Hacking
- Reverse engineering Yealink T41P firmware
Hi folks, not sure if this is the right place but so please lmk if there is a better place to put this:
I'm currently attempting to reverse engineer yealink t41p IP phone firmware since the device is out of support for some years and but works very well imo. For security reasons and keeping the devices out of the trash, I would like to provide open source firmware for it. I recently learned how the process with clean room reversing works but I'm stumbling at the first step already. Here is what I attempted so far: ``` haui@TowerPC:~/Downloads/t41p-firmware$ binwalk T41-36.83.0.160.rom
DECIMAL HEXADECIMAL DESCRIPTION --------------------------------------------------------------------------------
haui@TowerPC:~/Downloads/t41p-firmware$ binwalk --signature T41-36.83.0.160.rom
DECIMAL HEXADECIMAL DESCRIPTION --------------------------------------------------------------------------------
haui@TowerPC:~/Downloads/t41p-firmware$ binwalk -E T41-36.83.0.160.rom
DECIMAL HEXADECIMAL ENTROPY -------------------------------------------------------------------------------- 16384 0x4000 Rising entropy edge (0.984980) 20480 0x5000 Falling entropy edge (0.783278) 32768 0x8000 Rising entropy edge (0.992664) 45056 0xB000 Falling entropy edge (0.601562) 65536 0x10000 Rising entropy edge (0.991434) 815104 0xC7000 Rising entropy edge (0.992069) 2945024 0x2CF000 Falling entropy edge (0.668870) 2949120 0x2D0000 Rising entropy edge (0.993514) 8155136 0x7C7000 Falling entropy edge (0.843171)
haui@TowerPC:~/Downloads/t41p-firmware$ binwalk -BE T41-36.83.0.160.rom
DECIMAL HEXADECIMAL DESCRIPTION --------------------------------------------------------------------------------
DECIMAL HEXADECIMAL ENTROPY -------------------------------------------------------------------------------- 16384 0x4000 Rising entropy edge (0.984980) 20480 0x5000 Falling entropy edge (0.783278) 32768 0x8000 Rising entropy edge (0.992664) 45056 0xB000 Falling entropy edge (0.601562) 65536 0x10000 Rising entropy edge (0.991434) 815104 0xC7000 Rising entropy edge (0.992069) 2945024 0x2CF000 Falling entropy edge (0.668870) 2949120 0x2D0000 Rising entropy edge (0.993514) 8155136 0x7C7000 Falling entropy edge (0.843171)
haui@TowerPC:~/Downloads/t41p-firmware$ binwalk -y T41-36.83.0.160.rom haui@TowerPC:~/Downloads/t41p-firmware$ binwalk -e T41-36.83.0.160.rom
DECIMAL HEXADECIMAL DESCRIPTION --------------------------------------------------------------------------------
haui@TowerPC:~/Downloads/t41p-firmware$ binwalk -I T41-36.83.0.160.rom
DECIMAL HEXADECIMAL DESCRIPTION -------------------------------------------------------------------------------- 12622 0x314E BFF volume entry, AIXv3, file name: "iX2jÅ
haui@TowerPC:~/Downloads/t41p-firmware$ binw^C
haui@TowerPC:~/Downloads/t41p-firmware$ binwalk -G T41-36.83.0.160.rom
DECIMAL HEXADECIMAL DESCRIPTION -------------------------------------------------------------------------------- ```
- Linux/4004 - Slowly booting full Linux on the intel 4004 for fun, art, and absolutely no profitdmitry.gr Linux/4004 - Dmitry.GR
Dmitry.GR: Slowly booting full Linux on the intel 4004 for fun, art, and absolutely no profit
- Do these methods work to view private IG profiles ?
https://inscaptions.com/how-to-see-private-accounts-on-instagram-using-inspect/
https://techcult.com/how-to-access-private-instagram-inspect-element/
I don’t know anything about programming, and sadly I can’t differentiate between rubbish webpages and the real deal when it comes to stuff like that..
I also read about a couple of ios shortcuts that claim to be able to download private Instagram posts if you have the link to it.. is it true?
- Hacking Millions of Modems (and Investigating Who Hacked My Modem)samcurry.net Hacking Millions of Modems (and Investigating Who Hacked My Modem)
Two years ago, something very strange happened to me while working from my home network. I was exploiting a blind XXE vulnerability that required an external HTTP server to smuggle out files, so I spun up an AWS box and ran a simple Python webserver to receive the traffic from the vulnerable server.
- Giving Away Steam Account (I'm Locked Out)
So I have an old Steam account I had for years. Will give away account information to someone if you think you can get in.
Here's the situation: I changed my email to a forwarding service. so it's randomwords_characters@jepepla.com However, the forwarding service shut down and is no longer functioning, so I'm locked out of the account. I don't even know the email address that was generated for me because the service is gone. However if there's anyone here that thinks they can get in, I'm happy to send along the login information I do have. DM me if interested.
- Iphone event log to check potential hack
Apologies is this seems somewhat weird, I was using the reddit app on my iphone when I clicked on a tag in my search history and at the same time I noticed my flash go off on my phone. I suppose this could have been some strange hardware issue in my phone, but I suspected it took a photo. I checked my photo stream and there was nothing new. There is no log of events on my phone I know of, but I wondered if it was intentional. Curious if anyone here has any idea if it could have been something intentional (it taking a photo), or maybe some log info source I could check to see if it was legitimate hack.
- Best fuzzing tool
I'm trying to find a good fuzzing tool for testing my web applications and was wondering what people would recommend. I'm trying to find one that is open source, free, and doesn't use proprietary stuff. It seems like Google's OSSFuzz is the closest option to what I'm looking for, but it uses Google cloud :/
- Bluetooth security flaws reveals all devices launched after 2014 can be hacked
Security researchers have discovered new Bluetooth security flaws that allow hackers to impersonate devices and perform man-in-the-middle attacks.
The vulnerabilities impact all devices with Bluetooth 4.2 through Bluetooth 5.4, including laptops, PCs, smartphones, tablets, and others.
Users can do nothing at the moment to fix the vulnerabilities, and the solution requires device manufacturers to make changes to the security mechanisms used by the technology.
Research paper: https://dl.acm.org/doi/pdf/10.1145/3576915.3623066
Github: https://github.com/francozappa/bluffs
CVE: https://nvd.nist.gov/vuln/detail/CVE-2023-24023
- New plugins coming soon on aluminum-ice/pwnagotchi: ntfy, Mastodon, handshake-m
cross-posted from: https://lemmy.cat/post/5756727
> Over the last few weeks I've been working on a number of plugins which I hope will be available in the next pwnagotchi release. > > - nfty: send and receive notifications and alerts to devices via ntfy service. > - mastodon: periodically post status updates of your pwnagotchi on Mastodon > - handshake-m: view and manage handshake captures via web UI. > - wpa-cracked-insert: generates a .pcap.cracked file for displaying passwords in webgpsmap. > > These plugins are also initially available on my own repo with more info on how to use them: https://codeberg.org/retiolus/pwnagotchi-plugins > > I hope this kind of thing will give the project some new energy :) >
- TV hardware hacking
Hey all,
I am looking into hacking TVs. Its well known they run linux most of the time, so we should be able to do some fun stuff with them.
I've found some guides, clips and other reference material online, but it isn't much. Do any of you guys have some reference material to help me on my learning journey?
- Info from 5.6 million patient visits among data stolen in ransomware attack on Ontario hospitals
> A 3rd set of data has been published on the dark web, site says, as OPP continue investigation
- Update and reformatting of Pwnagotchi plugin that publishes regularly on Mastodon!github.com Update mastodon.py by retiolus · Pull Request #44 · evilsocket/pwnagotchi-plugins-contrib
Update and reformatting of the plugin, which was no longer working, was not optimised and did not provide enough information in the logs. Among other things, it no longer uses the Mastodon account ...
- India's biggest tech centers named as cyber crime hotspotswww.theregister.com India's biggest tech centers named as cyber crime hotspots
Global tech companies' Bharat offices attract the wrong sort of interest
- 22-year anniversary of Project Blinkenlights
Video
Click to view this content.
cross-posted from: https://feddit.de/post/3322209
Insensitive joke
A building you would have liked to stand next to on September 11, 2001.
NewPipe-compatible link to the video / YT / Piped
Hard-to-read scrolling text in my tribute video
On September 11, 2001, NYC was swept by the tragic collapse of two giant shopping malls conference centers while downtown Berlin was delighted to see a building come to life. The Blinkenlights, an array of 144 lightbulbs inside the Teacher's House on Alexanderplatz, made its debut on this fateful day. Chaos Computer Club, a German group of hackers and technology enthusiasts, had taken over the building prior to its planned reconstruction. Celebrating their 20th anniversary and amazing the public with their technical skills, the club installed floodlights behind the windows in the upper eight floors, lighting them up with animated content controlled over the network. People connected to the Internet would submit 20fps, 18x8 animations via email to take part in a pixel art contest, or have a love letter displayed at will. This is where this “BlinkenPaint” program came into play. GSM integration also enabled anyone to play a recreation of Pong, as well as remote debugging. The installation instantly became popular with music videos filmed in front of and inside it, and thousands of people came to the February 23 farewell party. The club released their hardware blueprints and source code to the public, enabling reconstructions of this project elsewhere.
In September 2002, the CCC created another installation, the “Blinkenlights Arcade”, to celebrate the “White Night” festival in Paris. The French National Library sprang to life with a 20x26 array of lightbulbs. Forgoing the abuse of relays in the original Blinkenlights, solid-state circuitry allowed 8 stages of grayscale, enhancing the look of GSM-controlled games such as Pong or Tetris, as well as music visualizations during the October 5 party. In 2008, the Toronto City Hall was lit with a 960-pixel, 16-step grayscale screen during this festival.
By the way, the title of the installation references a 1950s meme text hung in computer rooms worldwide, exclaiming to “turisten und nonteknischen lookenspeepers” that “das komputermaschine ist nicht für der gefingerpoken und mittengraben […] für gewerken bei dummkopfen” and encouraging them to “relaxen und watschen der blinkenlichten” instead. Someone will surely have posted the entire copypasta in the comments. Also look there for clarifications and corrections of any mistakes in this text.
Over the past 20 years, giant LED screens have become ubiquitous in cities, and the idea of a display this size does not seem as outlandish anymore. Nevertheless, most display advertisements round the clock, and having the public play games and submit love letters remains unique to Blinkenlights and the installation should be remembered to this day.
- breach not on the taxis?
does anyone have any idea what the new breach forums onion is? or why tor taxi and such don't share it anymore? is tor taxi or breech sussy?
- Your favorite hacking / cyber podcasts?
I'm a big fan of Darknet Diaries and Smashing Security. I'm all the way caught up on them though so I'm wondering if there are any others out there I'm missing out on?
If this post gets a decent number of comments I'll create a list here of every podcast recommended.
- Reflections on Trusting Trust
The linked paper was pointed out to me during a discussion about trusting executables built from source. Perhaps this paper is a well-known document in the hacking community, but I thought it was quite interesting and thought I'd share it.
The document describes how the author created a bugged C compiler that would compile UNIX code in which the "login" command would insert a backdoor.
> The actual bug I planted in the compiler would match code in the UNIX "login" command. The re- placement code would miscompile the login command so that it would accept either the intended encrypted password or a particular known password. Thus if this code were installed in binary and the binary were used to compile the login command, I could log into that system as any user.
The author also describes strategies to build such bugged compiler in a way that would be very difficult to detect.
The document ends with a moral statement about hacking with a perspective from 1984 which is also an interesting read.
- Review: Beepy, A Palm-sized Linux Hacking Playgroundhackaday.com Review: Beepy, A Palm-sized Linux Hacking Playground
In the long ago times, when phones still flipped and modems sang proudly the songs of their people, I sent away for a set of Slackware CDs and embarked on a most remarkable journey. Back then, runn…
You had me at BlackBerry keyboard!
- what is the best way to report internal security concerns in a corporate environment
I have repeatedly fund security concerns when working on internal applications. Simple things like sql injection, hard coded credentials, and privileged containers being run as the standard. I brought these up with my team lead, but he says that since its in the dev environment, it does not matter. To me, that is the totally wrong attitude to have about security. We should teach our developers how to not make these mistakes and fix them as we find them. Should I go over his head to report it to other managing parties? I want to say more, but am being as vague as possible just in case. How do I go about reporting internal vulnerabilities in a responsible way that won't make everyone hate me? I honestly believed that people would be happy to hear about their problems from me rather than get exploited but it does not seem to be the culture here.
- Kevin, one of ours have passed away :(hispagatos.space Got Root :hispagatos: # :idle: (@rek2@hispagatos.space)
Compas cultura original #hacker hoy ha fallecido uno de los nuestros con gran dolor escribo esto fui parte del movimiento #freekevin en los 90 con la gente del #2600 nada más llegar a ese país luego fuimos amigos cuando salió y no podía tocar un ordenador solo escribía libros solíamos salir a cenar ...
- Kevin Mitnick has died.www.dignitymemorial.com Kevin Mitnick Obituary - Las Vegas, NV
Celebrate the life of Kevin Mitnick, leave a kind word or memory and get funeral service information care of King David Memorial Chapel & Cemetery.
- SSRF help ?
Anybody know any good resources to learn about SSRF ? More than just a library of requests to have burp try. Id like to get a better understanding of crafting my own SSRFs.
- How communism turned Cuba into an island of hackers and DIY engineerswww.pbs.org How communism turned Cuba into an island of hackers and DIY engineers
Just outside Havana, in the childhood bedroom of illustrator Edel Rodriguez, a washing machine engine welded to a boat propeller has become a makeshift fan. This kind of cobbled-together contraption is common in Cuba. So are stoves that run on diesel from trucks, satellite dishes made of garbage can...
- We can't be like the reddit community.
The hacking community on Reddit is imo one of the most toxic communities. Nearly every question someone asks the top comment is someone talking shit about OP, insulting them, or just gatekeeping hacking in general. We were all new once, if someone asks a script kiddie question, then help them out and point them in the right direction.
- 2600 Madrid! – 2600 Madrid Meeting - WorldWide 2600 Meetings
cross-posted from: https://lemmy.ml/post/1633529
> #2600 meetings worldwide, and of course 2600.Madrid in 7 days! https://2600.Madrid gemini://2600.Madrid matrix: #2600_Madrid:hispagatos.org mobilizon: https://eventos.hispagatos.org/events/608a824b-9c9f-473b-bc9f-9c3b115cbed9 PLEASE RESERVE SO WE CAN TELL THE BAR how many people we are going to be #HappyHacking #HackingIsNotACrime #2600Madrid https://2600.com
- Hitting the Books: How hackers turned cybercrime into a commercial servicewww.engadget.com Hitting the Books: How hackers turned cybercrime into a commercial service | Engadget
In "Fancy Bear Goes Phishing", Yale Law professor Dr.
- Ukraian hackers take down Russian banks service providerwww.bleepingcomputer.com Ukrainian hackers take down service provider for Russian banks
A group of Ukrainian hackers known as the Cyber.Anarchy.Squad claimed an attack that took down Russian telecom provider Infotel JSC on Thursday evening.
- 2600 Hacker Meeting @ Madrid, Spainhispagatos.space Got Root :hispagatos: # :idle: (@rek2@hispagatos.space)
El viernes Nov 4, reunion Mensual de #2600 en #Madrid Las reuniones son mensuales a nivel mundial, los primeros viernes del mes, donde hackers y amantes de la cultura libre y creativa se juntan para conversar, compartir ideas, proyectos, política y sobre todo aspectos de la tecnología. En una reunió...
publicado de forma cruzada desde: https://lemmy.ml/post/579871
> This Friday Nov 4th, 2600 Madrid meetup! 7pm to 9 pm. > The meetings are monthly worldwide, the first Friday of the month, where > hackers and lovers of free and creative culture come together to talk, > share ideas, projects, politics and about all aspects of technology. > In a meeting for all, welcome to the curious who want to know what > "hacker culture" really is https://2600.com @2600_madrid and for > information on the event in Madrid 2600@hispagatos.org > > for more info: > https://2600.com > https://hispagatos.space/@rek2/109274963270162295 > https://mobilizon.public.cat/@2600_madrid > https://www.2600.com/meetings
- NoisyLeaks! The Art of Exposing Secrets - 8-30 Oct. Berlinnoisyleaks.space NoisyLeaks!
NoisyLeaks! is a moment combining an exhibition alongside a series of events which will take place from October 8th to October 30th, 2022. NoisyLeaks! aims to collectively expose and celebrate the historical and cultural heritage of WikiLeaks and its influence on world-wide practices - a space and m...
publicado de forma cruzada desde: https://lemmy.ml/post/478379
> publicado de forma cruzada desde: https://lemmy.ml/post/475611 > > > EXPO/ FILMS/ [REDACTED]/ WORKSHOPS/ LAB/ > > > > P145, Invalidenstr. 145 - 10115 Berlin > > > > NoisyLeaks! is a moment combining an exhibition alongside a series of events which will take place from October 8th to October 30th, 2022. NoisyLeaks! aims **to collectively expose and celebrate the historical and cultural heritage of WikiLeaks and its influence on world-wide practices **- a space and moment to share knowledge, practical skills and encourage freedom of information. > > > > ! > > > > Featuring: > > > > !Mediengruppe Bitnik, AFK, Ai Weiwei, Chicks on Speed, Daniel Lismore, Daniel Richter, Davide Dormino, Hito Steyerl, Iodine Dynamics, Jean-Baptiste Bayle, Melissa E. Logan, RYBN, Sarah Lucas > > > > Schedule: > > > > https://noisyleaks.space/schedule
- DDC OLED - mitxela.com
The HDMI SSD1306 that EVERYONE needs. Hacking done proper.
From the article: > You have to register to download the HDMI spec which is more effort than I have for this...
- How I hacked a hardware crypto wallet and recovered $2 million
YouTube Video
Click to view this content.
- Does brute-forcing SSH logins for random IPs have a reasonable chance of being profitable for the attackers?
I was looking at my /var/log/auth.log in my personal computer and VPS, and I can see thousands of failed SSH attempts over the past few days. Looking at the attempted logins, I suppose that someone is using a database and trying out common default username/password combinations to attack random IP addresses. I also see that they try this for many different ports.
This approach of attack appears to me to be very very very unlikely to return anything of value. They may as well just try generating bitcoin private keys randomly until they find a wallet with something in it.
Are these 'hackers' just playing the lottery and wasting their resources? Or is this a strategy that somehow works reasonably often?
- Anyone used TryHackMe? It's pretty fun so far
I like how they have in-browser VMs and optional OpenVPN for using your own stuff. Also their lessons are fun so far. I'm doing Pre-Security path just to brush up on old stuff first.