Connecting ESP01 to ADC0838 via SPI.Read More ESP01 Serial & SPI
As the title suggests, I needed to sniff some 802.11 packets, but this time using an ESP8266 (actually, a Wemos D1 mini Lite, which features ESP8285, but any ESP-based device should work). I started with grabbing the esp8266_pcap_serial from ArduinoPcap just to find out it lacks the structs to properly stream the buffer to Wireshark. […]Read More How bout sniffin’ those 802.11 packets?
Note: Don’t try this with BusPirate V4 since it will fail after turning PSU on. Normally you would program your STM32 using a USB-To-Serial adapter, but I couldn’t find mine and I knew I can use my BusPirate to act as one, I just had to figure out the correct pins on the STM32, and […]Read More Programming STM32 with BusPirate v3
Zigfrid is the end result of my RFID tinkering. Since I will most definitely forget most things described here in the (very) near future, I share this for those few who might find it interesting. Please be warned: This is not a toy. It is completely unreliable, untested, malicious tool, which can and will cause […]Read More Zigfrid – A Passive RFID Fuzzer.
This is the story of my Bluetooth hacking adventures. If you want to start with BTLE hacking right away, feel free to jump over to the 2nd (technical) part, otherwise read on as I share my BT exploration findings and thoughts. NOTE: When I refer to BT I also mean BTLE, which as everyone already […]Read More Exploring Bluetooth & iBeacons – from software to radio signals and back.
While my friend and colleague Simone was visiting our ZIMPERIUM – Enterprise Mobile Security TLV office, we got our hands on HackRF and hacked together the unguarded boarders of Radio Frequencies. Simone had the great patience to try and explain me the boring world of complex numbers and friends (more on that here), but my dyslexia […]Read More Sniffing GSM traffic with HackRF.
It started as a small challenge. “I challenge you to make a Base-Station image for embedded devices” dared me my friend Simone, and I decided he is right and it’s time for a BladeRF Base-station image targeting the armhf architecture. While googling on the subject, I found others struggling with same problems I did, and I also […]Read More Ziggy’s Embedded BTS
I used Bochs at 2004 for some projects of mine since that was the only way to emulate a complete PC back in the days. The performance was horrible, hardly usable, since all CPU & BIOS commands were emulated in software. Even on the best of hardware, performance was lacking. Fast forward a few years, […]Read More From Bochs to chroot
The more I get to play with hardware, the more I get to see how security is lacking or implemented poorly (and I’m being very polite here). This time, I would like to share my 315mhz/434mhz RF Sniffer project, which can be used to open poorly protected gates, cars, etc. Nothing new under the sun, […]Read More RF Sniffer – open gates, cars, and RF remote controlled devices with ease.
Here is my circuit design for Arduino keypad, using only 1 analog pin (instead of 7 serial pins), 6 resistors (can be reduced to 5) and 1 capacitor: And now for the full story: I decided it’s time to add a keypad to my Arduino playground. Usually, those simple keypads come with 7 pins (actually 9, […]Read More Arduino keypad with 1 Analog pin