Skip to content

A short security analysis of a well known chinese product via reverse engineering hardware

Notifications You must be signed in to change notification settings

jasonh9/butterBot

Repository files navigation

butterBot

Google Slides: https://docs.google.com/presentation/d/1kiUCLniX6IFEdwLSxteiGC2UPougrE_lKhMI2BsJy64/edit?usp=sharing

Abstract

Many manufactures "produce" similar products based off of each other's technologies, to combat this possible patent infringing activity companies are forced to set security measures to prevent this sort of criminal act. Despite these measures it is still possible to reverse engineer these products. The purpose of this article is to demonstrate how to reverse engineer a "secure" product and provide suggestions for potential additional security measures that can be used to prevent unauthorized attacks for future products. Additionally, I'll be showing the process of cross compiling some code from an x86 machine to an ARM architecture.

Discovery: { will update as soon as I find more vunerabilities }

  • Device is vulnerable to serial port jacking attacks
  • private SDK was leaked onto the open web
  • This product was a result of leaked intel
  • old passwords / usernames were saved within the device as plain text
  • was able to brute force shell login; best case: 6 hrs

About

A short security analysis of a well known chinese product via reverse engineering hardware

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published