Sign up to save your podcasts
Or
Share Episode 22: Chipping Away at Hardware Hacking
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 22: Chipping Away at Hardware Hacking
Episode 22: In this episode of Critical Thinking - Bug Bounty Podcast we talk about some basic/intermediate concepts related to Hardware Hacking. Specifically, we dive into extracting data from eMMC chips in order to get our hands on source code for IoT devices. Don't miss this episode packed with valuable insights, tips, and strategies for beginners and seasoned bug bounty hunters alike!
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
Checkout NahamCon:
https://bit.ly/42vnpMS
RiverLoop Security Write-up: https://bit.ly/3oSKL1o
Good Chip-Off Write-up:
https://bit.ly/3IWym3q
Scratching chips to expose pins:
https://bit.ly/45Tj21i
https://bit.ly/3oJJt8Z
Chat with Corben on Degrees: https://youtu.be/N9P5PUx-PNQ?t=2311
Gareth Hayes Tweet:
https://bit.ly/3qvFNYW
Huntress - John Hammond - MoveIt Response:
https://bit.ly/42vTTXv
Critical Thinking Hardware Hacking Setup - See the gear we're talking about (Affiliate links): https://linke.to/hardwarehackingset
Timestamps:
(00:00:00) Introduction
(01:03) NahamCon's Live Hacking Event and Justin's Presentation on PCI DSS
(02:40) Depreciation of Data URLs in SVG Use Element
(04:55) Gareth Hayes and knowledge sharing in the hacking community
(07:50) Move It vulnerability and and John Hammond’s epic 4 am rants
(12:18) Identifying promising leads in bug bounty hunting, and knowing when to move on
(Start of main content)
(21:40) Hardware Recon, and using Test Pins to Access EMMC Chip
(26:16) Identifying Chip Pinouts and Continuity Testing
(29:01) Using Logic Analyzers for Hardware Hacking
(33:01) Importance of Fundamental Knowledge in Hacking, and the benefits of understanding Electrical Engineering
(35:46) Replay Protected Memory Block Protocol
(40:00) Bug Bounty Programs and Hardware Testing Support
(41:05) Chip Pulling techniques and Essential Equipment for Hardware Hacking
(59:50) Tips for Buying Hardware Hacking Tools: Research and Specific Use Cases
(01:06:35) Hardware Hacking: Just scratching the surface.
(01:08:45) Vulnerability Disclaimer: Pulling OS from a chip does not constitute a Vulnerability.
View all episodes
By Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)
5
4545 ratings
Episode 22: In this episode of Critical Thinking - Bug Bounty Podcast we talk about some basic/intermediate concepts related to Hardware Hacking. Specifically, we dive into extracting data from eMMC chips in order to get our hands on source code for IoT devices. Don't miss this episode packed with valuable insights, tips, and strategies for beginners and seasoned bug bounty hunters alike!
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
Checkout NahamCon:
https://bit.ly/42vnpMS
RiverLoop Security Write-up: https://bit.ly/3oSKL1o
Good Chip-Off Write-up:
https://bit.ly/3IWym3q
Scratching chips to expose pins:
https://bit.ly/45Tj21i
https://bit.ly/3oJJt8Z
Chat with Corben on Degrees: https://youtu.be/N9P5PUx-PNQ?t=2311
Gareth Hayes Tweet:
https://bit.ly/3qvFNYW
Huntress - John Hammond - MoveIt Response:
https://bit.ly/42vTTXv
Critical Thinking Hardware Hacking Setup - See the gear we're talking about (Affiliate links): https://linke.to/hardwarehackingset
Timestamps:
(00:00:00) Introduction
(01:03) NahamCon's Live Hacking Event and Justin's Presentation on PCI DSS
(02:40) Depreciation of Data URLs in SVG Use Element
(04:55) Gareth Hayes and knowledge sharing in the hacking community
(07:50) Move It vulnerability and and John Hammond’s epic 4 am rants
(12:18) Identifying promising leads in bug bounty hunting, and knowing when to move on
(Start of main content)
(21:40) Hardware Recon, and using Test Pins to Access EMMC Chip
(26:16) Identifying Chip Pinouts and Continuity Testing
(29:01) Using Logic Analyzers for Hardware Hacking
(33:01) Importance of Fundamental Knowledge in Hacking, and the benefits of understanding Electrical Engineering
(35:46) Replay Protected Memory Block Protocol
(40:00) Bug Bounty Programs and Hardware Testing Support
(41:05) Chip Pulling techniques and Essential Equipment for Hardware Hacking
(59:50) Tips for Buying Hardware Hacking Tools: Research and Specific Use Cases
(01:06:35) Hardware Hacking: Just scratching the surface.
(01:08:45) Vulnerability Disclaimer: Pulling OS from a chip does not constitute a Vulnerability.
More shows like Critical Thinking - Bug Bounty Podcast
View all
Risky Business
363 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
633 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
372 Listeners
Hacked
174 Listeners
CyberWire Daily
1,006 Listeners
Smashing Security
313 Listeners
Click Here
388 Listeners
Malicious Life
926 Listeners
Darknet Diaries
7,787 Listeners
Cybersecurity Today
141 Listeners
CISO Series Podcast
187 Listeners
Hacking Humans
313 Listeners
Cyber Security Headlines
120 Listeners
Bug Bounty Reports Discussed
4 Listeners
Risky Bulletin
33 Listeners