Browsing All Posts filed under »phones«

Why Writing Firmware Is Kinda Like Software Exploitation

March 22, 2014 by

9

We’ve been away too long. We’re slacking…well not really. (Lawler did an excellent post recently on Power Analysis attacks , but we’re still slowly catching up on the blog…) We’ve just been busy… we’ve been doing quite a bit of embedded reverse engineering and vulnerability research consultation recently (in addition to your normal infosec stuff). […]

A new Course: “Software Exploitation via Hardware Exploitation”

January 31, 2014 by

9

For the last couple of years we’ve been teaching Practical ARM Exploitation. It’s sold out at every public offering (CanSecWest 2012 and BlackHat 2012 & 2013) and we’ve been fortunate enough to give it privately to a number of really amazing organizations. In 2011 we did a talk entitled “Hardware Hacking For Software People” at […]

The USB Condom

September 12, 2013 by

0

So a while back, @drakkhen and I were chatting and he suggested a simple device that would let him “airgap” his mobile devices from his computer but still use them for power. Like a “Charge-Only” USB cable but in an “adapter” form that you could use on normal USB Cables (the only previous alternative was […]

Teaming Up With Trail of Bits

August 8, 2012 by

0

Following our Blackhat 2012 training and talk we received a bunch of emails, tweets, and IMs  asking one thing: “When are you going to offer this to the public again? I couldn’t make it to the BlackHat course.” With the exception of CanSecWest and BlackHat we’ve mostly been giving this (and customized versions of similar […]

Beans on NPR

July 28, 2012 by

0

Following our talk at Blackhat 2012 entitled “Practical ARM Exploitation”, we were honored to be asked to participate in a BlackHat press conference. After getting briefed by the Media Coordinator and Vincenzo Iozzo  we summarized our talk and training in the simplest of terms to a room of reporters and journalists. After the press conference […]

A Lackluster ‘Hack Cluster’: ARM Exploitation Lab Preview

March 1, 2012 by

2

As we have announced in other blogposts we’ve been researching mobile platforms quite a bit (specifically those that use the ARM microprocessor). We compiled all of our notes on ARM reverse engineering and ARM exploitation and built a course called “Practical ARM Exploitation” that we will be publicly debuting this coming week at CanSecWest.  The […]

Android Scripting Layer (Encrypted SMS communication)

September 15, 2010 by

4

Recently I (Stephen A. Ridley) have been doing quite a bit more security research on embedded systems and mobile platforms like phones. This naturally means more development in these areas. A while back I ran into SL4A or Scripting Layer for Android which was (at the time) called ASE  or Android Scripting Environment. (Apparently they […]

Disassembling BlackBerry apps, take 2

February 19, 2009 by

51

A couple people brought to my attention that the coddec patch, well, doesn’t work.  And they were right!   I just committed a new  patch which should work.  Also, provided here are hopefully some instructions to get this working: Download coddec.rar from wherever Extract into some directory and cd into the directory patch -p1 < coddec.patch […]

Disassembling Version 6 BlackBerry apps

January 7, 2009 by

13

Now and again I have to disassemble BlackBerry apps.  BlackBerries pretty much run all Java code.  You might think this would mean everything was .class files and you could jad everything, but this is not the case.  Everything gets compiled to “.cod” files, a file format I have found very little information about on the […]

Blog at WordPress.com.