Security researcher with a focus on hardware & firmware. I occasionally publish stuff on YouTube. Co-founder of
@hextreeio
. Contact: contact
@stacksmashing
.net
This is crazy. An iOS KeePass app was sending the clipboard contents *unencrypted via UDP* to a server. The developer "fixed" it by still sending it via UDP, but this time with fixed key and IV. 🤦♂️
The app is simply a credential stealer and probably in violation of some laws.
A lot of people said sniffing a TPM requires advanced knowledge and equipment - so let’s change that!
Soon a couple of pogo-pins and a
@Raspberry_Pi
Pico will be enough 😀
What’s going on at Microsoft? Have they gone completely crazy?
Forcing random stuff into Windows (Suddenly a copilot button? Candy crush ads? Edge trying to make itself happen again and again?)
And now even the Skype app starts spamming me with random “Skype Today” stuff…
Found some performance improvements that increase the Mifare Dictionary Attack speed on the
@flipper_zero
significantly - for example a full search of 14 keys takes only 17 instead of 29 minutes on a random hotel card.
Code here:
I'd just like to interject for a moment. What you're referring to as USB-C, is in fact, USB-C/USB3.2, or as I've recently taken to calling it, USB-C plus USB3.2. USB-C is not a protocol unto itself, but rather a connector specification.
So I was trying to sniff the BitLocker TPM key on an old laptop of mine - it has this great debug port that exposes most of the TPM (Low Pin Count Bus) signals, but it’s missing the clock signal.
Random math request:
Given that >90% of CPUs are little endian - how much CO2 could we (very very very roughly) save if we switched network protocols to use little endian instead of big endian?
Modern web-dev is pretty funny.
There are USB and Bluetooth APIs, and you can even do computation on the GPU...
But if you want to download a file in JS you create an invisible <a>-tag with the file stored as a string in href and then call the .click() method on it?!😂
BitLocker Key retrieval on a Windows 11, Lenovo X1 Carbon Gen 11 via SPI Sniffing.
The TPM on the backside of the Motherboard, there are various test pads.
Wow. My "Reversing WannaCry in Ghidra" video has surpassed 1 million views...
I think that might make it the most watched malware reverse-engineering video😳
Just released part 1 of analyzing
#WannaCry
in
#Ghidra
! In this video we will find the killswitch, look at its installation/persistence methods and extract/decrypt the resources contained in the malware!
Finally released part 2 of my »Reversing
#WannaCry
with
#Ghidra
« series!
In this video we reverse engineer some of the integrated decryption methods and see how we can easily analyze C++ code in Ghidra.
The procedure for this was pretty simple:
- Started with a placeholder image
- Got the hash of it
- Changed text of the image to match the hash
- Then used
@anishathalye
great neural-hash-collider which took only 1-2 iterations
Come see how I used my jerry-rigged “EMBite” probe to capture an EM side-channels using a HackRF.
I used this to figure out the precise timing of where a completely unknown boot check fails - and then used that timing to bypass the check 😁
Discord has the worst UI/UX of any desktop application I use. I hate that it became the de-facto standard for a lot of things.
Even simple things such as "finding out why did Discord just made a notification sound" or "Jump to where I was highlighted" are basically impossible.