Just proves everything runs linux pretty much. Such a cool thing. I love it when i get to see the boot process of a device for myself instead of waiting silently for the device to come online. Also uboot has some great tools and you can even set env variables so it will boot into the shell by setting init=/bin/sh or init=/bin/bash
Hi Daniel, I really enjoyed this video. I've been building and tinkering with Raspberry Pi and other SBC's and Microcontrollers etc. You presented this little hack in a way that anyone can understand. Keep up the good work. You have a new subscriber sir. 👍
10:47 I've done this. Connected VCC to 5V on my adapter and heard a literally frying sound. Fortunately my brand new Waveshare USB to TTL had some kind of protection and both my board and adapter still works lol.
The most quick method to detect GND and VCC is to probe pins against capacitor pins of the given voltage. Often there is a fixed voltage regulator and gives directly the right pins.
Great question! If you don't get a root shell, then I would suggest dumping the firmware and then looking for useful secrets, or you could modify the firmware in a way that would allow remote access and then upload that modified firmware to the device. Just a few suggestions off the top of my head and I hope they help 👍 Cheers!
You made this look so d@mn easy. This was some information I have been looking for. I'm glad I stumbled across this video and look forward to learning more.
Great video. You need an oscilloscope so you can have a visual representation of the voltage variations. They will be highs and lows; 1’s and 0’s. Have fun
Funny you say that! I was just looking at oscilloscopes the other day because I want to do more with hardware and it seemed like a good tool to have in the kit. Thanks for the suggestion!
I have iot hacking in my course curriculum and I'm really - really excited to deep dive into some hardware hacking and do something different from traditional web/api hacking 🎉❤
I assume you're using Windows as your OS, but if you're not getting assigned a COM port then there might be a driver issue. Verify that your device is being recognized by your system by checking under "Universal Serial Bus controllers" > "USB Serial Converter". You may just need to reinstall the driver for it. You might even try plugging into a different USB port. If none of that works then it may just be a bad device that you're plugging in and you'll need to exchange it for another. I hope that helps 👍
I would try all the common passwords and even no password at all. If that doesn't work then you can try extracting the shadow file from the firmware and brute-forcing it with hashcat or using an online password cracker like crackstation.net. You might be able to grab a copy of the firmware from the device's support page. Then try extracting with binwalk. I hope that helps and best of luck!
Good news. It is possible. You should check out Joe Grand's UA-cam channel and watch him crack into smartphones and other hardware. He has excellent content! ua-cam.com/users/JoeGrand
Hey friend great videos. I'm trying something similar at home. I've identified the Ground port, and Im pretty sure VCC (it's steady 3.30, 3.29) but the other two ports are both reading 0 volts throughout the whole boot process. Any idea what is happening? I know you mentioned one could possibly read 0.00V being the Rx port, but im confused why both :(
This is such a great question, and honestly I'm surprised at myself for not addressing it in the video! My guess would be that the UART RX and/or TX ports are not connected. I've seen manufacturers do that before and when that happens you have to expose the lead wire and jump the pin to the wire. I hope that helps. Cheers!
@Daniel Lowrie Heya thanks for the reply yep that's exactly right. I put it under a scope and I can see the traces have been disconnected. I'm trying to bridge them (theres two pins that can reconnect the traces) with solder but boy is it ever small.. the thinnest solder I have is still too big for it! It's like doing a surgery.
@@lukeschmidt7872 Oh yeah, those traces are soooo stinkin' small! At least you know what the issue is and can attempt to work around it. Even if you're unsuccessful, at least you've gained so much useful experience.
Hallo, can you pleas make video about how to scan another network that security cameras connected to and how to break them or hack them for learning purpose 🙏thank you
Thanks for this video, helped a lot. I have to stay at home for some time, so I grabed an old modem from the early 2010 and found out, that there is a password for UART. Is there a good forum you can recommend for questions about this topic?
Glad to hear you enjoyed the video, Karl! I don't know of any forums off the top of my head, but you may be able to grab the password hash from the firmware using binwalk or firmware modkit and see if you can crack it with something like hashcat.
Love the reference! LOL. Here's a clip of what I consider to be Arnie's best work. ua-cam.com/video/MpQN3HLHrJA/v-deo.html Enjoy and thanks for commenting 😁
@@PhilieBlunt666 thanks, and I'm glad to hear it. There is something very satisfying about hardware and firmware hacking to me, so I for one really enjoyed the rabiit hole 😁👍
I'm not sure, but my guess would be "Yes" especially since they used to make this docs.arduino.cc/retired/boards/arduino-usb-2-serial-micro/. Edit: I just read through the info for the retired arduino usb-2-serial micro and it says that it has the same chip as the Arduino Uno. "It features an Atmega16U2 programmed as a USB-to-serial converter, the same chip found on the Arduino Uno." This makes me more confident that you could use an Arduino Uno as a usb to serial converter.
@@daniellowriebe warned, some arduinos use 5volt and can absolutely break your target if its 3.3volt. some serial ports cant tolerate 5volt for long. I learned it the hard way and lost my test router
Sorry about that, Jim. I've been working on getting the sound to sync up better, but it's been an odd issue. I'll keep at it though and thanks for watc...listening 😁👍
Hey KingErasmos, I'm so sorry to hear that you didn't enjoy my content. The intended audience I was aiming for was for those new to concepts and practices such as connecting to UARTs on devices that, as you say, "stupidly drops to the root shell without any authentication", looking for sensitive information, and possibly discovering weaknesses that could allow for exploitation. I was under the impression that this was something that falls under the rubric of "hardware hacking" as I learned how to do it from books and sites that described this process as an essential "hardware hacking" skill to master. If I'm mistaken in that understanding, then many thanks for the correction. When I made this video, I was new to this type of cybersecurity and was just excited to share what I'd learned with others new to it as well. I'm sure you're already aware of great hardware hacking channels like Joe Grand, The Flashback Team, and Matt Brown, but just in case you haven't here are the links to their channels. I hope they are more aligned with the type of content you're looking for. - Joe Grand ua-cam.com/users/joegrand - The Flashback Team www.youtube.com/@FlashbackTeam - Matt Brown www.youtube.com/@mattbrwn All the best, Daniel
Hey Mauricio, Great question! 🤔 I don't know that "copy" would best describe the situation as it may lead someone to think that something negative or nefarious is happening. I think "similar" would be a better descriptor. We are exploring the same topic, so you've got to expect that we're going to cover some, if not all of the same materials (concepts, tools, techniques, procedures). I would say that this video is only a "copy" of Matt's video insofar as Matt's video is a "copy" of... Tony Gambacorta's video ( ua-cam.com/video/ZmZuKA-Rst0/v-deo.htmlsi=JBBk2jAO9b78CnFW ) Valerio Di Giampietro's video ( ua-cam.com/video/6_Q663YkyXE/v-deo.htmlsi=CxMHJV1OnCWmpXdu ) The Flashback Team's video ( ua-cam.com/video/01mw0oTHwxg/v-deo.htmlsi=fL0fHQqyKQPu4qJ8 ) ...all of which helped me greatly when learning about this topic. So, like I said, not a copy but definitely similar. That said, I'd not seen Matt's channel before, so a big thanks to you for bringing his content to my attention as it's a really great channel with content! Everyone that watches this video should absolutely jump over to Matt's channel ( www.youtube.com/@mattbrwn ) and subscribe. 👍 I would also recommend Joe Grand's channel ( www.youtube.com/@JoeGrand ) if you're looking for some amazing hardware hacking content. 😃
I do have a tendency to be loquacious, for sure! But hey, that's who God made me and I totally understand if my content isn't your "cup of tea". If you're looking for cyber security channels that focus on hardware, might I suggest... Joe Grand - www.youtube.com/@JoeGrand Make Me Hack - www.youtube.com/@MakeMeHack Flashback Team - www.youtube.com/@FlashbackTeam They all have great content and you won't have to listen to me drone on and on. 😅 Cheers!
Oh man, I can be a bit verbose for sure 😅 I'm sorry to hear that it bothered you so much. I totally get that my content isn't for everyone, but maybe you'd enjoy Matt Brown or Joe Grand. They are both very skilled at hardware and great presenters too. Cheers 😀👍
Just proves everything runs linux pretty much. Such a cool thing. I love it when i get to see the boot process of a device for myself instead of waiting silently for the device to come online. Also uboot has some great tools and you can even set env variables so it will boot into the shell by setting init=/bin/sh or init=/bin/bash
Spot on! Being able to watch the boot process has helped me bring a few devices back to working condish
that was really cool! hope you have more of these. Take it easy Daniel. Merry Christmas
Glad you enjoyed the video! I should definitely do another hardware episode. Hardware hacking is a lot of fun!👍
Hi Daniel, I really enjoyed this video. I've been building and tinkering with Raspberry Pi and other SBC's and Microcontrollers etc. You presented this little hack in a way that anyone can understand. Keep up the good work. You have a new subscriber sir. 👍
Hey Brendon, thank you so much for the kind words! I'm really glad to hear that you enjoyed the video and thanks for the sub 😀💯
I am so excited to watch the new series and really want to do some of this. Thank-you for inspireing me to try something new
I'm really glad I could inspire you to branch out, Wayne! Gotta keep reaching just beyond our grasp so that we continue to grow 👍
10:47 I've done this. Connected VCC to 5V on my adapter and heard a literally frying sound. Fortunately my brand new Waveshare USB to TTL had some kind of protection and both my board and adapter still works lol.
Thank goodness you didn't fry something! Letting out the magic smoke is definitely a hazard of the job 😆
Found your Channel on YT, video is great. You have cool ideas, thanks a lot. Great Job :-)
Thanks for watching, John and I'm glad you enjoyed it 😀👍
Really solid stuff! I am pretty sure you are gonna show it in the IoT Pentesting series as well.
Thanks, Rahul! You will definitely see this and a whole lot more 😉👍
The most quick method to detect GND and VCC is to probe pins against capacitor pins of the given voltage. Often there is a fixed voltage regulator and gives directly the right pins.
Thanks for the great info!
Thanks for your perfect video.
I've got a question: What about if we don't get root shell access at first place ?
Great question! If you don't get a root shell, then I would suggest dumping the firmware and then looking for useful secrets, or you could modify the firmware in a way that would allow remote access and then upload that modified firmware to the device. Just a few suggestions off the top of my head and I hope they help 👍 Cheers!
That was VERY useful. Thank you.
You're very welcome! So glad to hear that this was helpful to you😀👍
Woohoo hardware hacking… my absolute fav iT topic. Thanks Dan
I'm really diggin' your enthusiasm, Brian! 😀
You made this look so d@mn easy. This was some information I have been looking for. I'm glad I stumbled across this video and look forward to learning more.
I'm glad you stumbled across this video too! Thanks for watching and I'm glad you enjoyed the content. 😀
Appreciate you helping us with this topic
No problem! I'm glad to do it 👍
Great video. You need an oscilloscope so you can have a visual representation of the voltage variations. They will be highs and lows; 1’s and 0’s. Have fun
Funny you say that! I was just looking at oscilloscopes the other day because I want to do more with hardware and it seemed like a good tool to have in the kit. Thanks for the suggestion!
Dynanomite ma man exactly what i wanted to see to push this mush along
Thanks! Glad you enjoyed the video. Hardware hacking is super fun 👍
Can you share the model and maker of your UART to TTL adapter?, thank you.
Sure thing! It's a DSD TECH SH-U09C5.
Here's the Amazon link... www.amazon.com/DSD-TECH-SH-U09C5-Converter-Support/dp/B07WX2DSVB/ref=sr_1_4?crid=3VF1J1LQ61KP6&dib=eyJ2IjoiMSJ9.HxWzQmv0Xp_HK4a0l7Ql6PjstSh63QL-LDf7MULYDWulVtFEbgBu2oSHl_VItSoOjLGk6mfYiTJYqr50CsmaWjlDefnhuKBL_TEXkuPdleq5MP0zaokcUgbdyQuxB6McLPYBpjPnzgj8IqdETsT-uA63f4e46d2D7nz4o4idDvc63HVrIhjgcxWLoaQQlBg9qGpY939ZInBO7w6Dy3lw_AiV_VAYvb56YjTTb7tHkwI.aBg1o3KygLGZoAV-QhcOtSenEUkVwRKs1XhlbfHBMeE&dib_tag=se&keywords=uart+to+usb&qid=1724090207&sprefix=uart+to+usb%2Caps%2C155&sr=8-4
I have iot hacking in my course curriculum and I'm really - really excited to deep dive into some hardware hacking and do something different from traditional web/api hacking 🎉❤
I hope your ready to find a new level of passion for hacking, because hardware hacking is so much fun and fairly addictive!
And he is back lol. How are you Daniel? Its been a while
I'm good, Jake! Thanks for asking and it's good to be back. 😀👍
⌨️⌨️ That was pretty cool Daniel
Thanks, Mehpew! It was a ton of fun to learn all that and doing the demo. I want to do more with hardware/IoT/embedded in the future 👍💯
Extra like for Arnie voice impression!
I like your extra like and raise you 2 likes 😁
Is that UART USB device the DSD Tech SH-U09C5?
It is indeed!
Sorry for n00b question but when I plug it in to my computer I don’t get COM5, it just says ”serial port”. Did I mess something up?
I assume you're using Windows as your OS, but if you're not getting assigned a COM port then there might be a driver issue. Verify that your device is being recognized by your system by checking under "Universal Serial Bus controllers" > "USB Serial Converter". You may just need to reinstall the driver for it. You might even try plugging into a different USB port. If none of that works then it may just be a bad device that you're plugging in and you'll need to exchange it for another. I hope that helps 👍
mine is looking for password after starting putty. i have a archer mr200 router. what should i enter?
I would try all the common passwords and even no password at all. If that doesn't work then you can try extracting the shadow file from the firmware and brute-forcing it with hashcat or using an online password cracker like crackstation.net. You might be able to grab a copy of the firmware from the device's support page. Then try extracting with binwalk.
I hope that helps and best of luck!
@@daniellowrie i have it opened with binwalk but the shadow file is not in it
This is great!!! You are a wealth of knowledge
You're great, Lauren! Thanks for the sub! 😃
Channel your inner Schwartzenager😅 lol rx and tx, Cisco world would be a cross over cable 😊
It has been a WHILE since I've touched a cross-over cable! Nice 😁 Now GOOOOO! RUUUUNNNN! GET TO DA CHOPPA!
Awesome Content sir
Thank you very much for the compliment, Mohd. I'm glad you enjoyed it and thanks for watching 👍
thank you Daniel for this video, easy and straight forward, good content :)
Thanks for watching! So glad you enjoyed the content 😃
Is it possible to found UART Ports inside Smart Phones, like iphone?
Good news. It is possible. You should check out Joe Grand's UA-cam channel and watch him crack into smartphones and other hardware. He has excellent content! ua-cam.com/users/JoeGrand
Awesome stuff
Thanks, Michi! Glad you liked it 😃👍
what is the name of the usb device?
That device is called uart-to-usb. Hope that helps
Thanks for sharing your knowledge. 🙂🖐💥🖐
You're welcome, zer0 and thanks for watching!
What the name of that strange USB Daniel?
TTL-to-USB 👍
@@daniellowrie thanks so much, really enjoying your videos, gonna recommend them
@@MalongaModeste I really appreciate the support, thanks!
Great content.
I always like what you bring to us
Thanks, Anthony! I'm glad to hear you enjoy the content 👍
Hey friend great videos. I'm trying something similar at home. I've identified the Ground port, and Im pretty sure VCC (it's steady 3.30, 3.29) but the other two ports are both reading 0 volts throughout the whole boot process. Any idea what is happening? I know you mentioned one could possibly read 0.00V being the Rx port, but im confused why both :(
This is such a great question, and honestly I'm surprised at myself for not addressing it in the video! My guess would be that the UART RX and/or TX ports are not connected. I've seen manufacturers do that before and when that happens you have to expose the lead wire and jump the pin to the wire. I hope that helps. Cheers!
@Daniel Lowrie Heya thanks for the reply yep that's exactly right. I put it under a scope and I can see the traces have been disconnected. I'm trying to bridge them (theres two pins that can reconnect the traces) with solder but boy is it ever small.. the thinnest solder I have is still too big for it! It's like doing a surgery.
@@lukeschmidt7872 Oh yeah, those traces are soooo stinkin' small! At least you know what the issue is and can attempt to work around it. Even if you're unsuccessful, at least you've gained so much useful experience.
tx pin will have oscillations when you turn on the device. So check voltage oscillation in tx and rx pins while powering on.
Hallo, can you pleas make video about how to scan another network that security cameras connected to and how to break them or hack them for learning purpose 🙏thank you
That's not a bad idea. I just need to get my hands on a security camera.👍
Thanks for this video, helped a lot.
I have to stay at home for some time, so I grabed an old modem from the early 2010 and found out, that there is a password for UART.
Is there a good forum you can recommend for questions about this topic?
Glad to hear you enjoyed the video, Karl! I don't know of any forums off the top of my head, but you may be able to grab the password hash from the firmware using binwalk or firmware modkit and see if you can crack it with something like hashcat.
Hey Daniel can u give links of the stuff where to buy these pls
www.amazon.com/EDGELEC-Breadboard-Optional-Assorted-Multicolored/dp/B07GD2BWPY/ref=mp_s_a_1_3?crid=JR9MZIJISAG2&keywords=Pin+wires&qid=1671558358&sprefix=pin+wires%2Caps%2C126&sr=8-3
www.amazon.com/DSD-TECH-SH-U09C5-Converter-Support/dp/B07WX2DSVB/ref=mp_s_a_1_3?crid=2Q32JOBJJ29Y4&keywords=uart+to+usb&qid=1671558459&sprefix=Uart%2Caps%2C120&sr=8-3
This video is good for the economy!
Thanks Dave! I'm just trying to do my part 😁👍
We got arnie, I think I see hanz, I can be franz. And we are here to pump👏 you up!
Love the reference! LOL. Here's a clip of what I consider to be Arnie's best work. ua-cam.com/video/MpQN3HLHrJA/v-deo.html Enjoy and thanks for commenting 😁
@@daniellowrie he definitely sells the character in that scene
@@daniellowrie love the video btw, I'm waiting for my uart connector now. So I got a long rabbit hole ahead of me
@@PhilieBlunt666 honestly I'm surprised he didn't win an Oscar for this performance. Shame on the Academy for this oversight. Shame, I say!
@@PhilieBlunt666 thanks, and I'm glad to hear it. There is something very satisfying about hardware and firmware hacking to me, so I for one really enjoyed the rabiit hole 😁👍
Is it possible to use Arduino as a usb to serial converter
I'm not sure, but my guess would be "Yes" especially since they used to make this docs.arduino.cc/retired/boards/arduino-usb-2-serial-micro/.
Edit: I just read through the info for the retired arduino usb-2-serial micro and it says that it has the same chip as the Arduino Uno.
"It features an Atmega16U2 programmed as a USB-to-serial converter, the same chip found on the Arduino Uno."
This makes me more confident that you could use an Arduino Uno as a usb to serial converter.
@@daniellowriebe warned, some arduinos use 5volt and can absolutely break your target if its 3.3volt. some serial ports cant tolerate 5volt for long. I learned it the hard way and lost my test router
@@309electronics5 Great advice! Thanks for the heads-up 👍
Wow look who decided to pop up 😂. Man u just post some great content and be like gone for months . Anyways good to see some great hardware hacking
I'm like a hacking phantasm! 😝 I sure do appreciate your viewership, firos and I'm glad you feel it's worth the wait 😁👍
@@daniellowrie ya I thnk its also the wait that does it . I see ur vedios and the phrase "quality over quantity" comes to my mind
Thanks, @@firosiam7786 , that's the highest praise I could hope to get 🙂
How to dump firmware
Thanks for the suggestion, No Name 👍
Love to watch, but sound is not in sync with the video, not working with my ocd :( ... still listen with no video, only sound and it's perfect
Sorry about that, Jim. I've been working on getting the sound to sync up better, but it's been an odd issue. I'll keep at it though and thanks for watc...listening 😁👍
Thank you , great video ,
Totally going to try!
So glad to hear that you enjoyed the video! 😀👍
Thanks
Happy to oblige 👍
i loved it make similar videos
I love that you loved it! 😁
Cool stuff. My son might be interested in trying this with me: he's been studying cybersecurity.
Thanks for watching! Glad you enjoyed the content and I hope you and your son have a lot of fun connecting to UARTs 😀
Cool
Thanks! I find hardware/IoT hacking is a VERY interesting and fun as well
Bruh, is that a Harbor Freight multimeter? 😅
I got it at Auto Zone thank you 😂😁
Hardly hardware “hacking”.
All you did was connect to the UART on a device that stupidly drops to the root shell without any authentication.
Hey KingErasmos, I'm so sorry to hear that you didn't enjoy my content. The intended audience I was aiming for was for those new to concepts and practices such as connecting to UARTs on devices that, as you say, "stupidly drops to the root shell without any authentication", looking for sensitive information, and possibly discovering weaknesses that could allow for exploitation. I was under the impression that this was something that falls under the rubric of "hardware hacking" as I learned how to do it from books and sites that described this process as an essential "hardware hacking" skill to master. If I'm mistaken in that understanding, then many thanks for the correction. When I made this video, I was new to this type of cybersecurity and was just excited to share what I'd learned with others new to it as well.
I'm sure you're already aware of great hardware hacking channels like Joe Grand, The Flashback Team, and Matt Brown, but just in case you haven't here are the links to their channels. I hope they are more aligned with the type of content you're looking for.
- Joe Grand ua-cam.com/users/joegrand
- The Flashback Team www.youtube.com/@FlashbackTeam
- Matt Brown www.youtube.com/@mattbrwn
All the best,
Daniel
Is this a copy of youtube.com/@mattbrwn?si=ZMHd7XM5hPeFCqUq Matt Brown video?
Hey Mauricio, Great question!
🤔 I don't know that "copy" would best describe the situation as it may lead someone to think that something negative or nefarious is happening. I think "similar" would be a better descriptor.
We are exploring the same topic, so you've got to expect that we're going to cover some, if not all of the same materials (concepts, tools, techniques, procedures).
I would say that this video is only a "copy" of Matt's video insofar as Matt's video is a "copy" of...
Tony Gambacorta's video ( ua-cam.com/video/ZmZuKA-Rst0/v-deo.htmlsi=JBBk2jAO9b78CnFW )
Valerio Di Giampietro's video ( ua-cam.com/video/6_Q663YkyXE/v-deo.htmlsi=CxMHJV1OnCWmpXdu )
The Flashback Team's video ( ua-cam.com/video/01mw0oTHwxg/v-deo.htmlsi=fL0fHQqyKQPu4qJ8 )
...all of which helped me greatly when learning about this topic. So, like I said, not a copy but definitely similar.
That said, I'd not seen Matt's channel before, so a big thanks to you for bringing his content to my attention as it's a really great channel with content! Everyone that watches this video should absolutely jump over to Matt's channel ( www.youtube.com/@mattbrwn ) and subscribe. 👍
I would also recommend Joe Grand's channel ( www.youtube.com/@JoeGrand ) if you're looking for some amazing hardware hacking content. 😃
This video could have been 5 minutes long lol
I do have a tendency to be loquacious, for sure! But hey, that's who God made me and I totally understand if my content isn't your "cup of tea".
If you're looking for cyber security channels that focus on hardware, might I suggest...
Joe Grand - www.youtube.com/@JoeGrand
Make Me Hack - www.youtube.com/@MakeMeHack
Flashback Team - www.youtube.com/@FlashbackTeam
They all have great content and you won't have to listen to me drone on and on. 😅
Cheers!
blablabla and the you got 2 receive pins, nice. u svck
Oh man, I can be a bit verbose for sure 😅 I'm sorry to hear that it bothered you so much.
I totally get that my content isn't for everyone, but maybe you'd enjoy Matt Brown or Joe Grand. They are both very skilled at hardware and great presenters too. Cheers 😀👍