PinnedCVE-2024-57790: Uncovering Hardcoded Root Credentials on an ICS/OT Edge GatewayA ten-byte-long piece of information, hidden deep in the device’s memory, allowed me to gain full control over the device.Feb 17Feb 17
Exploiting Siemens Simatic S7 Controllers with Python: A Look at SiemensScan.pyA simple 50kb python script can take control over Siemens Simatic S7 controllers. This article explores possibilites and mitigations.Mar 11Mar 11
ICS/OT Penetration Testing of Siemens HMI Panels: A Beginner’s GuideHuman-Machine Interface (HMI) panels serve as the critical bridge between operators and process controllers. Getting locked out from these…Jan 151Jan 151
TonyHax: A Retro Exploit for PlayStation 1A softmod exploit that leverages Tony Hawk’s Pro Skater savegames to bypass the console’s security mechanisms, allowing gamers to play…Dec 5, 2024Dec 5, 2024
Setting Up a Raspberry Pi for Hardware HackingThe Raspberry Pi, a versatile and affordable single-board computer, can be a powerful tool for hardware hacking. With the right…Nov 5, 20241Nov 5, 20241
Security Analysis of an IX2400 VPN Gateway: Firmware ExtractionIn this article we delve into the process of extracting and analyzing the firmware of an IX2400 device using flashrom, binwalk and…Jun 23, 2024Jun 23, 2024
Protecting Siemens PLCs: Upgrading the FirmwareUnlike IT environments, where systems are frequently patched, updating firmware in OT devices can be daunting due to the potential for…May 5, 2024May 5, 2024
Security Analysis of an IX2400 VPN Gateway: USB Port TamperingIn our last article, we accessed the bootloader shell of the IX2400 device but were unsuccessful in spawning a system shell using modified…Apr 30, 2024Apr 30, 2024
