TL;DR: First in a new series of short, IoT-related posts, this tells the story of a simple glitching attack we used to get a bootloader shell and ultimately root a device. IoT field notes is a new series of short stories about interesting (hopefully 🙂 ) observations, vulnerabilities and techniques, inspired directly from the IoT […]
Author Archives: Théo Rigas
Will they melt? Testing the resistance of flash memory chips
Firmware: the holy grail of most Internet of Things (IoT) security assessments! Sometimes, getting access to a device’s firmware can be as easy as visiting the vendor’s website. Other times, the only option is to dump it directly from the hardware, and this is where things get interesting. Some procedures used for dumping can expose […]
Enabling Verified boot on Raspberry Pi 3
TL;DR: Verified boot is a fundamental security technology and it is important to be able to experiment with it on easily accessible hardware. However, creating a Verified boot demo on a Raspberry Pi 3 is harder than it sounds. We set out to find resources on the internet. Unfortunately, some of these were outdated, others […]
