Everything related to Hardware Hacking and Reverse Engineering including tutorials for beginners and more advanced stuff.
The hardware hacking and reverse engineering process described in various videos is based on:
1. Information Gathering of hardware and software, to identify main device components, to locate UART and JTAG interfaces and to get the EEPROM content, the firmware file and the root file system
2. Using Side Channel Attacks with ChipWhisperer and his Fault Injection capabilities when everything else fails
3. Building a debugging friendly Emulation Environment, to run device's binaries, using QEMU and a build system like "BuildRoot"
4. Techniques to analyse, hack, reverse engineer and modify the firmware using file system analysis, analysing the output on the system console, using the Gnu Debugger in the emulation environment and reverse engineering the firmware using open source software as Ghidra
I wanted to add that these tutorial series may be one of the best hardware hacking tutorials. This series gave me confidence to start buying and taking apart random stuff to gain more knowledge. Thank you very much for the effort!
This is an amazing series. I am barely new to electronics, but your videos have me immersed into hardware hacking. I just bought a rice maker, for 39.00 dollars to setup as my first project. Following along!!! Amazing again!
Interesting video. Thanks for your explanation. Can you make Raspberry Pi Pico board as a tool to read/write firmware of CSR-BC417 Chip which is in cheap bluetooth module HC-05? I tried it but failed, and I don't know why.
Thanks so much for your quality efforts at impacting knowledge. This is an area I'm seriously interested in learning, but I have little or no good knowledge of electronics. Please guide me on what I need to learn to help me understand your tutorials better.
perche non fai video di piu... Hai 9 video e 24 mila seguaci ...il tuoi video sono molti instruitivi (scusa il mio italiano :D non lo usato per 2 o 3 anni)... dai!
Thank you for this excellent intro Valerio! Qemu for hw emulation is rarely covered topic so please keep them coming 🙂 I'm curious: would it be possible to run Android or perhaps one of its incarnations (AOSP, LineageOS etc...) on top of Qemu?
Excellent video and thank you for sharing. As you mentioned in the beginning of the video, it would be even possible to "debrick" a device with the help of JTAG by flashing the right firmware to the EEPROM. I ran exactly into this problem. I'v got a osziloscope with a Samsung S3C2416XH connected to an EEPROM Samsung K9F1G08U0D. Both components are quite popular. My measurements are nearly the same, but the order of the of pins the JTAG are a bit different on the board (I think it's a proprietary one). In my case I got *5* pins with R(gnd) and R(vcc) and V > 0. How could I find out with pins are right one without buying JTAGuator? Any hints?
Ciao Valerio, is there a device (a router, a modem, a device developed specifically for studying, etc.) you would recommend to buy for a test environment? To learn how to do Hardware Hacking... Thanks
Hope you're doing well, idk if you gonna read this comment or no but I love your accent and that wants me to stay focused and listen to your lectures! <3 Love the content
why to use putty to see the logs on ttyUSB0, why can't we just cat /dev/ttyUSB0. I did cat the file and everything seemed oka. I was able to see the logs.
awesome tip at 13:27, using chalk to improve the readability of what's written on an IC. I also saw pictures of significantly improved photography /recording of PCBs by using polarized light. btw, the rotating zoom at 13:40 gave me TRON vibes :D
I have a hisense 50U6HF tv (Amazon version) I have soldered RX,TX, GND to debug area and get output in serial console but when i try to interrupt boot to get to uboot it says lockdown mode? I get a shell with no ability to input any commands. How to bypass this?