Hacking

1781 readers
2 users here now

This is the community for all things hacking and cybersecurity, try keeping it legal. That said I don't take any responsibility for anything that happens/comes from this group but I will try being the best mod that I can to prevent anything from happening.

founded 4 years ago
MODERATORS
1
2
 
 

Hi folks, not sure if this is the right place but so please lmk if there is a better place to put this:

I'm currently attempting to reverse engineer yealink t41p IP phone firmware since the device is out of support for some years and but works very well imo. For security reasons and keeping the devices out of the trash, I would like to provide open source firmware for it. I recently learned how the process with clean room reversing works but I'm stumbling at the first step already. Here is what I attempted so far:

haui@TowerPC:~/Downloads/t41p-firmware$ binwalk T41-36.83.0.160.rom 

DECIMAL       HEXADECIMAL     DESCRIPTION
--------------------------------------------------------------------------------

haui@TowerPC:~/Downloads/t41p-firmware$ binwalk --signature T41-36.83.0.160.rom 

DECIMAL       HEXADECIMAL     DESCRIPTION
--------------------------------------------------------------------------------

haui@TowerPC:~/Downloads/t41p-firmware$ binwalk -E T41-36.83.0.160.rom 

DECIMAL       HEXADECIMAL     ENTROPY
--------------------------------------------------------------------------------
16384         0x4000          Rising entropy edge (0.984980)
20480         0x5000          Falling entropy edge (0.783278)
32768         0x8000          Rising entropy edge (0.992664)
45056         0xB000          Falling entropy edge (0.601562)
65536         0x10000         Rising entropy edge (0.991434)
815104        0xC7000         Rising entropy edge (0.992069)
2945024       0x2CF000        Falling entropy edge (0.668870)
2949120       0x2D0000        Rising entropy edge (0.993514)
8155136       0x7C7000        Falling entropy edge (0.843171)

haui@TowerPC:~/Downloads/t41p-firmware$ binwalk -BE T41-36.83.0.160.rom 

DECIMAL       HEXADECIMAL     DESCRIPTION
--------------------------------------------------------------------------------


DECIMAL       HEXADECIMAL     ENTROPY
--------------------------------------------------------------------------------
16384         0x4000          Rising entropy edge (0.984980)
20480         0x5000          Falling entropy edge (0.783278)
32768         0x8000          Rising entropy edge (0.992664)
45056         0xB000          Falling entropy edge (0.601562)
65536         0x10000         Rising entropy edge (0.991434)
815104        0xC7000         Rising entropy edge (0.992069)
2945024       0x2CF000        Falling entropy edge (0.668870)
2949120       0x2D0000        Rising entropy edge (0.993514)
8155136       0x7C7000        Falling entropy edge (0.843171)

haui@TowerPC:~/Downloads/t41p-firmware$ binwalk -y T41-36.83.0.160.rom 
haui@TowerPC:~/Downloads/t41p-firmware$ binwalk -e T41-36.83.0.160.rom 

DECIMAL       HEXADECIMAL     DESCRIPTION
--------------------------------------------------------------------------------

haui@TowerPC:~/Downloads/t41p-firmware$ binwalk -I T41-36.83.0.160.rom 

DECIMAL       HEXADECIMAL     DESCRIPTION
--------------------------------------------------------------------------------
12622         0x314E          BFF volume entry, AIXv3, file name: "iX2jÅ

haui@TowerPC:~/Downloads/t41p-firmware$ binw^C

haui@TowerPC:~/Downloads/t41p-firmware$ binwalk -G T41-36.83.0.160.rom 

DECIMAL       HEXADECIMAL     DESCRIPTION
--------------------------------------------------------------------------------
3
4
 
 

https://inscaptions.com/how-to-see-private-accounts-on-instagram-using-inspect/

https://techcult.com/how-to-access-private-instagram-inspect-element/

I don’t know anything about programming, and sadly I can’t differentiate between rubbish webpages and the real deal when it comes to stuff like that..

I also read about a couple of ios shortcuts that claim to be able to download private Instagram posts if you have the link to it.. is it true?

5
6
7
8
 
 

So I have an old Steam account I had for years. Will give away account information to someone if you think you can get in.

Here's the situation: I changed my email to a forwarding service. so it's [email protected] However, the forwarding service shut down and is no longer functioning, so I'm locked out of the account. I don't even know the email address that was generated for me because the service is gone. However if there's anyone here that thinks they can get in, I'm happy to send along the login information I do have. DM me if interested.

9
 
 

Apologies is this seems somewhat weird, I was using the reddit app on my iphone when I clicked on a tag in my search history and at the same time I noticed my flash go off on my phone. I suppose this could have been some strange hardware issue in my phone, but I suspected it took a photo. I checked my photo stream and there was nothing new. There is no log of events on my phone I know of, but I wondered if it was intentional. Curious if anyone here has any idea if it could have been something intentional (it taking a photo), or maybe some log info source I could check to see if it was legitimate hack.

10
13
Best fuzzing tool (programming.dev)
submitted 10 months ago by [email protected] to c/[email protected]
 
 

I'm trying to find a good fuzzing tool for testing my web applications and was wondering what people would recommend. I'm trying to find one that is open source, free, and doesn't use proprietary stuff. It seems like Google's OSSFuzz is the closest option to what I'm looking for, but it uses Google cloud :/

11
 
 

Security researchers have discovered new Bluetooth security flaws that allow hackers to impersonate devices and perform man-in-the-middle attacks.

The vulnerabilities impact all devices with Bluetooth 4.2 through Bluetooth 5.4, including laptops, PCs, smartphones, tablets, and others.

Users can do nothing at the moment to fix the vulnerabilities, and the solution requires device manufacturers to make changes to the security mechanisms used by the technology.

Research paper: https://dl.acm.org/doi/pdf/10.1145/3576915.3623066

Github: https://github.com/francozappa/bluffs

CVE: https://nvd.nist.gov/vuln/detail/CVE-2023-24023

12
 
 

cross-posted from: https://lemmy.cat/post/5756727

Over the last few weeks I've been working on a number of plugins which I hope will be available in the next pwnagotchi release.

  • nfty: send and receive notifications and alerts to devices via ntfy service.
  • mastodon: periodically post status updates of your pwnagotchi on Mastodon
  • handshake-m: view and manage handshake captures via web UI.
  • wpa-cracked-insert: generates a .pcap.cracked file for displaying passwords in webgpsmap.

These plugins are also initially available on my own repo with more info on how to use them: https://codeberg.org/retiolus/pwnagotchi-plugins

I hope this kind of thing will give the project some new energy :)

13
 
 

Hey all,

I am looking into hacking TVs. Its well known they run linux most of the time, so we should be able to do some fun stuff with them.

I've found some guides, clips and other reference material online, but it isn't much. Do any of you guys have some reference material to help me on my learning journey?

14
 
 

A 3rd set of data has been published on the dark web, site says, as OPP continue investigation

15
16
17
7
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
 
 

cross-posted from: https://feddit.de/post/3322209

Insensitive joke
A building you would have liked to stand next to on September 11, 2001.

NewPipe-compatible link to the video / YT / Piped

Wikipedia

My tribute: YT / Piped

Hard-to-read scrolling text in my tribute video
On September 11, 2001, NYC was swept by the tragic collapse of two giant shopping malls conference centers while downtown Berlin was delighted to see a building come to life. The Blinkenlights, an array of 144 lightbulbs inside the Teacher's House on Alexanderplatz, made its debut on this fateful day. Chaos Computer Club, a German group of hackers and technology enthusiasts, had taken over the building prior to its planned reconstruction. Celebrating their 20th anniversary and amazing the public with their technical skills, the club installed floodlights behind the windows in the upper eight floors, lighting them up with animated content controlled over the network. People connected to the Internet would submit 20fps, 18x8 animations via email to take part in a pixel art contest, or have a love letter displayed at will. This is where this “BlinkenPaint” program came into play. GSM integration also enabled anyone to play a recreation of Pong, as well as remote debugging. The installation instantly became popular with music videos filmed in front of and inside it, and thousands of people came to the February 23 farewell party. The club released their hardware blueprints and source code to the public, enabling reconstructions of this project elsewhere.

In September 2002, the CCC created another installation, the “Blinkenlights Arcade”, to celebrate the “White Night” festival in Paris. The French National Library sprang to life with a 20x26 array of lightbulbs. Forgoing the abuse of relays in the original Blinkenlights, solid-state circuitry allowed 8 stages of grayscale, enhancing the look of GSM-controlled games such as Pong or Tetris, as well as music visualizations during the October 5 party. In 2008, the Toronto City Hall was lit with a 960-pixel, 16-step grayscale screen during this festival.

By the way, the title of the installation references a 1950s meme text hung in computer rooms worldwide, exclaiming to “turisten und nonteknischen lookenspeepers” that “das komputermaschine ist nicht für der gefingerpoken und mittengraben […] für gewerken bei dummkopfen” and encouraging them to “relaxen und watschen der blinkenlichten” instead. Someone will surely have posted the entire copypasta in the comments. Also look there for clarifications and corrections of any mistakes in this text.

Over the past 20 years, giant LED screens have become ubiquitous in cities, and the idea of a display this size does not seem as outlandish anymore. Nevertheless, most display advertisements round the clock, and having the public play games and submit love letters remains unique to Blinkenlights and the installation should be remembered to this day.

18
 
 

does anyone have any idea what the new breach forums onion is? or why tor taxi and such don't share it anymore? is tor taxi or breech sussy?

19
 
 

I'm a big fan of Darknet Diaries and Smashing Security. I'm all the way caught up on them though so I'm wondering if there are any others out there I'm missing out on?

If this post gets a decent number of comments I'll create a list here of every podcast recommended.

20
11
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
 
 

The linked paper was pointed out to me during a discussion about trusting executables built from source. Perhaps this paper is a well-known document in the hacking community, but I thought it was quite interesting and thought I'd share it.

The document describes how the author created a bugged C compiler that would compile UNIX code in which the "login" command would insert a backdoor.

The actual bug I planted in the compiler would match code in the UNIX "login" command. The re- placement code would miscompile the login command so that it would accept either the intended encrypted password or a particular known password. Thus if this code were installed in binary and the binary were used to compile the login command, I could log into that system as any user.

The author also describes strategies to build such bugged compiler in a way that would be very difficult to detect.

The document ends with a moral statement about hacking with a perspective from 1984 which is also an interesting read.

21
22
 
 

You had me at BlackBerry keyboard!

23
 
 

I have repeatedly fund security concerns when working on internal applications. Simple things like sql injection, hard coded credentials, and privileged containers being run as the standard. I brought these up with my team lead, but he says that since its in the dev environment, it does not matter. To me, that is the totally wrong attitude to have about security. We should teach our developers how to not make these mistakes and fix them as we find them. Should I go over his head to report it to other managing parties? I want to say more, but am being as vague as possible just in case. How do I go about reporting internal vulnerabilities in a responsible way that won't make everyone hate me? I honestly believed that people would be happy to hear about their problems from me rather than get exploited but it does not seem to be the culture here.

24
25
view more: next ›