h4ck
a collection of writeups and tools related to ~embedded device ~hacking
shiny devices are fun, finding and poking holes in their interface is a lot of fun
devices
| name | description | url |
|---|---|---|
| CUJO | purposeful MiTM device for internet 'security' | cujo |
| LG webOS | HTTP phone home is never a good idea | lg-webOS |
| HooToo TripMate series | there are lots of problems, some end up at root access | hootoo |
| TriCascade i-Bright7x | work in progress, SSID password from MAC address, telnet but no access | i-Bright7x |
| Lametric Time | WiFi/internet enabled clock/LED display, unnecessary services exposed, root access obtainable | lametric |
| Philips Hue | device communication insecure, Ruby library/CLI to control via REST HTTP | hued |
| RAV FileHub | a HooToo by any other name.. but with a twist | rav-filehub |
| RevoLabs flx UC1000 | more than just brute forcing the PIN | revolabs-flx_uc_1000 |
| Ubiquiti mFi mPower | root access trivially obtained, credential leakage, unnecessary services exposed | ubiquiti/mFi |
| Belkin Weemo Mini | work in progress, recon mostly done | weemo |