluetooth Home AutomationBluetooth Home Automation
Bluetooth Home Automation
 
Microcontrollers (Rex St. John)
Microcontrollers (Rex St. John)Microcontrollers (Rex St. John)
Microcontrollers (Rex St. John)
 
Intro_to_Arduino_-_v30_1.pdf
Intro_to_Arduino_-_v30_1.pdfIntro_to_Arduino_-_v30_1.pdf
Intro_to_Arduino_-_v30_1.pdf
 
MAJOR PROJECT PPT
MAJOR PROJECT PPTMAJOR PROJECT PPT
MAJOR PROJECT PPT
 
IRJET- Arduino based Single Phase Fault Detection System using IoT
IRJET- Arduino based Single Phase Fault Detection System using IoTIRJET- Arduino based Single Phase Fault Detection System using IoT
IRJET- Arduino based Single Phase Fault Detection System using IoT
 
Automatic Enable and Disable Speed Breaker
Automatic Enable and Disable Speed BreakerAutomatic Enable and Disable Speed Breaker
Automatic Enable and Disable Speed Breaker
 
Intro_to_Arduino_-_v30 (3).ppt
Intro_to_Arduino_-_v30 (3).pptIntro_to_Arduino_-_v30 (3).ppt
Intro_to_Arduino_-_v30 (3).ppt
 
IntrotoArduino.ppt
IntrotoArduino.pptIntrotoArduino.ppt
IntrotoArduino.ppt
 
Arduino Introduction.ppt
Arduino Introduction.pptArduino Introduction.ppt
Arduino Introduction.ppt
 
IntrotoArduino.ppt
IntrotoArduino.pptIntrotoArduino.ppt
IntrotoArduino.ppt
 
Intro to arduino
Intro to arduinoIntro to arduino
Intro to arduino
 
Intro_to_Arduino_-_v30.ppt
Intro_to_Arduino_-_v30.pptIntro_to_Arduino_-_v30.ppt
Intro_to_Arduino_-_v30.ppt
 
Intro_to_Arduino_-_v30dadasdadadadaasda.ppt
Intro_to_Arduino_-_v30dadasdadadadaasda.pptIntro_to_Arduino_-_v30dadasdadadadaasda.ppt
Intro_to_Arduino_-_v30dadasdadadadaasda.ppt
 
Introducttion to robotics and microcontrollers
Introducttion to robotics and microcontrollersIntroducttion to robotics and microcontrollers
Introducttion to robotics and microcontrollers
 
TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...
TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...
TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...
 

Plus de null - The Open Security Community

Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdf
Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdfImmutable Desktop using Container Orchestration By Mohammed Danish Amber .pdf
Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdfnull - The Open Security Community
 
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdfDigital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdfnull - The Open Security Community
 
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...null - The Open Security Community
 
Reverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptx
Reverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptxReverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptx
Reverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptxnull - The Open Security Community
 
Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...null - The Open Security Community
 
Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptx
Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptxDemystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptx
Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptxnull - The Open Security Community
 

Plus de null - The Open Security Community (18)

Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
 
Demystifying-DNS-Attack-by-Rakesh Seal.pdf
Demystifying-DNS-Attack-by-Rakesh Seal.pdfDemystifying-DNS-Attack-by-Rakesh Seal.pdf
Demystifying-DNS-Attack-by-Rakesh Seal.pdf
 
Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdf
Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdfImmutable Desktop using Container Orchestration By Mohammed Danish Amber .pdf
Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdf
 
Recon for Bug Bounty by Agnibha Dutta.pdf
Recon for Bug Bounty by Agnibha Dutta.pdfRecon for Bug Bounty by Agnibha Dutta.pdf
Recon for Bug Bounty by Agnibha Dutta.pdf
 
A talk on OWASP Top 10 by Mukunda Tamly
A talk on OWASP Top 10 by Mukunda TamlyA talk on OWASP Top 10 by Mukunda Tamly
A talk on OWASP Top 10 by Mukunda Tamly
 
The Mysterious Paradigm of Fuzzing by Rakesh Seal
The Mysterious Paradigm of Fuzzing by Rakesh SealThe Mysterious Paradigm of Fuzzing by Rakesh Seal
The Mysterious Paradigm of Fuzzing by Rakesh Seal
 
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdfDigital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
 
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
 
Cyber_Forensics_in_the_New_Age_of_Cyber_Security.pdf
Cyber_Forensics_in_the_New_Age_of_Cyber_Security.pdfCyber_Forensics_in_the_New_Age_of_Cyber_Security.pdf
Cyber_Forensics_in_the_New_Age_of_Cyber_Security.pdf
 
GSM-CallFlowAndSecurity Features (2G-3G-4G).pptx
GSM-CallFlowAndSecurity Features (2G-3G-4G).pptxGSM-CallFlowAndSecurity Features (2G-3G-4G).pptx
GSM-CallFlowAndSecurity Features (2G-3G-4G).pptx
 
Reverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptx
Reverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptxReverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptx
Reverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptx
 
Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...
 
Evolution of Hacking- Ronit Chakraborty .pptx
Evolution of Hacking- Ronit Chakraborty .pptxEvolution of Hacking- Ronit Chakraborty .pptx
Evolution of Hacking- Ronit Chakraborty .pptx
 
Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptx
Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptxDemystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptx
Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptx
 
C&C Framework- Ayan Saha.pptx
C&C Framework- Ayan Saha.pptxC&C Framework- Ayan Saha.pptx
C&C Framework- Ayan Saha.pptx
 

Dernier

Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 

Dernier (20)

Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 

Hardware-Hacking-101 By Asutosh Kumar.pdf

  • 1. Beginner’s Guide to Hardware Hacking Asutosh Kumar
  • 2. Asutosh Kumar (h4ckibl3) Electronics Undegrad. Noob , Learning everyday Cyber Security Lead @bytelabs Author @autosecurityy Find me making memes for security conferences $ ./about-me.sh
  • 4. What is Hardware Hacking ? Hardware hacking, in simple terms, refers to the process of manipulating or modifying electronic hardware to achieve a desired outcome that may not have been originally intended by the manufacturer. Hardware hacking can be done for various reasons, including: Customization Exploration and Learning Security Testing Creating Unofficial Modifications
  • 6. Hardware Tools Multimeter A multimeter is like a detective tool for electronics. It helps us check and measure things in circuits, like how much electricity is there (voltage), how hard it is for electricity to flow (resistance), and whether the path for electricity is clear (continuity). It's like a super-spy for understanding and fixing electrical stuff! Soldering Kit / Desoldering Pump Screwdriver Set Wires/Jumper Wires Vise Stand Brain !!
  • 7. Basic Electronics 1. Resistor: It adds resistance between two components. It is measured in ohms. 2. Capacitor: It charges and discharges in specific interval of time and used to stabilize the power supply in Circuit. It is measured in farad. 3. Inductors: They are used for filtering and smoothing high-frequency noise in the circuit using electromagnetic discharge. It is measured in Henry. 4. IC: Integrated Circuits is a set of electronic circuits on small pieces of silicon. 5. EEPROM (Electrically Erasable Programmable Read-Only Memory): Embedded devices use these as a means of storage. 6. Transformers: They are used to convert voltage levels. Mostly used for converting AC mains to DC supply with some extra circuitry. 7. Microcontroller/Microprocessor: It is a tiny little computer on a single metal-oxidesemiconductor (MOS) integrated circuit (IC) chip. 8. SoC (System on Chip): They can be just a Processor or Processor + memory + peripherals. 9. Transistor,Battery,PCB
  • 8. Packages Through Hole Mount Package Surface Mount Package
  • 11. Where to mount all this stuff ? PCB (Printed Circuit Board)
  • 14. External Inspection Buttons Ports , Sd card slot Fcc id Why i shared this image here ? JMR 540/Jio fi 3
  • 15. Internal Inspection PCB Board analysis Datasheets Debug ports (UART,JTAG SPI & I2C) Pinouts
  • 16.
  • 17. UART
  • 18. UART UART(Universal Asynchronous Receiver-Transmitter) is one of the most often used communication protocols in embedded devices. It converts the parallel data it receives into a serial bit stream of data that may possibly be interacted with more easily. The transmitting UART translates parallel data from a controlling device, such as a CPU, into serial data, which it then sends in serial to the receiving UART. Which turns the serial data back into parallel for the receiving device. serial communication with two wire protocol no ACK protocol easiest and simple way to transfer data directly to and from microcontrollers without the need of any device in between
  • 19. UART Transmitting UART converts parallel data into serial and transmits Receiving UART converts received serial data into parallel Possible Attacks Getting root shell Smiffing comm.
  • 20. What we need to know and do ? Pin Identification (GND,VCC,TX,RX) Baudrate (9600,11400) Pin Identification Manual Identification Automated Identification
  • 21. Identifying GND power off the device , set the multimeter to conitinuity red probe on the pins , black probe on any metallic surface if it beeps boom , you got the gnd Identifying VCC power on the device , set the multimeter to voltage test red probe on the pins , black probe on the gnd i.e. ground. if it shows a voltage around 3.3v it’s vcc
  • 22. Identifying Tx power on the device , set the multimeter to voltage test immediate test required red probe on the pins , black probe on the mettalic surface if it shows a changing voltage it’s tx Identifying Rx i want to learn this from you guyz :)
  • 23. Getting Access Access the port via /dev/ttyUSB0 Power on the device and run a serial console utility Screen / Minicom screen - screen /dev/ttyUSB0 115200 minicom - minicom -b 9600 -D /dev/ttyUSB0 -b (baudrate) , -D (device) wait for a while and you got the access , try further expoiting it if you want to in this premises nothing is allowed.
  • 24.
  • 25. Special thanks to Null And Owasp Kolkata Arindam Halder Souvik Roy Tanmay Bhattacharjee Soummya Mukhopadhyay