- binwalk, floss, and strings for firmware analysis.
- Damn Vulnerable Router Firmware (DVRF)
- AFL - American fuzzy loop (fuzzer software w/ great docs)
- Unicorn CPU Emulator, good for emulating arbitrary IoT binaries
- QEMU emulator/hypervisor (natoriously hard to get running)
- JTAGulator for on-chip debugging
- Peanuter UPNP talk (that I missed, arg!) http://upnp.thotcon.org
Brannon Dorsey brannondorsey
📡
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // JS in index.html | |
| DNSRebindAttack.getLocalIPAddress() | |
| .then(ip => launchRebindAttack(ip)) | |
| .catch(err => { | |
| console.error(err) | |
| // Looks like our nifty WebRTC leak trick didn't work | |
| // No biggie, most home networks are 192.168.1.1/24 anyway. | |
| launchRebindAttack('192.168.1.1') | |
| }) |
Turns out, UPnP is terrible when it comes to security. The entire protocol exists to have devices easily find and connect to one another without any authentication at all. This is all good fun to poke around with. Here are a few tools and notes I've found along the way.
UPnP devices can be found by listening to UDP packets on port 1900. To actively discover these services on your network, send an HTTP M-SEARCH request to the default UDP mulicast address: 239.255.255.250.
There are some great Linux tools that make interfacing with all of these stuff a synch:
sudo apt update
brannondorsey
/ building-cloakcoin-qt-v2.1.0-on-linux.md
Last active
February 25, 2018 00:45
Building cloakcoin-qt v2.1.0 on Ubuntu 16.04
These are some loose instructions for building the CloakCoin QT GUI (v2.1.0) on Ubuntu 16.04. I have informally tested this process once myself when building the application from source. You're mileage may vary.
# install git if you don't already have it
sudo apt install git
# clone the CloakCoin repository from GitHub
git clone https://github.com/CloakProject/CloakCoin
cd CloakCoin
brannondorsey
/ recon_methods.sh
Last active
December 4, 2022 22:54
Red teaming reconnaissance and information gathering techniques
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # define your target | |
| export TARGET = brannon.online | |
| # perform a whois lookup | |
| whois $TARGET | |
| # do a dns lookup | |
| nslookup $TARGET | |
| # here we find that 34.201.87.194 is the | |
| # true IP address of the $TARGET |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| dd if=/dev/zero bs=1M count=1024 > 1GB-noise.bin |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Launch and installation and its subprocesses. If the subprocesses | |
| # go down, re-launch them individually. If this script receives a | |
| # shutdown signal (Ctrl-c, etc...), kill the child processes. | |
| function on_exit() { | |
| kill $BACKEND_PID $FRONTEND_PID | |
| exit 0 | |
| } |
In my experience with Elo (and likely other) touch screens, if the display is rotated and this is accounted for in the display settings, the display looks correct but touch events are inverted. Tested with Ubuntu 16.04. Info from here.
Edit /usr/share/X11/xorg.conf.d/10-evdev.conf, changing:
Section "InputClass"
Identifier "evdev touchscreen catchall"
MatchIsTouchscreen "on"
MatchDevicePath "/dev/input/event*"
Driver "evdev"
brannondorsey
/ README.md
Last active
May 11, 2023 08:35
Ubuntu internet sharing and LAN over Ethernet between two+ machines
Its easy to setup a LAN between two Ubuntu machines connected over ethernet. If one of those machines, which we will call the server, is also connected to the internet via another device (like a wireless card) it will automagically share its internet connection as well. Begin by connecting the client and server machines via ethernet.
On the server machine, click the network icon on the top right and select "Edit Connections > Wired connection 1 > Edit > IPv4 Settings" and change "Method" to "Shared to other computers". Then open the network icon menu again and click "Wired connection 1" to ensure that the connection has been established. Running ifconfig in the terminal should show that the wired interface has an ip address.
On the client machine, click the network icon on the top right and select "Wired connection 1". All done. Run ifconfig on this machine as well to see the ip address you've been assigned.
# https://unix.stackexchange.com/questions/5010/how-can-i-count-the-number-of-different-characters-in-a-file
# works for linux. There is a variation for MacOS in the link ^
sed 's/\(.\)/\1\n/g' text.txt | sort | uniq -c # sort -nr # uncomment this to sort the list by frequency