SlideShare a Scribd company logo

Hardware-Hacking-101 By Asutosh Kumar.pdf

null - The Open Security Community
null - The Open Security Community

Talk on "Beginners guide to Hardware Hacking" by "Asutosh Kumar" at null/OWASP Kolkata Meetup on 27 January 2024

Technology
1 of 25
Download to read offline
Beginner’s Guide to Hardware Hacking Asutosh Kumar
Asutosh Kumar (h4ckibl3) Electronics Undegrad. Noob , Learning everyday Cyber Security Lead @bytelabs Author @autosecurityy Find me making memes for security conferences $ ./about-me.sh
Hardware != Iot
What is Hardware Hacking ? Hardware hacking, in simple terms, refers to the process of manipulating or modifying electronic hardware to achieve a desired outcome that may not have been originally intended by the manufacturer. Hardware hacking can be done for various reasons, including: Customization Exploration and Learning Security Testing Creating Unofficial Modifications
Fundamentals Level - 1
Hardware Tools Multimeter A multimeter is like a detective tool for electronics. It helps us check and measure things in circuits, like how much electricity is there (voltage), how hard it is for electricity to flow (resistance), and whether the path for electricity is clear (continuity). It's like a super-spy for understanding and fixing electrical stuff! Soldering Kit / Desoldering Pump Screwdriver Set Wires/Jumper Wires Vise Stand Brain !!
Basic Electronics 1. Resistor: It adds resistance between two components. It is measured in ohms. 2. Capacitor: It charges and discharges in specific interval of time and used to stabilize the power supply in Circuit. It is measured in farad. 3. Inductors: They are used for filtering and smoothing high-frequency noise in the circuit using electromagnetic discharge. It is measured in Henry. 4. IC: Integrated Circuits is a set of electronic circuits on small pieces of silicon. 5. EEPROM (Electrically Erasable Programmable Read-Only Memory): Embedded devices use these as a means of storage. 6. Transformers: They are used to convert voltage levels. Mostly used for converting AC mains to DC supply with some extra circuitry. 7. Microcontroller/Microprocessor: It is a tiny little computer on a single metal-oxidesemiconductor (MOS) integrated circuit (IC) chip. 8. SoC (System on Chip): They can be just a Processor or Processor + memory + peripherals. 9. Transistor,Battery,PCB
Packages Through Hole Mount Package Surface Mount Package
? ? Bored ????
through-hole surface-mount Bored ????
Where to mount all this stuff ? PCB (Printed Circuit Board)
Recon Time
DLINK DIR-806 IN
External Inspection Buttons Ports , Sd card slot Fcc id Why i shared this image here ? JMR 540/Jio fi 3
Internal Inspection PCB Board analysis Datasheets Debug ports (UART,JTAG SPI & I2C) Pinouts
UART
UART UART(Universal Asynchronous Receiver-Transmitter) is one of the most often used communication protocols in embedded devices. It converts the parallel data it receives into a serial bit stream of data that may possibly be interacted with more easily. The transmitting UART translates parallel data from a controlling device, such as a CPU, into serial data, which it then sends in serial to the receiving UART. Which turns the serial data back into parallel for the receiving device. serial communication with two wire protocol no ACK protocol easiest and simple way to transfer data directly to and from microcontrollers without the need of any device in between
UART Transmitting UART converts parallel data into serial and transmits Receiving UART converts received serial data into parallel Possible Attacks Getting root shell Smiffing comm.
What we need to know and do ? Pin Identification (GND,VCC,TX,RX) Baudrate (9600,11400) Pin Identification Manual Identification Automated Identification
Identifying GND power off the device , set the multimeter to conitinuity red probe on the pins , black probe on any metallic surface if it beeps boom , you got the gnd Identifying VCC power on the device , set the multimeter to voltage test red probe on the pins , black probe on the gnd i.e. ground. if it shows a voltage around 3.3v it’s vcc
Identifying Tx power on the device , set the multimeter to voltage test immediate test required red probe on the pins , black probe on the mettalic surface if it shows a changing voltage it’s tx Identifying Rx i want to learn this from you guyz :)
Getting Access Access the port via /dev/ttyUSB0 Power on the device and run a serial console utility Screen / Minicom screen - screen /dev/ttyUSB0 115200 minicom - minicom -b 9600 -D /dev/ttyUSB0 -b (baudrate) , -D (device) wait for a while and you got the access , try further expoiting it if you want to in this premises nothing is allowed.
Special thanks to Null And Owasp Kolkata Arindam Halder Souvik Roy Tanmay Bhattacharjee Soummya Mukhopadhyay

Recommended

Arduino Workshop Day 1 - Basic Arduino
Arduino Workshop Day 1 - Basic ArduinoArduino Workshop Day 1 - Basic Arduino
Arduino Workshop Day 1 - Basic ArduinoVishnu
 
Intro_to_Arduino_-_v30.pptx
Intro_to_Arduino_-_v30.pptxIntro_to_Arduino_-_v30.pptx
Intro_to_Arduino_-_v30.pptxCephasMpandikaKalemb
 
Home Automation System
Home Automation SystemHome Automation System
Home Automation SystemMOHAMMAD TANVEER
 
Hardware hacking 101
Hardware hacking 101Hardware hacking 101
Hardware hacking 101Tiago Henriques
 
Chapter 4 Questions April
Chapter 4 Questions AprilChapter 4 Questions April
Chapter 4 Questions Aprilguestbf9301a
 
Chuan giao tiep rs232
Chuan giao tiep rs232Chuan giao tiep rs232
Chuan giao tiep rs232Đức Hữu
 
IDT Wireless Power IDTP9020, IDTP9030 IC and Evaluation Kit Overview
IDT Wireless Power IDTP9020, IDTP9030 IC and Evaluation Kit OverviewIDT Wireless Power IDTP9020, IDTP9030 IC and Evaluation Kit Overview
IDT Wireless Power IDTP9020, IDTP9030 IC and Evaluation Kit OverviewIntegrated Device Technology
 
embedded system
embedded system embedded system
embedded system Gopal Dhaker
 

Recommended

Arduino Workshop Day 1 - Basic Arduino
Arduino Workshop Day 1 - Basic ArduinoArduino Workshop Day 1 - Basic Arduino
Arduino Workshop Day 1 - Basic ArduinoVishnu
 
Intro_to_Arduino_-_v30.pptx
Intro_to_Arduino_-_v30.pptxIntro_to_Arduino_-_v30.pptx
Intro_to_Arduino_-_v30.pptxCephasMpandikaKalemb
 
Home Automation System
Home Automation SystemHome Automation System
Home Automation SystemMOHAMMAD TANVEER
 
Hardware hacking 101
Hardware hacking 101Hardware hacking 101
Hardware hacking 101Tiago Henriques
 
Chapter 4 Questions April
Chapter 4 Questions AprilChapter 4 Questions April
Chapter 4 Questions Aprilguestbf9301a
 
Chuan giao tiep rs232
Chuan giao tiep rs232Chuan giao tiep rs232
Chuan giao tiep rs232Đức Hữu
 
IDT Wireless Power IDTP9020, IDTP9030 IC and Evaluation Kit Overview
IDT Wireless Power IDTP9020, IDTP9030 IC and Evaluation Kit OverviewIDT Wireless Power IDTP9020, IDTP9030 IC and Evaluation Kit Overview
IDT Wireless Power IDTP9020, IDTP9030 IC and Evaluation Kit OverviewIntegrated Device Technology
 
embedded system
embedded system embedded system
embedded system Gopal Dhaker
 
ITE7Ch1.pdf
ITE7Ch1.pdfITE7Ch1.pdf
ITE7Ch1.pdfJuanFcoDoloresMarrer1
 
ACCELEROMETER BASED GESTURE ROBO CAR
ACCELEROMETER BASED GESTURE ROBO CARACCELEROMETER BASED GESTURE ROBO CAR
ACCELEROMETER BASED GESTURE ROBO CARHarshit Jain
 
A+ computer hardware slide
A+ computer hardware slideA+ computer hardware slide
A+ computer hardware slideRajendra Tete
 
microcontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptx
microcontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptxmicrocontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptx
microcontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptxrakeshkr4208
 
ELECTRONIC AND - Copy (1)
ELECTRONIC AND - Copy (1)ELECTRONIC AND - Copy (1)
ELECTRONIC AND - Copy (1)Abu Md Choudhury
 
Bluetooth Home Automation
Bluetooth Home AutomationBluetooth Home Automation
Bluetooth Home AutomationApoorv Gupta
 
Microcontrollers (Rex St. John)
Microcontrollers (Rex St. John)Microcontrollers (Rex St. John)
Microcontrollers (Rex St. John)Future Insights
 
Intro_to_Arduino_-_v30_1.pdf
Intro_to_Arduino_-_v30_1.pdfIntro_to_Arduino_-_v30_1.pdf
Intro_to_Arduino_-_v30_1.pdfclementlesiba
 
MAJOR PROJECT PPT
MAJOR PROJECT PPTMAJOR PROJECT PPT
MAJOR PROJECT PPTChaitanya S
 
IRJET- Arduino based Single Phase Fault Detection System using IoT
IRJET- Arduino based Single Phase Fault Detection System using IoTIRJET- Arduino based Single Phase Fault Detection System using IoT
IRJET- Arduino based Single Phase Fault Detection System using IoTIRJET Journal
 
Automatic Enable and Disable Speed Breaker
Automatic Enable and Disable Speed BreakerAutomatic Enable and Disable Speed Breaker
Automatic Enable and Disable Speed BreakerSai Kumar Vegireddy
 
Intro_to_Arduino_-_v30 (3).ppt
Intro_to_Arduino_-_v30 (3).pptIntro_to_Arduino_-_v30 (3).ppt
Intro_to_Arduino_-_v30 (3).pptHebaEng
 
IntrotoArduino.ppt
IntrotoArduino.pptIntrotoArduino.ppt
IntrotoArduino.pptRohanBorgalli
 
Arduino Introduction.ppt
Arduino Introduction.pptArduino Introduction.ppt
Arduino Introduction.pptssuser631ea0
 
IntrotoArduino.ppt
IntrotoArduino.pptIntrotoArduino.ppt
IntrotoArduino.pptTalhaShahid49
 
Intro to arduino
Intro to arduinoIntro to arduino
Intro to arduinoBHUPATICh
 
Intro_to_Arduino_-_v30.ppt
Intro_to_Arduino_-_v30.pptIntro_to_Arduino_-_v30.ppt
Intro_to_Arduino_-_v30.pptxdarlord
 
Intro_to_Arduino_-_v30dadasdadadadaasda.ppt
Intro_to_Arduino_-_v30dadasdadadadaasda.pptIntro_to_Arduino_-_v30dadasdadadadaasda.ppt
Intro_to_Arduino_-_v30dadasdadadadaasda.pptCarloCimacio
 
Introducttion to robotics and microcontrollers
Introducttion to robotics and microcontrollersIntroducttion to robotics and microcontrollers
Introducttion to robotics and microcontrollersSandeep Kamath
 
TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...
TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...
TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...JayPaulTBadenas
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxnull - The Open Security Community
 

More Related Content

Similar to Hardware-Hacking-101 By Asutosh Kumar.pdf

ACCELEROMETER BASED GESTURE ROBO CAR
ACCELEROMETER BASED GESTURE ROBO CARACCELEROMETER BASED GESTURE ROBO CAR
ACCELEROMETER BASED GESTURE ROBO CARHarshit Jain
 
A+ computer hardware slide
A+ computer hardware slideA+ computer hardware slide
A+ computer hardware slideRajendra Tete
 
microcontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptx
microcontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptxmicrocontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptx
microcontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptxrakeshkr4208
 
Bluetooth Home Automation
Bluetooth Home AutomationBluetooth Home Automation
Bluetooth Home AutomationApoorv Gupta
 
Microcontrollers (Rex St. John)
Microcontrollers (Rex St. John)Microcontrollers (Rex St. John)
Microcontrollers (Rex St. John)Future Insights
 
Intro_to_Arduino_-_v30_1.pdf
Intro_to_Arduino_-_v30_1.pdfIntro_to_Arduino_-_v30_1.pdf
Intro_to_Arduino_-_v30_1.pdfclementlesiba
 
MAJOR PROJECT PPT
MAJOR PROJECT PPTMAJOR PROJECT PPT
MAJOR PROJECT PPTChaitanya S
 
IRJET- Arduino based Single Phase Fault Detection System using IoT
IRJET- Arduino based Single Phase Fault Detection System using IoTIRJET- Arduino based Single Phase Fault Detection System using IoT
IRJET- Arduino based Single Phase Fault Detection System using IoTIRJET Journal
 
Automatic Enable and Disable Speed Breaker
Automatic Enable and Disable Speed BreakerAutomatic Enable and Disable Speed Breaker
Automatic Enable and Disable Speed BreakerSai Kumar Vegireddy
 
Intro_to_Arduino_-_v30 (3).ppt
Intro_to_Arduino_-_v30 (3).pptIntro_to_Arduino_-_v30 (3).ppt
Intro_to_Arduino_-_v30 (3).pptHebaEng
 
Arduino Introduction.ppt
Arduino Introduction.pptArduino Introduction.ppt
Arduino Introduction.pptssuser631ea0
 
Intro to arduino
Intro to arduinoIntro to arduino
Intro to arduinoBHUPATICh
 
Intro_to_Arduino_-_v30.ppt
Intro_to_Arduino_-_v30.pptIntro_to_Arduino_-_v30.ppt
Intro_to_Arduino_-_v30.pptxdarlord
 
Intro_to_Arduino_-_v30dadasdadadadaasda.ppt
Intro_to_Arduino_-_v30dadasdadadadaasda.pptIntro_to_Arduino_-_v30dadasdadadadaasda.ppt
Intro_to_Arduino_-_v30dadasdadadadaasda.pptCarloCimacio
 
Introducttion to robotics and microcontrollers
Introducttion to robotics and microcontrollersIntroducttion to robotics and microcontrollers
Introducttion to robotics and microcontrollersSandeep Kamath
 
TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...
TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...
TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...JayPaulTBadenas
 

Similar to Hardware-Hacking-101 By Asutosh Kumar.pdf (20)

ITE7Ch1.pdf
ITE7Ch1.pdfITE7Ch1.pdf
ITE7Ch1.pdf
 
ACCELEROMETER BASED GESTURE ROBO CAR
ACCELEROMETER BASED GESTURE ROBO CARACCELEROMETER BASED GESTURE ROBO CAR
ACCELEROMETER BASED GESTURE ROBO CAR
 
A+ computer hardware slide
A+ computer hardware slideA+ computer hardware slide
A+ computer hardware slide
 
microcontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptx
microcontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptxmicrocontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptx
microcontroller-based-missile-detection-and-destroying-8154-Rv8KK7q.pptx
 
ELECTRONIC AND - Copy (1)
ELECTRONIC AND - Copy (1)ELECTRONIC AND - Copy (1)
ELECTRONIC AND - Copy (1)
 
Bluetooth Home Automation
Bluetooth Home AutomationBluetooth Home Automation
Bluetooth Home Automation
 
Microcontrollers (Rex St. John)
Microcontrollers (Rex St. John)Microcontrollers (Rex St. John)
Microcontrollers (Rex St. John)
 
Intro_to_Arduino_-_v30_1.pdf
Intro_to_Arduino_-_v30_1.pdfIntro_to_Arduino_-_v30_1.pdf
Intro_to_Arduino_-_v30_1.pdf
 
MAJOR PROJECT PPT
MAJOR PROJECT PPTMAJOR PROJECT PPT
MAJOR PROJECT PPT
 
IRJET- Arduino based Single Phase Fault Detection System using IoT
IRJET- Arduino based Single Phase Fault Detection System using IoTIRJET- Arduino based Single Phase Fault Detection System using IoT
IRJET- Arduino based Single Phase Fault Detection System using IoT
 
Automatic Enable and Disable Speed Breaker
Automatic Enable and Disable Speed BreakerAutomatic Enable and Disable Speed Breaker
Automatic Enable and Disable Speed Breaker
 
Intro_to_Arduino_-_v30 (3).ppt
Intro_to_Arduino_-_v30 (3).pptIntro_to_Arduino_-_v30 (3).ppt
Intro_to_Arduino_-_v30 (3).ppt
 
IntrotoArduino.ppt
IntrotoArduino.pptIntrotoArduino.ppt
IntrotoArduino.ppt
 
Arduino Introduction.ppt
Arduino Introduction.pptArduino Introduction.ppt
Arduino Introduction.ppt
 
IntrotoArduino.ppt
IntrotoArduino.pptIntrotoArduino.ppt
IntrotoArduino.ppt
 
Intro to arduino
Intro to arduinoIntro to arduino
Intro to arduino
 
Intro_to_Arduino_-_v30.ppt
Intro_to_Arduino_-_v30.pptIntro_to_Arduino_-_v30.ppt
Intro_to_Arduino_-_v30.ppt
 
Intro_to_Arduino_-_v30dadasdadadadaasda.ppt
Intro_to_Arduino_-_v30dadasdadadadaasda.pptIntro_to_Arduino_-_v30dadasdadadadaasda.ppt
Intro_to_Arduino_-_v30dadasdadadadaasda.ppt
 
Introducttion to robotics and microcontrollers
Introducttion to robotics and microcontrollersIntroducttion to robotics and microcontrollers
Introducttion to robotics and microcontrollers
 
TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...
TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...
TLE-TVL_ICT(CSS)9_Q1_CLAS1_Assessing-Quality-of-Received-Materials - RHEA ROM...
 

More from null - The Open Security Community

Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdf
Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdfImmutable Desktop using Container Orchestration By Mohammed Danish Amber .pdf
Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdfnull - The Open Security Community
 
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdfDigital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdfnull - The Open Security Community
 
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...null - The Open Security Community
 
Reverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptx
Reverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptxReverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptx
Reverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptxnull - The Open Security Community
 
Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...null - The Open Security Community
 
Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptx
Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptxDemystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptx
Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptxnull - The Open Security Community
 

More from null - The Open Security Community (18)

Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
 
Demystifying-DNS-Attack-by-Rakesh Seal.pdf
Demystifying-DNS-Attack-by-Rakesh Seal.pdfDemystifying-DNS-Attack-by-Rakesh Seal.pdf
Demystifying-DNS-Attack-by-Rakesh Seal.pdf
 
Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdf
Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdfImmutable Desktop using Container Orchestration By Mohammed Danish Amber .pdf
Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdf
 
Recon for Bug Bounty by Agnibha Dutta.pdf
Recon for Bug Bounty by Agnibha Dutta.pdfRecon for Bug Bounty by Agnibha Dutta.pdf
Recon for Bug Bounty by Agnibha Dutta.pdf
 
A talk on OWASP Top 10 by Mukunda Tamly
A talk on OWASP Top 10 by Mukunda TamlyA talk on OWASP Top 10 by Mukunda Tamly
A talk on OWASP Top 10 by Mukunda Tamly
 
The Mysterious Paradigm of Fuzzing by Rakesh Seal
The Mysterious Paradigm of Fuzzing by Rakesh SealThe Mysterious Paradigm of Fuzzing by Rakesh Seal
The Mysterious Paradigm of Fuzzing by Rakesh Seal
 
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdfDigital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
 
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
 
Cyber_Forensics_in_the_New_Age_of_Cyber_Security.pdf
Cyber_Forensics_in_the_New_Age_of_Cyber_Security.pdfCyber_Forensics_in_the_New_Age_of_Cyber_Security.pdf
Cyber_Forensics_in_the_New_Age_of_Cyber_Security.pdf
 
GSM-CallFlowAndSecurity Features (2G-3G-4G).pptx
GSM-CallFlowAndSecurity Features (2G-3G-4G).pptxGSM-CallFlowAndSecurity Features (2G-3G-4G).pptx
GSM-CallFlowAndSecurity Features (2G-3G-4G).pptx
 
Reverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptx
Reverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptxReverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptx
Reverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptx
 
Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...
 
Evolution of Hacking- Ronit Chakraborty .pptx
Evolution of Hacking- Ronit Chakraborty .pptxEvolution of Hacking- Ronit Chakraborty .pptx
Evolution of Hacking- Ronit Chakraborty .pptx
 
Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptx
Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptxDemystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptx
Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptx
 
C&C Framework- Ayan Saha.pptx
C&C Framework- Ayan Saha.pptxC&C Framework- Ayan Saha.pptx
C&C Framework- Ayan Saha.pptx
 

Recently uploaded

Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 

Recently uploaded (20)

Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 

Hardware-Hacking-101 By Asutosh Kumar.pdf

  • 1. Beginner’s Guide to Hardware Hacking Asutosh Kumar
  • 2. Asutosh Kumar (h4ckibl3) Electronics Undegrad. Noob , Learning everyday Cyber Security Lead @bytelabs Author @autosecurityy Find me making memes for security conferences $ ./about-me.sh
  • 4. What is Hardware Hacking ? Hardware hacking, in simple terms, refers to the process of manipulating or modifying electronic hardware to achieve a desired outcome that may not have been originally intended by the manufacturer. Hardware hacking can be done for various reasons, including: Customization Exploration and Learning Security Testing Creating Unofficial Modifications
  • 6. Hardware Tools Multimeter A multimeter is like a detective tool for electronics. It helps us check and measure things in circuits, like how much electricity is there (voltage), how hard it is for electricity to flow (resistance), and whether the path for electricity is clear (continuity). It's like a super-spy for understanding and fixing electrical stuff! Soldering Kit / Desoldering Pump Screwdriver Set Wires/Jumper Wires Vise Stand Brain !!
  • 7. Basic Electronics 1. Resistor: It adds resistance between two components. It is measured in ohms. 2. Capacitor: It charges and discharges in specific interval of time and used to stabilize the power supply in Circuit. It is measured in farad. 3. Inductors: They are used for filtering and smoothing high-frequency noise in the circuit using electromagnetic discharge. It is measured in Henry. 4. IC: Integrated Circuits is a set of electronic circuits on small pieces of silicon. 5. EEPROM (Electrically Erasable Programmable Read-Only Memory): Embedded devices use these as a means of storage. 6. Transformers: They are used to convert voltage levels. Mostly used for converting AC mains to DC supply with some extra circuitry. 7. Microcontroller/Microprocessor: It is a tiny little computer on a single metal-oxidesemiconductor (MOS) integrated circuit (IC) chip. 8. SoC (System on Chip): They can be just a Processor or Processor + memory + peripherals. 9. Transistor,Battery,PCB
  • 8. Packages Through Hole Mount Package Surface Mount Package
  • 11. Where to mount all this stuff ? PCB (Printed Circuit Board)
  • 14. External Inspection Buttons Ports , Sd card slot Fcc id Why i shared this image here ? JMR 540/Jio fi 3
  • 15. Internal Inspection PCB Board analysis Datasheets Debug ports (UART,JTAG SPI & I2C) Pinouts
  • 16.
  • 17. UART
  • 18. UART UART(Universal Asynchronous Receiver-Transmitter) is one of the most often used communication protocols in embedded devices. It converts the parallel data it receives into a serial bit stream of data that may possibly be interacted with more easily. The transmitting UART translates parallel data from a controlling device, such as a CPU, into serial data, which it then sends in serial to the receiving UART. Which turns the serial data back into parallel for the receiving device. serial communication with two wire protocol no ACK protocol easiest and simple way to transfer data directly to and from microcontrollers without the need of any device in between
  • 19. UART Transmitting UART converts parallel data into serial and transmits Receiving UART converts received serial data into parallel Possible Attacks Getting root shell Smiffing comm.
  • 20. What we need to know and do ? Pin Identification (GND,VCC,TX,RX) Baudrate (9600,11400) Pin Identification Manual Identification Automated Identification
  • 21. Identifying GND power off the device , set the multimeter to conitinuity red probe on the pins , black probe on any metallic surface if it beeps boom , you got the gnd Identifying VCC power on the device , set the multimeter to voltage test red probe on the pins , black probe on the gnd i.e. ground. if it shows a voltage around 3.3v it’s vcc
  • 22. Identifying Tx power on the device , set the multimeter to voltage test immediate test required red probe on the pins , black probe on the mettalic surface if it shows a changing voltage it’s tx Identifying Rx i want to learn this from you guyz :)
  • 23. Getting Access Access the port via /dev/ttyUSB0 Power on the device and run a serial console utility Screen / Minicom screen - screen /dev/ttyUSB0 115200 minicom - minicom -b 9600 -D /dev/ttyUSB0 -b (baudrate) , -D (device) wait for a while and you got the access , try further expoiting it if you want to in this premises nothing is allowed.
  • 24.
  • 25. Special thanks to Null And Owasp Kolkata Arindam Halder Souvik Roy Tanmay Bhattacharjee Soummya Mukhopadhyay