SETTING UP YOUR RASPBERRY PI INTRODUCTION RASBERRYPI-AS .

2y ago
21 Views
2 Downloads
947.55 KB
11 Pages
Last View : 4m ago
Last Download : 2m ago
Upload by : Adalynn Cowell
Transcription

5/2/2019Raspberrypi as poor man's hardware hacking tool - payatuRASPBERRYPI AS POOR MAN’S HARDWARE HACKING TOOL OL/)14/12/2018 / 0 Comments hardware-hacking-tool/#respond) / in Blog(https://payatu.com/category/blog/), Research (https://payatu.com/category/research/) / by Arun DUCTIONI have been wanting to write this blog for quite some time, either I was busy or lazy. I have been asked by so manypeople on the list of hardware to buy to get started with hardware hacking. To be honest, there are a lot of productsavailable, but not many target beginners.In this blog i will cover about using SPI, I2C, JTAG/SWD and JTAGenum using Raspberry Pi. I will be using Raspberry pizero w, as it is dead cheap and small.SETTING UP YOUR RASPBERRY PIBefore you go into each section, I would suggest you boot into your raspberry pi and enable SPI, I2C, GPIO from theinterfacing options in the raspi-con g menu. You can follow this link ed-with-the-raspberry-pi-zero-wireless/all) for setting up your Pi.In all the connection pinouts, It is the hardware pin location and not the GPIO number. ardware-hacking-tool/1/11

5/2/2019Raspberrypi as poor man's hardware hacking tool - payatuGit clone this inside your pihttps://github.com/arunmagesh/raspi-sec-toolSPI – SERIAL PERIPHERAL INTERFACERaspberry Pi comes with SPI interface, Most common test case in hardware testing is to extract the external ashmemory of the target device which uses SPI communication interface. Most commonly used tool is ashrom whichsupports a wide variety of ash memory support. We are going to utilize the bcm2385 SPI interface /dev/spidev0.0 forreading and writing to it.INSTALLATION:sudo apt-get install build-essential pciutils usbutils libpci-dev libusb-dev libftdi1 libftdi-dev zlib1g-dev subversionlibusb-1.0-0-devsvn co svn:// ashrom.org/ ashrom/trunk ashromcd errypi-as-poor-mans-hardware-hacking-tool/ 2/11

5/2/2019Raspberrypi as poor man's hardware hacking tool - payatuCS – 24MISO – 21MOSI – 19CLK – 233.3v – election 494.jpg)TO READ DATA FROM THE FLASH MEMORYashrom -p linux spi:dev /dev/spidev0.0,spispeed 512 -r spi 8/12/Selection 484.jpg)Don’t forget the spispeed 512.Now you can use binwalk or fmk in the extracted rmware.I2C – INTER-IC COMMUNICATIONThis communication is similar to the SPI, but it uses only two wire for communication – SDA/SCL. Each device isaccessed by using their internal i2c address. Here we will use an I2C EEPROM as an example and see how we canread and write to the memory. i2ctools comes as a part of the Linux package, so no need to install anything.CONNECTION:SDA – 3SCL – 5VCC – 1VSS – A0 – A1 – A2 – A3 – WP – hardware-hacking-tool/ 3/11

5/2/2019Raspberrypi as poor man's hardware hacking tool - 12/Selection 495.jpg)To nd the address of your i2c slave device.i2cdetect -y lection 485.jpg)In this case, the address is 0x50. -y 1 de nes which i2c pins you have used. in this case, we are using i2c-1.Now use a tool called as eeprog to read and write to the EEPROM.wget http://darkswarm.org/eeprog-0.7.6-tear5.tar.gz r -xvf eeprog-0.7.6-tear5.tar.gz eeprog-0.7.6-tear12/cd eeprog-0.7.6-tear12/makesudo make installTO WRITE DATA TO ITecho “hello” ./eeprog -f -16 -w 0 -t 5 /dev/i2c-1 0x50-w is the offset-t is write delay ardware-hacking-tool/4/11

5/2/2019Raspberrypi as poor man's hardware hacking tool - 12/Selection 486.jpg)TO READ DATA FROM IT./eeprog -x /dev/i2c-1 0x50 -16 -r 18/12/Selection 487.jpg)DEBUGGER – JTAG/SWDJTAG/SWD are standards which allow developers to debug any microcontroller or microprocessor. From an attackerperspective having access to the debug means game over for the device. An attacker can dump the internal memory ordo changes in the memory dynamically. Let’s talk about accessing both JTAG and SWD using just a Raspberry pi. Weuse an opensource tool called as openOCD which talks to the debugger.CONNECTION:JTAG:TCK – 23TMS – 22TDI – 19TDO – 21SRST – 12GND – 20SWD: ardware-hacking-tool/5/11

5/2/2019Raspberrypi as poor man's hardware hacking tool - payatuSWDIO – 18SWCLK – 22SRST – 12GND – 14TO INSTALL OPENOCDgit clone git://git.code.sf.net/p/openocd/code openocdcd openocd/./bootstrap./con gure –enable-maintainer-mode –enable-bcm2835gpio –enable-sysfsgpiomake & sudo make installIt will take some bit of time, so be patient.JTAG:The Con guration le for JTAG comes with the openOCD package itself. just running this with target cfg will connect toit’s JTAGopenocd -f interface/raspberrypi-native.cfg -f uploads/2018/12/Selection 488.jpg)Now you can connect to gdb and debug the device.SWD:openocd -f raspberrypi swd.cfg -f target/stm32f4x.cfgraspberrypi swd.cfg is located in the git you downloaded r-mans-hardware-hacking-tool/ 6/11

5/2/2019Raspberrypi as poor man's hardware hacking tool - 12/Selection 489.jpg)Now you can connect to gdb and debug the device.JTAGENUMIn a typical device, it is rare to nd the JTAG interface and where the pins are located. So we use a tool called asJTAGenum which scan for all the pins the devices and tell you which pins is TMS-TCK-TDI-TDO. This is very helpfull ifyou don’t have proper documentation of the target device.INSTALLATION:git clone https://github.com/cyphunk/JTAGenumcd JTAGenumsource JTAGenum.shscanPins to be used are 3 – 5 – 7 – 11 – 13 – 15 and common ground.This will take a bit of time as the GPIO is quite 2/Selection 490.jpg)Successful s-hardware-hacking-tool/ 7/11

5/2/2019Raspberrypi as poor man's hardware hacking tool - 12/Selection 492.jpg)Time it took for Selection 493.jpg)That’s all for now guys. I will update more if I nd more information on using Raspberry Pi as other cool things.We have created a shield for doing the same without messy wire. You can get one if you happen to catch holdof Aseem Jakhar. (https://twitter.com/aseemjakhar?lang Selection 496.jpg)REFERENCE:1. https://github.com/cyphunk/JTAGenum2. spberry-Pi-as-a-JTAG-Dongle3. http://catch22.eu/baremetal/openocd sysfs stm32/4. s-a-jtagswd-adapter/5. https://www.richud.com/wiki/Rasberry Pi I2C EEPROM Program6. https://libreboot.org/docs/install/rpi setup.html ardware-hacking-tool/8/11

5/2/2019Raspberrypi as poor man's hardware hacking tool - payatuLEAVE A REPLYYour email address will not be published. Required elds are marked *CommentMessageName *NameEmail *EmailWebsite *WebsiteSave my name, email, and website in this browser for the next time I comment.Please enter an answer in digits: 8 seventeen ardware-hacking-tool/9/11

5/2/2019Raspberrypi as poor man's hardware hacking tool - payatuSend CommentTABBED CONTENTPopularRecent 02/06/2017Passive GSM snif ng with Softwarede ned radio(https://payatu.com/passive-gsm-snif ng-software-de ned-radio/)(https://payatu.com/passive-gsmsnif ng-software-de ned-radio/)20/02/2018A guide to Linux Privilege ion/)escalation/)28/05/2015HackSys Extreme Vulnerable erable-driver/)TAGSandroid (/tag/android/)aslr bypass ing (/tag/cdomstringdatalistinitfromstring/)driver (/tag/driver/)bluetooth (/tag/bluetooth/)CVE-2015-6086 (/tag/cve-2015-6086/)encryption (/tag/encryption/)exploitation (/tag/exploitation/)hack (/tag/hack/)hacking (/tag/hacking/)Hardware (/tag/hardware/)foxit (/tag/foxit/)GSM (/tag/gsm/)hacksys (/tag/hacksys/)hardware exploitation (/tag/hardware-exploitation/)Hardware Hacking asberrypi-as-poor-mans-hardware-hacking-tool/heap over ow (/tag/heap-over ow/) 10/11

5/2/2019Raspberrypi as poor man's hardware hacking tool - payatuinfo leak (/tag/info-leak/)Hijacking Kankun (/tag/hijacking-kankun/)Information Disclosure Vulnerability t of Things (/tag/internet-of-things/)IoT (/tag/iot/)IoT Exploitation (/tag/iot-exploitation/)IoT Penetration Testing (/tag/iot-penetration-testing/)kankun smart socket (/tag/kankun-smart-socket/)IoT Security (/tag/iot-security/)Kernel Exploitation (/tag/kernel-exploitation/)Machine Learning (/tag/machine-learning/)Memory corruption (/tag/memory-corruption/)memory disclosure (/tag/memory-disclosure/)Microsoft Internet Explorer (/tag/microsoft-internet-explorer/)mobile security (/tag/mobile-security/)Practical IoT Hacking (/tag/practical-iot-hacking/)rce (/tag/rce/)quick heal (/tag/quick-heal/)remote code execution (/tag/remote-code-execution/)REST API (/tag/rest-api/)REST API VAPT (/tag/rest-api-vapt/)Smart device (/tag/smart-device/)type confusion (/tag/type-confusion/)Smart socket (/tag/smart-socket/)reversing (/tag/reversing/)stack over ow (/tag/stack-over ow/)Vulnerability (/tag/vulnerability/)windbg (/tag/windbg/) es pvt- (https://www.facebook.com/pages/Payatultd) Labs/111375298957865)Copyright 2015 Payatu All Rights Reserved ardware-hacking-tool/11/11

5/2/2019 Raspberrypi as poor man's hardware hacking tool - payatu ardware-hacking-tool/ 1/ 11

Related Documents:

A. Models of Raspberry Pi used in the Experiments For our assessment, we had the following Raspberry Pi SBCs: two Raspberry Pi Zero W, two Raspberry Pi Zero 2 W, two Raspberry Pi 3 Model B, one Raspberry Pi 3 Model B , and one Raspberry Pi 4 Model B (8 GB of RAM). Some of their technical specifications are presented next:

Raspberry Pi 2B Raspberry Pi 3B Raspberry Pi 3B Raspberry Pi 4B If you have one of above-verified boards, please make sure that you: Follow this guide to setup your Raspberry Pi Check if the operating system on your verified board is ready, and, if not, follow this guide to set up the software on your Raspberry Pi

1. Set up the Simulink support package for Raspberry Pi 2. Build a simple Simulink model for controlling pins on the Raspberry Pi 3. Generate, download and run code on the Raspberry Pi to blink an LED This is the first tutorial in a series on using MATLAB and Simulink to program a Raspberry Pi. In this tutorial Raspberry

Installing Asterisk on the Raspberry Pi Connecting to the Raspberry Pi using SSH Installing Webmin on the Raspberry Pi Accessing Webmin and Installing Postfix Mail Server Conclusion Installing Asterisk on the Raspberry Pi Step 1 In the raspberry-asterisk downloads page, scroll down till you see the latest image available for download.

Raspberry PI computer The Raspberry Pi is a credit-card-sized single-board computer developed in the United Kingdom by the Raspberry Pi Foundation with the intention of promoting the teaching of basic computer science in schools. Figure 1 Raspberry PI Model 3B Computer More information on the Raspberry PI computer may be found here:

The Raspberry Pi 2 which added more RAM was released in February 2015. Raspberry Pi 3 Model B released in February 2016, is bundled with on-board WiFi, Bluetooth and USB boot capabilities. As of January 2017, Raspberry Pi 3 Model B is the newest mainline Raspberry Pi. Raspberry Pi boards are priced between US 5-35.

Raspberry Pi 2 and keeping the load on the processor low will help reduce graphical glitches. Hardware Parts You'll need the following parts to build this project: Raspberry Pi 2 (https://adafru.it/eCB) - You can in theory use a less powerful Raspberry Pi like the Raspberry Pi B or even the new Raspberry Pi Zero,

Many sellers supply SD cards for Raspberry Pi that are already set up with Raspbian and ready to go. A keyboard and a mouse To start using your Raspberry, you will need a USB keyboard and a USB mouse. Once you’ve set your Pi up, you can use a Bluetooth keyboard and mouse, but you’ll need a USB keyboard and mouse for setting up. A TV or .