As the title suggests, I needed to sniff some 802.11 packets, but this time using an ESP8266 (actually, a Wemos D1 mini Lite, which features ESP8285, but any ESP-based device should work). I started with grabbing the esp8266_pcap_serial from ArduinoPcap just to find out it lacks the structs to properly stream the buffer to Wireshark. […]Read More How bout sniffin’ those 802.11 packets?
Note: Don’t try this with BusPirate V4 since it will fail after turning PSU on. Normally you would program your STM32 using a USB-To-Serial adapter, but I couldn’t find mine and I knew I can use my BusPirate to act as one, I just had to figure out the correct pins on the STM32, and […]Read More Programming STM32 with BusPirate v3
Zigfrid is the end result of my RFID tinkering. Since I will most definitely forget most things described here in the (very) near future, I share this for those few who might find it interesting. Please be warned: This is not a toy. It is completely unreliable, untested, malicious tool, which can and will cause […]Read More Zigfrid – A Passive RFID Fuzzer.
This is the story of my Bluetooth hacking adventures. If you want to start with BTLE hacking right away, feel free to jump over to the 2nd (technical) part, otherwise read on as I share my BT exploration findings and thoughts. NOTE: When I refer to BT I also mean BTLE, which as everyone already […]Read More Exploring Bluetooth & iBeacons – from software to radio signals and back.
While my friend and colleague Simone was visiting our ZIMPERIUM – Enterprise Mobile Security TLV office, we got our hands on HackRF and hacked together the unguarded boarders of Radio Frequencies. Simone had the great patience to try and explain me the boring world of complex numbers and friends (more on that here), but my dyslexia […]Read More Sniffing GSM traffic with HackRF.
It started as a small challenge. “I challenge you to make a Base-Station image for embedded devices” dared me my friend Simone, and I decided he is right and it’s time for a BladeRF Base-station image targeting the armhf architecture. While googling on the subject, I found others struggling with same problems I did, and I also […]Read More Ziggy’s Embedded BTS
I used Bochs at 2004 for some projects of mine since that was the only way to emulate a complete PC back in the days. The performance was horrible, hardly usable, since all CPU & BIOS commands were emulated in software. Even on the best of hardware, performance was lacking. Fast forward a few years, […]Read More From Bochs to chroot