/explore

Click through on any links that interest you or select the planets on the right to continue exploring the Outer Web.
You are here

sergioprado.blog
| | peterkleissner.com
1.8 parsecs away

Travel
| | [AI summary] A blog post discusses the reverse engineering of Supermicro's IPMI license key algorithm to bypass vendor lock-in and enable free BIOS updates, revealing the use of HMAC-SHA1 with a fixed secret key.
| | reverse.put.as
1.2 parsecs away

Travel
| | Note: the original post was written in 2017 when there weren't many posts discussing direct attacks to firmware flash. It also took a while to get in touch with the ISP to give them a chance to fix some of the issues described (in particular the ACS access) and then it was left in draft mode until today. I just made a quick revision and fixed quite a few dead links.
| | voidstarsec.com
1.2 parsecs away

Travel
| | In previous posts, we've gone over how to tear down Arcade cabinets containing SPI Flash as well as how to dissect the data that was extracted from the Rom. With this next series of posts, I'd like to take the concepts we talked about on those platforms and demonstrate them on a more popular platform With this post our goal will be to extract the firmware from the platform and locate and type of debugging if possible (UART,JTAG,etc). We will explore multiple ways of attempting to extract the filesystem and outline the steps taken for each method.
| | www.shogunlab.com
17.1 parsecs away

Travel
| Welcome to the first part in a tutorial series on reverse engineering with Ghidra! This series will be focused on using the newly released tool from the NSA