Defcon 24: Blinded By The Light

I won’t be at Defcon this year in body, but I’ll be there in spirit! I got to design the hardware used in @tb69rr’s and @bjt2n3904‘s Defcon talk, Blinded By The Light.

A walk through of the hardware design is given in the video below; if you’re interested in how the collected infrared data can be used to identify and track your phone, be sure to check out their talk at the wireless village!

Hardware Hacking With Python

In preparation for our Embedded Device Exploitation classes, I’ve just released my latest project, the Gumbi board:

New Gumbi boards, fresh off the press

The Gumbi board provides a flexible USB interface to the real world in the form of 64 digital I/O pins – all controllable from the comfort of your Python shell, allowing you to rapidly prototype and create new tools for interfacing with external devices.

Take flashbin for example, an open source flash programmer I’ve written for working with external parallel flash chips.

Although popular for firmware storage, parallel NOR flash chips are particularly difficult for hobbyists/hackers to work with because their interface typically requires 30 to 40 I/O pins (or more!). This tends to result in error-prone wiring that has to be re-wired whenever you need to interface with a different chip:

Using the Gumbi board however, everything can be defined (and re-defined) in software. Just plug the chip in, create a flashbin config file that defines the pin configuration for your target chip, and you’re ready to go:

A 4MB NOR flash chip connected to the Gumbi board via a ZIF socket adapter

Dumping firmware from the 4MB flash chip with flashbin

Continue reading