recentpopularlog in

whip_lash : hardware   35

USB-C Compliant Cables - Nexus 6p, Nexus 5x, and OnePlus 2 USB Cables
Not all usb-c cables are created the same. Benson Leung at Google has reviewed numerous cables, and there are quite a few non-compliant cables. These cables can result in weird, or even dangerous behavior.
cable  hardware  usb  usb-c 
may 2019 by whip_lash
GitHub - Coalfire-Research/DeathMetal: Red team & penetration testing tools to exploit the capabilities of Intel AMT
dm_pickles - Duckyscript interpreter that communicates over AMT KVM (vnc) and injects keystrokes.
dm_toki - IDE-R implementation - lets you attach floopy and CD images remotely to the target computer.
dm_nathan - Is a cli that allows for configuring AMT via authenticated channel
dm_rockso - Presence and version scanner, can help you find AMT capable systems regardless of provisioning status. (works even if explicitly not-enabled)
intel  amt  scanner  pentest  hardware  bmc 
april 2019 by whip_lash
The Cloud Is Just Someone Else's Computer
Given the prevalence and maturity of cloud providers, it's even a little controversial these days to colocate actual servers, but we've also experimented with colocating mini-pcs in various hosting roles. I'm still curious why there isn't more of a cottage industry for colocating mini PCs. Because … I think there should be.
cloud  hardware  hosting 
february 2019 by whip_lash
Smartwares C723IP Camera, 0-Day Vulnerabilities - Hardware - 0x00sec - The Home of the Hacker
Required Hardware:

USB to TTL converter.
You can get these pretty cheap on amazon (~$7): 5
If you don’t mind waiting a couple of weeks to receive it, you can order them on aliexpress for even cheaper (~$1): 2
The Bus Pirate and the Attify Badge also work. Although they are a fair bit more expensive due to their added compatibility with other protocols.
A basic Philips head screwdriver.
x3 male to female jumper cables.
iot  hardware 
december 2018 by whip_lash
ufrisk/pcileech: Direct Memory Access (DMA) Attack Software
PCILeech uses PCIe hardware devices to read and write from the target system memory. This is achieved by using DMA over PCIe. No drivers are needed on the target system.

PCILeech works without hardware together with memory dump files and the Windows 7/2008R2 x64 Total Meltdown / CVE-2018-1038 vulnerability.
memory  security  github  hardware 
june 2018 by whip_lash
As predicted, more branch prediction processor attacks are discovered | Ars Technica
The Spectre attacks, published earlier this year, take advantage of the speculative execution features of modern processors to leak sensitive information. The new attack, named BranchScope by the researchers, shares some similarity with variant 2 of the Spectre attack, as both BranchScope and Spectre 2 take advantage of the behavior of the processor's branch predictor.
cpu  hardware  branchscope  vulnerability 
march 2018 by whip_lash
Positive Technologies - learn and secure : How to Hack a Turned-off Computer, or Running Unsigned Code in Intel ME
After unpacking the executable modules, we proceeded to examine the software and hardware internals of Intel ME. Our efforts to understand the workings of ME were rewarded: ME was ultimately not so unapproachable as it had seemed.
exploit  intel  security  hardware 
january 2018 by whip_lash
Practical Reverse Engineering Part 1 - Hunting for Debug Ports · Hack The World
In this series of posts we’re gonna go through the process of Reverse Engineering a router. More specifically, a Huawei HG533.
electronics  hacking  hardware  reverseengineering  security 
january 2018 by whip_lash
New Intel AMT Security Issue Lets Hackers Gain Full Control of Laptops in 30 Seconds
To exploit this issue, all an attacker with physical access to a password (login and BIOS) protected machine needs to do is reboot or power-up the targeted PC and press CTRL-P during boot-up, as demonstrated by researchers at F-Secure in the above video.
hardware  bug  amt  intel 
january 2018 by whip_lash
‘It Can’t Be True.’ Inside the Semiconductor Industry’s Meltdown - Bloomberg
Fogh and Gruss stayed up late at night discussing the theoretical basis for what would later become Spectre and Meltdown. But, like Prescher more than a year later, the Graz team was skeptical this was a real flaw. Gruss recalls telling Fogh that the chipmakers would have uncovered such a glaring security hole during testing and would never have shipped chips with a vulnerability like that.

intel  hardware  bug  hacking 
january 2018 by whip_lash
Spectre and Meltdown Attacks - Schneier on Security
I'll be writing something for publication over the next few days. This post is basically just a link repository.
intel  hardware  bug  vulnerability 
january 2018 by whip_lash
Intel CEO reportedly sold shares after the company already knew about massive security flaws
Intel CEO Brian Krzanich sold off a large chunk of his stake in the company last year — after the chipmaker was already aware of serious security flaws in its computer processors, according to multiple reports.
intel  bug  vulnerability  hardware  fraud  corruption 
january 2018 by whip_lash
Why Intel's 2015 CPU bugs should make us expect worse bugs in the future
Anyway, back to 2015. We’ve seen at least two serious bugs in Intel CPUs in the last quarter3, and it’s almost certain there are more bugs lurking.

hardware  intel  security  bug  vulnerability 
january 2018 by whip_lash
Updated Home Theater PC Builds for 2017
I wanted to make it easy for you and help you from wasting your time and money on tedious research, so I have built and tested all these four builds.
hardware  htpc 
december 2017 by whip_lash
TREZOR vs. Ledger Nano S vs. KeepKey 2017
This comparison will show you which wallet is better in different categories for TREZOR vs. KeepKey vs. Ledger Nano S.
bitcoin  hardware 
december 2017 by whip_lash

Copy this bookmark:

to read