[ad_1]

We were talking about a sweet hack this week, wherein [Alex] busts the encryption for his IP web cam firmware so that he can modify it later. He got a number of lucky breaks, including getting root on the device just by soldering on a serial terminal, but was faced with having to reverse-engineer a binary that implemented RSA encryption and decryption.

Especially when they’re done right, and written to avoid side-channel attacks, encryption routines aren’t intuitive, even when you’re looking at the C source. Reversing it from the binary would be a tremendous hurdle.

That’s when [Alex] started plugging in strings he found in the binary into a search engine. And that’s when he found exactly the open source project that the webcam used, which gave him the understanding he needed to crack the rest of the nut.

Never forget! When you’re doing some reverse engineering, whether hardware or software, do a search for every part number and every string you find in memory. If you’re like me, it might feel like cheating a little bit, but it’s just being efficient. It’s what all your hacker heroes say they do, and if you’re lucky, it might just be the break you need too.

[ad_2]

Leave a Reply

Your email address will not be published. Required fields are marked *