Episode 22: Chipping Away at Hardware Hacking

Episode 22: Chipping Away at Hardware Hacking

Episode 22: In this episode of Critical Thinking - Bug Bounty Podcast we talk about some basic/intermediate concepts related to Hardware Hacking. Specifically, we dive into extracting data from eMMC chips in order to get our hands on source code for IoT devices. Don't miss this episode packed with valuable insights, tips, and strategies for beginners and seasoned bug bounty hunters alike!

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

Checkout NahamCon:

https://bit.ly/42vnpMS

RiverLoop Security Write-up: https://bit.ly/3oSKL1o

Good Chip-Off Write-up:

https://bit.ly/3IWym3q

Scratching chips to expose pins:

https://bit.ly/45Tj21i

https://bit.ly/3oJJt8Z

Chat with Corben on Degrees: https://youtu.be/N9P5PUx-PNQ?t=2311

Gareth Hayes Tweet:

https://bit.ly/3qvFNYW

Huntress - John Hammond - MoveIt Response:

https://bit.ly/42vTTXv

Critical Thinking Hardware Hacking Setup - See the gear we're talking about (Affiliate links): https://linke.to/hardwarehackingset

Timestamps:

(00:00:00) Introduction

(01:03) NahamCon's Live Hacking Event and Justin's Presentation on PCI DSS

(02:40) Depreciation of Data URLs in SVG Use Element

(04:55) Gareth Hayes and knowledge sharing in the hacking community

(07:50) Move It vulnerability and and John Hammond’s epic 4 am rants

(12:18) Identifying promising leads in bug bounty hunting, and knowing when to move on

(Start of main content)

(21:40) Hardware Recon, and using Test Pins to Access EMMC Chip

(26:16) Identifying Chip Pinouts and Continuity Testing

(29:01) Using Logic Analyzers for Hardware Hacking

(33:01) Importance of Fundamental Knowledge in Hacking, and the benefits of understanding Electrical Engineering

(35:46) Replay Protected Memory Block Protocol

(40:00) Bug Bounty Programs and Hardware Testing Support

(41:05) Chip Pulling techniques and Essential Equipment for Hardware Hacking

(59:50) Tips for Buying Hardware Hacking Tools: Research and Specific Use Cases

(01:06:35) Hardware Hacking: Just scratching the surface.

(01:08:45) Vulnerability Disclaimer: Pulling OS from a chip does not constitute a Vulnerability.

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(181)

Episode 181: Bug Bounty Singularity

Episode 181: Bug Bounty Singularity

Episode 181: In this episode of Critical Thinking - Bug Bounty Podcast Joseph and XSSDoctor talk about building a Hackbot.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestion...

2 Jul 52min

Episode 180: State of Bug Bounty Maturity Posture Report

Episode 180: State of Bug Bounty Maturity Posture Report

Episode 180: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Steve Hernandez, founder of the Bug Bounty Maturity Framework (BBMF), to walk us through the inaugural State of B...

25 Jun 1h 12min

Episode 179: Maintaining Motivation in Post-AI Bug Bounty World

Episode 179: Maintaining Motivation in Post-AI Bug Bounty World

Episode 179: In this episode of Critical Thinking - Bug Bounty Podcast we talk about how to stay motivated and keep the vibes strong during this trying time for Bug Bounty.Follow us on twitter at: htt...

18 Jun 46min

Episode 178: 600k in ~3 months - BruteCat pt 2

Episode 178: 600k in ~3 months - BruteCat pt 2

Episode 178: In this episode of Critical Thinking - Bug Bounty Podcast we’re back with BruteCat to finish up our discussion on hacking Google. This week we hit AI.Follow us on twitter at: https://x.co...

11 Jun 1h 23min

Episode 177: 2x Google RCE with VRP Legend Brutecat

Episode 177: 2x Google RCE with VRP Legend Brutecat

Episode 177: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by BruteCat to talk about his journey hacking Google Cloud, Gmail, Youtube, and Google Phone.Follow us on twitter at...

4 Jun 1h 25min

Episode 176: 600+ CVEs on Adobe AEM with Jim Green (GreenJam)

Episode 176: 600+ CVEs on Adobe AEM with Jim Green (GreenJam)

Episode 176: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by top Adobe hacker Jim Green to deep-dive AEM. We talk through Sling selectors, Permissions, and how to spot AEM Re...

28 Mai 1h 50min

Episode 175: Rhyno’s Hackbot Setup, Sick Bugs, and ZDI Drama

Episode 175: Rhyno’s Hackbot Setup, Sick Bugs, and ZDI Drama

Episode 175: In this episode of Critical Thinking - Bug Bounty Podcast we’re comparing Hackbot setups and results. We also talk about some of the recent ZDI drama, as well as the importance of freakin...

21 Mai 49min

Episode 174: Saving Bug Bounty Programs + AMPScript, tessl & GPT-5.5

Episode 174: Saving Bug Bounty Programs + AMPScript, tessl & GPT-5.5

Episode 174: In this episode of Critical Thinking - Bug Bounty Podcast we follow up from last episode with some advice for BB platforms, as well as cover a slew of writeups from Searchlight Cyber, wat...

14 Mai 1h 9min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
teknisk-sett
tomprat-med-gunnar-tjomlid
rss-kunstig-intelligens-med-elisabeth-maren-og-morten
teknologi-og-mennesker
shifter
smart-forklart
energi-og-klima
elektropodden
rss-ai-forklart
rss-alt-som-gar-pa-strom
hans-petter-og-co
kortslutning
rss-digitaliseringspadden
rss-ki-praten
fornybaren
rss-snakk-om-sikkerhet
rss-alt-vi-kan
rss-bits-and-bytes-for-advokater