Do Your Research

7 Comments

We were talking about a sweet hack this week, wherein [Alex] busts the encryption for his IP web cam firmware so that he can modify it later. He got a number of lucky breaks, including getting root on the device just by soldering on a serial terminal, but was faced with having to reverse-engineer a binary that implemented RSA encryption and decryption.

Especially when they’re done right, and written to avoid side-channel attacks, encryption routines aren’t intuitive, even when you’re looking at the C source. Reversing it from the binary would be a tremendous hurdle.

That’s when [Alex] started plugging in strings he found in the binary into a search engine. And that’s when he found exactly the open source project that the webcam used, which gave him the understanding he needed to crack the rest of the nut.

Never forget! When you’re doing some reverse engineering, whether hardware or software, do a search for every part number and every string you find in memory. If you’re like me, it might feel like cheating a little bit, but it’s just being efficient. It’s what all your hacker heroes say they do, and if you’re lucky, it might just be the break you need too.

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

7 thoughts on “Do Your Research

  1. Pro Tip: If you want to know when someone is reverse engineering your firmware, add ‘interesting strings’ to your binary, and setup a web site indexed by the major search engines containing those strings. Monitor who visits your server.

    Extra credit for embedding those strings within lightly encrypted areas of the binary, so you can identify how far someone has gotten into their research.

    Report comment
    Reply

    3. iirc the storm botnet had a similar defence mechanism. you could visit its command and control IP address once, but if you did it multiple times it would scale up a denial of service attack until your entire service provider went down.

      Report comment
      Reply

  3. Affidavit legal homework important.

    July 20, 2024 at 08:29

    Driver vision tester hacked to make senior citizens fail by showing VERY SNALL letters defeated in New Mexico in 2024. Refusal to take vision tester test led to 2024 driver license renewal audio.
    https://prosefights2.org/irp2023/p071824/olguin.mp3

    Use of affidavits attesting to rigged vision testers essential step to defeat those who unjustly want to remove your diving license. Read affidavits:

    here.https://prosefights2.org/irp2023/mvdnow4.htm

    Report comment
    Reply

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.