I found an amazon basics color changing smart light bulb attached to a lamp my neighbor threw in the apartment dumpster.
-
@projectgus @MLE_online From what I see, its an esp32. which, IS halarious.
-
@scribblesonnapkins @SnoopJ I wouldn't know how to do any of that
@MLE_online @SnoopJ
It's not as complicated as it sounds. Is it something you want to explore? -
It looks like it's specifically one of these
ACK Solution
Espressif offers an easy way for users to build Alexa-connected devices with Espressif’s Alexa Connect Kit (ACK) hardware and software.
Espressif Systems (www.espressif.com)
@MLE_online In case it's of interest to anyone reading this: the datasheet indicates these can be locked down using eFuse bits that "can't be unset" (paraphrase) I would expect these to be set on an IoT device (tho' some of the products I've seen written about here… yeesh. so you never know)
I didn't find info for ESP32 about resetting these, but for AVR chips this has reportedly been possible, with some detail here: https://web.archive.org/web/20210506151334/https://sites.google.com/site/pbykec/projects/index/hvsp
hopefully it gives some helpful clues. -
@scribblesonnapkins @MLE_online it looks like the kind of fault injection you're thinking of was performed on a cousin chip, I would guess the secure boot is pretty much the same across the family of chips and would be susceptible to the same attack:
Espressif ESP32: Bypassing Secure Boot using EMFI
Raelize provides top-notch embedded device security serrvices like consultancy, testing, research and training.
(raelize.com)
pretty neat, I like that write-up quite well
@SnoopJ @MLE_online That's one way. There are also fast dips and spikes in the power rails and glitches of other forms.
You can also make micro probes and with the chip decapped probe the chip directly. Those fuses have been know to be made at larger feature sizes.
-
@maehw That seems promising. I'm not really sure where to start though
@MLE_online You'd need to find UART TX/RX + GND + BOOT signal for serial bootloader access. And a USB/serial converter on your PC. But I don't really want to drag you into that rabbit hole. Still got an IoT device on my desk myself.
-
@projectgus @MLE_online the question might be - did they leave an arduino boot loader on it. I'm thinking yes.
-
@vxo @botvolution You should explain what AB 2047 is for people who don't know what that is.
The lawmaker proposing that bill is also proposing to require drivers licenses for ebike. She's on a roll with stupid ideas right now
@MLE_online
Does she have the "Karen" haircut?
@botvolution -
R relay@relay.infosec.exchange shared this topic
