top of page
Trust
security
HackTM 2020 Qualifiers - Trip to trick 🚩
This deceptively simple challenge proved a great exercise in abusing FILE structs. Literally gifting you the entire libc of the process,...
Sep 20, 20227 min read
Â
HackTM 2020 Qualifiers - Count on Me 🚩
Description: There is no description for the challenge. The zip file includes three resources: challenge.txt – gives us the encryption...
Sep 20, 20222 min read
Â
HackTM 2020 Qualifiers - HackDex
The challenge starts by having 2 files: – hackdex, ELF file. – hacktm.hdex, text file. Description Considering your possible trip to...
Sep 20, 20224 min read
Â
HackTM 2020 Qualifier - Plop 🚩
PLOP is a reversing task composed of a single x64 ELF executable. By Inspecting main we find that it: Copies the program’s input into a...
Sep 20, 20225 min read
Â
LED them in — infiltrating home networks via smart light controllers 🚩
This was a research conducted in 2019 of my personal smart lighting system, which led to unexpected findings. IoT devices are becoming...
Sep 20, 20223 min read
Â
One Ring to rule them all, and in darkness bind them
This was a hack in Amazon's smart doorbell displayed on stage at MWC 2019 Today we focus on the Ring Doorbell, an Amazon-acquired home...
Sep 20, 20224 min read
Â
The Gateway is wide open — Pwning 40M+ routers
In 2019, I published an article on 4 CVEs found on a very popular router SDK used by Comcast. Today we will be presenting several...
Sep 20, 20229 min read
Â
IoT hacking doctrine 🚩
This was published in 2019 to help fellow researchers in their first steps in offensive IoT research. Today we will be presenting a...
Sep 20, 202210 min read
Â
DisConnecting the August Connect
Venera (CVE-2018–20100), was an unpatched attack on the August Connect setup that allows nearby attackers to snoop Wifi credentials....
Sep 20, 20224 min read
Â
bottom of page