xiconfjs/h4ck

a collection of writeups and tools related to ~embedded device ~hacking

Go to file

Conor Horan-Kates c93140e85e adding a script to create a cpio		2017-02-21 17:43:39 -08:00
cujo	fixing typo	2017-02-20 11:50:36 -08:00
hootoo	updating the Hootoo writeup with some WIP IPCam notes	2016-07-19 07:04:53 -07:00
lg_webOS	mostly minor cleanup changes	2017-01-28 16:20:36 -08:00
lib	useful tools, probably should be part of ctf	2016-11-28 19:17:47 -08:00
mfi	this one was too easy	2017-02-20 11:52:29 -08:00
mifi	mostly minor cleanup changes	2017-01-28 16:20:36 -08:00
rav-filehub	fixing markdown	2016-07-08 21:11:36 -07:00
revolabs-flx_uc_1000	adding a script to create a cpio	2017-02-21 17:43:39 -08:00
.gitignore	added documentation for revolabs utilities, expanded writeup to include firmware digging	2017-02-18 13:50:30 -08:00
README.md	this one was too easy	2017-02-20 11:52:29 -08:00

README.md

h4ck

a collection of writeups and tools related to ~embedded device ~hacking

shiny devices are fun, finding and poking holes in their interface is a lot of fun

devices

name	description	url
CUJO	purposeful MiTM device for internet 'security'	cujo
LG webOS	HTTP phone home is never a good idea	lg-webOS
HooToo TripMate series	there are lots of problems, some end up at root access	hootoo
Ubiquity mFi mPower	root access trivially obtained, credential leakage, unnecessary services exposed	mFi
Philips Hue	device communication insecure, Ruby library/CLI to control via REST HTTP	hued
RAV FileHub	a HooToo by any other name.. but with a twist	rav-filehub
RevoLabs flx UC1000	more than just brute forcing the PIN	revolabs-flx_uc_1000