h4ck
a collection of writeups and tools related to ~embedded device ~hacking
shiny devices are fun, finding and poking holes in their interface is a lot of fun
devices
name | description | url |
---|---|---|
CUJO | purposeful MiTM device for internet 'security' | cujo |
LG webOS | HTTP phone home is never a good idea | lg-webOS |
HooToo TripMate series | there are lots of problems, some end up at root access | hootoo |
TriCascade i-Bright7x | work in progress, SSID password from MAC address, telnet but no access | i-Bright7x |
Lametric Time | WiFi/internet enabled clock/LED display, unnecessary services exposed, root access obtainable | lametric |
Philips Hue | device communication insecure, Ruby library/CLI to control via REST HTTP | hued |
RAV FileHub | a HooToo by any other name.. but with a twist | rav-filehub |
RevoLabs flx UC1000 | more than just brute forcing the PIN | revolabs-flx_uc_1000 |
Ubiquiti mFi mPower | root access trivially obtained, credential leakage, unnecessary services exposed | ubiquiti/mFi |
Belkin Weemo Mini | work in progress, recon mostly done | weemo |