Hardware Hacking 101 – Lesson 3: Abusing UART (U Are RooT)

This topic contains 0 replies, has 1 voice, and was last updated by  Ian Sindermann 7 months, 1 week ago.

  • Author
    Posts
  • #170990
     Ian Sindermann 
    Participant

    Hardware Hacking 101 - Lesson 3: Abusing UART (U Are RooT)As a reminder, Lesson 1 was a primer on electronics and setting up your lab, and Lesson 2 was an introduction to classical hardware hacking. To get started with security-focused hardware hacking, let’s look at a pretty simple example: getting a root shell by breaking into U-Boot via a serial console. Basically, we’re just going to connect to a serial port, change a boot flag, and get a shell. Sounds simple, right? To some extent, it is! The only real hard parts are finding the serial port, determining the pinout, and determining the timing. No problem, right? By the end of this lesson, you’ll be abusing UART with the best of them.

    The unassuming target of this lesson is a Synology RT2600ac wireless router. This is one of the devices that the ISE Labs team assessed as part of our SOHO 2.0 project, but we had a bit of a problem. We had used the device but failed to record the credentials. And the reset button? Broken. This is where getting a hardware shell came in handy. By using a UART to get a shell, I was able to reset the password and get the assessment back on track. Hardware shells allow you to do so much more though, both in the context of repair and in the context of security. It’s a root shell, you can usually do whatever you like.

    [See the full article at: Hardware Hacking 101 – Lesson 3: Abusing UART (U Are RooT)]

You must be logged in to reply to this topic.

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?