↓ Skip to Main Content
NM-Projects

Main Navigation

  • Home
  • Publications
  • Blog
  • About
  • Legal Disclosure
  • Privacy Policy

Author: Matthias Niedermaier

Investigation into DES cracking with John the Ripper and Ztex FPGA

By Matthias Niedermaier Posted on 2020-02-10 Posted in Embedded Security, IT-Security, Linux, Make, Reverse Engineering 6 Comments
Investigation into DES cracking with John the Ripper and Ztex FPGA

DES has not been considered safe for a long time. For some time now, cracking tool John the Ripp has even made it possible to accelerate cracking with FPGAs. Since I find this topic exciting, I tried it with an …

Investigation into DES cracking with John the Ripper and Ztex FPGA Read more »

PLC Cycle Time Attack

By Matthias Niedermaier Posted on 2020-01-28 Posted in Embedded Security, IT-Security, Linux No Comments
PLC Cycle Time Attack

Demo of how communication load can influence the cycle time of a PLC. Default main cyclic task is used. Cycle time is set to 1ms. Every 250 cycles the next output is set. Attack on different PLCs Attack Code #!/bin/bash …

PLC Cycle Time Attack Read more »

First Impression on the Xiaomi WiFi+

By Matthias Niedermaier Posted on 2017-12-30 Posted in Embedded Security, Linux, Make, Reverse Engineering 1 Comment
First Impression on the Xiaomi WiFi+

Here a first look at the Xiaomi WiFi+ PCB and Software is given.

Setting-up OpenPLC

By Matthias Niedermaier Posted on 2017-11-19 Posted in Embedded Security, IT-Security, Linux, Make, Raspberry Pi No Comments
Setting-up OpenPLC

The OpenPLC is a opensource Programmable Logic Controllers (PLC) alternative. Due to this, it is possible to understand the black box of these systems. It could be easily used with a Raspberry Pi.

Analysis of Mini 3G/4G WiFi Wireless Router (A5-V11)

By Matthias Niedermaier Posted on 2017-09-13 Posted in Embedded Security, IT-Security, Linux, Raspberry Pi, Reverse Engineering 2 Comments
Analysis of Mini 3G/4G WiFi Wireless Router (A5-V11)

Coreboot debugging, configuration, tint, etc.

By Matthias Niedermaier Posted on 2017-09-08 Posted in Embedded Security, IT-Security, Linux, Raspberry Pi No Comments
Coreboot debugging, configuration, tint, etc.

Coreboot provides a lot of possibilities of configurations, primary and secondary payloads and debugging mechanisms.

Flashing Coreboot on the T430 with a Raspberry Pi

By Matthias Niedermaier Posted on 2017-08-27 Posted in Embedded Security, IT-Security, Linux, Raspberry Pi 12 Comments
Flashing Coreboot on the T430 with a Raspberry Pi

Coreboot is an Open Source project, which replaces the proprietary BIOS of a traditional computer. Coreboot initialize the Hardware and then executes a payload (e. g. SeaBIOS or Grub).

Open Source Risc-V on the Xilinx Artix-7 35T Arty – Part 2

By Matthias Niedermaier Posted on 2017-06-16 Posted in Embedded Security, IT-Security, Linux, Make No Comments
Open Source Risc-V on the Xilinx Artix-7 35T Arty – Part 2

With OpenOCD it is possible to flash/upload programs to the spi flash of the Arty Board. From there the SiFive Risc-V “core” will boot.

Open Source Risc-V on the Xilinx Artix-7 35T Arty – Part 1

By Matthias Niedermaier Posted on 2017-06-14 Posted in Embedded Security, IT-Security, Make 3 Comments
Open Source Risc-V on the Xilinx Artix-7 35T Arty – Part 1

Configuring and programming the 100 € Xilinx Arty development board with an open source implementation of the Risc-V ISA from SiFive.

Hacking – Root @ Linksys E900 N300

By Matthias Niedermaier Posted on 2017-04-15 Posted in Embedded Security, IT-Security, Linux No Comments
Hacking – Root @ Linksys E900 N300

How to get root at Linksys E900 N300

Hacking – Root @ NETGEAR DM111PBL ADSL2+

By Matthias Niedermaier Posted on 2017-04-15 Posted in Embedded Security, IT-Security, Linux No Comments
Hacking – Root @ NETGEAR DM111PBL ADSL2+

How to get a root shell on the NETGEAR DM111PBL?

Mirai Soruce Code Reveals Bad IoT Passwords

By Matthias Niedermaier Posted on 2017-02-04 Posted in Uncategorized No Comments
Mirai Soruce Code Reveals Bad IoT Passwords

The Mirai source code reveals the passwords, which are used to create the botnet. These passwords should never ever be used to secure a device. Username Password root xc3511 root vizxv root admin admin admin root 888888 root xmhdipc root …

Mirai Soruce Code Reveals Bad IoT Passwords Read more »

Hacking IP-Camera Digoo BB-M2 – Part 3 – Getting root access

By Matthias Niedermaier Posted on 2017-01-15 Posted in Embedded Security, IT-Security, Linux, Reverse Engineering 31 Comments

After getting access to the serial interface of the IP-Camera the next step is to get a root shell.

Hacking IP-Camera Digoo BB-M2 – Part 2 – Analyzing the boot process

By Matthias Niedermaier Posted on 2017-01-01 Posted in Embedded Security, IT-Security, Linux, Reverse Engineering 15 Comments
Hacking IP-Camera Digoo BB-M2 – Part 2 – Analyzing the boot process

The last article shows, how to identify the serial port on the IP-Camera. With this it is possible to solder wires on the IP-Camera and attach a USB to serial adapter to it.

Hacking IP-Camera Digoo BB-M2 – Part 1 – Identify serial interface

By Matthias Niedermaier Posted on 2016-12-28 Posted in Embedded Security, IT-Security, Linux, Reverse Engineering 4 Comments
Hacking IP-Camera Digoo BB-M2 – Part 1 – Identify serial interface

I have bought an WiFi security camera from banggood. The Digoo BB-M2 Mini WiFi HD 720P costs about 20 €, which is quite cheap for this kind of product. This article will analyze the serial interface of the IP camera.

Advisory (ICSA-16-313-01) from the Department of Homeland Security

By Matthias Niedermaier Posted on 2016-11-11 Posted in IT-Security No Comments

Offensive Security Wireless Attacks – OSWP Certification

By Matthias Niedermaier Posted on 2016-08-24 Posted in IT-Security, Linux, Windows 2 Comments

In my part time I have done my first Offensive Security course and certificate. It is called Wireless Attacks (WiFu) and deals with all kind of wireless attacks.

Raspberry Pi – Hardware Hacking V0.1 update

By Matthias Niedermaier Posted on 2016-06-05 Posted in Embedded Security, Linux, Make, Raspberry Pi No Comments

The manufactured boards have arrived. Unexpectedly the component identifiers are printed on the PCB and i have not placed them. Due to this reason in the next version they have to be placed right. Top of the PCB: Bottom of …

Raspberry Pi – Hardware Hacking V0.1 update Read more »

Raspberry Pi – Hardware Hacking V0.1

By Matthias Niedermaier Posted on 2016-05-21 Posted in Embedded Security, Linux, Make, Raspberry Pi No Comments

The idea behind the hardware hacking shield for the Raspberry Pi is to learn IT-Security hacks on different bus systems on embedded boards. Features for the first version of the Raspberry Pi Hardware Hacking Board (V0.1): I2C EEPROM to learn …

Raspberry Pi – Hardware Hacking V0.1 Read more »

Simple Binary Viewer

By Matthias Niedermaier Posted on 2016-02-01 Posted in Linux, Reverse Engineering No Comments

With this simple Python script it is possible to view a binary file in different styles. This is also possible for example with the Linux tool hexdump. Nevertheless it is sometimes necessary to have this code in an own tool. …

Simple Binary Viewer Read more »

Hacking TL-MR3020 – Part 4 – Qemu test

By Matthias Niedermaier Posted on 2016-01-15 Posted in Embedded Security, Linux, Reverse Engineering No Comments

Qemu with RootFS of TL-MR3020 This tutorial should show, how it is possible to set-up a Qemu virtualized environment. DRAFT!

Hacking TL-MR3020 – Part 3 – Firmware analysis

By Matthias Niedermaier Posted on 2016-01-15 Posted in Embedded Security, Linux, Reverse Engineering No Comments

Extracting and Analysis Firmware of the TL-MR3020 This tutorial shows how the firmware of the TP-Link TL-MR3020 could be analysed. DRAFT!  

Hacking TL-MR3020 – Part 2 – Firmware dump over SERIAL

By Matthias Niedermaier Posted on 2016-01-15 Posted in Embedded Security, Linux, Reverse Engineering No Comments

TL-MR3020 Serial Dump over Python Script This tutorial show, how it is possible to make a firmware dump of the TP-Link TL-MR3020 via a serial connection. DRAFT!

Hacking TL-MR3020 – Part 1 – Firmware dump over TFTP

By Matthias Niedermaier Posted on 2016-01-12 Posted in Embedded Security, Linux, Reverse Engineering 2 Comments

Firmware dump of the TP-Link TL-MR3020 This tutorial will show, how it is possible to make a firmware dump of the TP-Link TL-MR3020 Router. As a possible method the /dev/mtd* data will be transferred over tftp.

Raspberry Pi – Python Flask

By Matthias Niedermaier Posted on 2016-01-06 Posted in Linux, Make, Raspberry Pi No Comments

Python flask The aim is to display content on the Waveshare touchscreen on the Raspberry Pi. For this the Python module Flask is used. With this it is possible to generate a webside with dynamic Python content and much more.

Raspberry Pi – Start Iceweasel on startup

By Matthias Niedermaier Posted on 2016-01-05 Posted in Linux, Make, Raspberry Pi No Comments

Start into full-screen iceweasel The aim of this tutorial is to start iceweasel in full-screen automatically on boot up of the Raspberry Pi.

Raspberry Pi – HDMI Display

By Matthias Niedermaier Posted on 2015-12-26 Posted in Linux, Make, Raspberry Pi No Comments

Connect a 7″ HDMI touch display to a Raspberry Pi: Here a short set-up tutorial about the waveshare 7″ touchscreen for the Raspberry Pi is described.

HackMe4 – Timing

By Matthias Niedermaier Posted on 2015-12-15 Posted in Linux, Reverse Engineering, Windows No Comments

HackMe4: This password crack should be hacked by timing analysis. A timing analysis is the time variation a program needs to check the password. Download File: HackMe4(Linux) Download File: HackMe4(Windows)

HackMe3 – Buffer overflow

By Matthias Niedermaier Posted on 2015-12-10 Posted in Linux, Reverse Engineering, Windows No Comments

HackMe3: This password crack should be hacked by buffer overflow. Download File: HackMe3(Linux) Download File: HackMe3(Windows)

HackMe2 – Dynamic analysis

By Matthias Niedermaier Posted on 2015-12-07 Posted in Linux, Reverse Engineering, Windows No Comments

HackMe2: This password uses a simple check-sum comparison for authorization. Download File: HackMe2(Linux) Download File: HackMe2(Windows)

Disassembler

By Matthias Niedermaier Posted on 2015-12-05 Posted in Linux, Reverse Engineering, Windows No Comments

With a disassembler it is possible to analyze binary files. There are a lot of different programs on the market for different platforms. A lot of them supports different architectures too. Some of them are listed bellow.

HackMe1 – Strings

By Matthias Niedermaier Posted on 2015-12-04 Posted in Linux, Reverse Engineering, Windows No Comments

HackMe1: This should be a very simple introduction about reverse engineering. The aim of this lab is to get access by getting the password out of the provided binary file. The source code in the solution is totally unusable for any …

HackMe1 – Strings Read more »

Etching

By Matthias Niedermaier Posted on 2015-12-03 Posted in Make No Comments

Etching equipment: Temperature regulated etching bath Exposure unit Several containers Etching chemicals Location:

Soundcard

By Matthias Niedermaier Posted on 2015-12-03 Posted in Make No Comments

Soundcard:

Exposure unit

By Matthias Niedermaier Posted on 2015-12-03 Posted in Make No Comments

Exposure unit:

Gnublin

By Matthias Niedermaier Posted on 2015-12-03 Posted in Make No Comments

Gnublin: The Gnublin board is a small form factor PCB with an embedded Linux  on it. It can be bought on embedded-projects.net. Picture of the Gnublin board:

LED cube

By Matthias Niedermaier Posted on 2015-12-03 Posted in Make No Comments

LED cube: LED cubes are a very popular project , while the sizes go from 3x3x3 to 10x10x10 on with RGB LEDs. At the university we have build a monochrome 5x5x5 LED cube.  

Vacuum cleaner

By Matthias Niedermaier Posted on 2015-12-03 Posted in Make No Comments

Vacuum cleaner: At the present time there are many autonomous vacuum cleaner. In summer 2012 I have designed and built a vacuum cleaner by myself. The following video shows a short section of it.  

Footer Menu

  • Home
  • Publications
  • Blog
  • About
  • Legal Disclosure
  • Privacy Policy
© 2023 Matthias Niedermaier | Powered by Responsive Theme