hakstuff
@hakstuff.bsky.social
The thing I struggle with most is knowing when to walk away from a security project. Everything new is fun, and everything I'm doing is boring! But also, the things I've forgotten about are fun to revisit. The ADHDer's lament...
August 14, 2025 at 8:47 PM
The thing I struggle with most is knowing when to walk away from a security project. Everything new is fun, and everything I'm doing is boring! But also, the things I've forgotten about are fun to revisit. The ADHDer's lament...
Cyberdelia Rave at DEFCON was by far the highlight of my Saturday night - amazing event!!!
August 10, 2025 at 9:39 AM
Cyberdelia Rave at DEFCON was by far the highlight of my Saturday night - amazing event!!!
TIL Red Bull rewards security researchers with trays of Red Bull for reporting vulnerabilities in their website/apps
May 25, 2025 at 6:47 AM
TIL Red Bull rewards security researchers with trays of Red Bull for reporting vulnerabilities in their website/apps
I wrote up a little blog post on the whole matter - the tl;dr is that you can pipe bytes over SSH, netcat, telnet, etc. using cat, dd, or anything else to dump the raw block device! Not a very hard technique, but a useful one to keep in your back pocket
www.hakstuff.net/blog/embedde...
www.hakstuff.net/blog/embedde...
May 23, 2025 at 6:51 PM
I wrote up a little blog post on the whole matter - the tl;dr is that you can pipe bytes over SSH, netcat, telnet, etc. using cat, dd, or anything else to dump the raw block device! Not a very hard technique, but a useful one to keep in your back pocket
www.hakstuff.net/blog/embedde...
www.hakstuff.net/blog/embedde...
While hacking on my car's head unit, I ran into the weird issue of needing to extract the device's firmware over SSH.
But there's a golden rule: If you can run a command and see any form of output, that means you can dump the firmware! The rest is just making it less of a pain..
But there's a golden rule: If you can run a command and see any form of output, that means you can dump the firmware! The rest is just making it less of a pain..
May 23, 2025 at 6:51 PM
While hacking on my car's head unit, I ran into the weird issue of needing to extract the device's firmware over SSH.
But there's a golden rule: If you can run a command and see any form of output, that means you can dump the firmware! The rest is just making it less of a pain..
But there's a golden rule: If you can run a command and see any form of output, that means you can dump the firmware! The rest is just making it less of a pain..
My next plan is to dump the full firmware of this unit so I have a copy for static analysis. Unfortunately its huge, and the device doesn't have any USB ports right now!
I could modify the packet filter configuration to unblock SSH and transfer it via SCP, but I don't want to modify the system yet
I could modify the packet filter configuration to unblock SSH and transfer it via SCP, but I don't want to modify the system yet
May 20, 2025 at 4:56 PM
My next plan is to dump the full firmware of this unit so I have a copy for static analysis. Unfortunately its huge, and the device doesn't have any USB ports right now!
I could modify the packet filter configuration to unblock SSH and transfer it via SCP, but I don't want to modify the system yet
I could modify the packet filter configuration to unblock SSH and transfer it via SCP, but I don't want to modify the system yet
Got root on my head unit using the edge connector adapter board I made! The Bus Pirate 6 is pretty slick, even if I'm just using it as a basic UART interface/bridge here haha
May 20, 2025 at 2:17 PM
Got root on my head unit using the edge connector adapter board I made! The Bus Pirate 6 is pretty slick, even if I'm just using it as a basic UART interface/bridge here haha
Just received prototype assembly photos from PCBWay for the debug edge connector breakout board I made! Really excited to receive them soon 😄
April 18, 2025 at 6:21 PM
Just received prototype assembly photos from PCBWay for the debug edge connector breakout board I made! Really excited to receive them soon 😄
I NEED to be computing on a big ass cube
April 1, 2025 at 7:57 PM
I NEED to be computing on a big ass cube
like, bro: the NEC Express 5800/Endurance is basically just four rack-mounted tower servers!! You can even see that they're each sat in little pull-out drawers. What a cool design
April 1, 2025 at 7:50 PM
like, bro: the NEC Express 5800/Endurance is basically just four rack-mounted tower servers!! You can even see that they're each sat in little pull-out drawers. What a cool design
If anyone ever wants a free pentest or research project done, just donate me one of these huge 90's NEC servers. They are so ridiculously rare, I've never even seen one for sale...
April 1, 2025 at 7:48 PM
If anyone ever wants a free pentest or research project done, just donate me one of these huge 90's NEC servers. They are so ridiculously rare, I've never even seen one for sale...
I'm currently playing with a head unit that uses a generic 1mm-pitch edge connector as a debug breakout, and I'd love to connect to it! I didn't want to solder directly to it, so I've been digging for a 1mm-pitch PCIe-style breakout board. Couldn't find one, so I made one!
March 27, 2025 at 7:04 PM
I'm currently playing with a head unit that uses a generic 1mm-pitch edge connector as a debug breakout, and I'd love to connect to it! I didn't want to solder directly to it, so I've been digging for a 1mm-pitch PCIe-style breakout board. Couldn't find one, so I made one!
I couldn't find what I needed online, so I made it! 40-pin 1mm-pitch edge connector (PCIe x4 size, ish) broken out to a standard 40-pin 2.54mm-pitch header, that way you can easily attach UART/JTAG adapters, debuggers, etc.
March 27, 2025 at 7:01 PM
I couldn't find what I needed online, so I made it! 40-pin 1mm-pitch edge connector (PCIe x4 size, ish) broken out to a standard 40-pin 2.54mm-pitch header, that way you can easily attach UART/JTAG adapters, debuggers, etc.
Bus Pirate finally arrived! I'm excited to play with it, I've been itching to throw it at my current project
March 25, 2025 at 4:58 PM
Bus Pirate finally arrived! I'm excited to play with it, I've been itching to throw it at my current project
This is such a funny pic to choose for this article
March 14, 2025 at 10:01 PM
This is such a funny pic to choose for this article
According to info I found online, this module allegedly uses these PCB edge connectors for all of its debug functionality - pretty nifty! I've never run into this before
March 13, 2025 at 9:42 PM
According to info I found online, this module allegedly uses these PCB edge connectors for all of its debug functionality - pretty nifty! I've never run into this before
Project of the week! 😄
March 13, 2025 at 8:27 PM
Project of the week! 😄
fighting the urge to reply to people about Linux
March 12, 2025 at 4:51 PM
fighting the urge to reply to people about Linux
tried out binwalkv3 for the first time today, had no idea it looked so good!! analysis was also insanely fast
March 11, 2025 at 12:41 AM
tried out binwalkv3 for the first time today, had no idea it looked so good!! analysis was also insanely fast
Also shoutout to the now-huge thumbnail of the Toyota Previa on Work Equip 05's, I love this pic
February 16, 2025 at 9:28 PM
Also shoutout to the now-huge thumbnail of the Toyota Previa on Work Equip 05's, I love this pic
Interesting find: Someone listed some old QNX OS books on eBay that used to be property of a betting and horse racing company/group from Australia.
February 16, 2025 at 2:51 PM
Interesting find: Someone listed some old QNX OS books on eBay that used to be property of a betting and horse racing company/group from Australia.
Insane knowledge - I'm pretty sure you're 100% right! I found this pic on an early 2000s unofficial apple repair site
www.missmac.com/keyboard.html
www.missmac.com/keyboard.html
February 4, 2025 at 11:12 PM
Insane knowledge - I'm pretty sure you're 100% right! I found this pic on an early 2000s unofficial apple repair site
www.missmac.com/keyboard.html
www.missmac.com/keyboard.html
This repo is pretty interesting, because it includes some nifty python scripts for visualizing embedded firmware filesystems. Cool to see what other people have tried!
December 13, 2024 at 8:42 PM
This repo is pretty interesting, because it includes some nifty python scripts for visualizing embedded firmware filesystems. Cool to see what other people have tried!
i've been messing with the keitai I have and have been mulling over making a tutorial on how to use them on US cell networks. Need to grab a SIM for mine so I can confirm it works first though!
December 13, 2024 at 1:28 AM
i've been messing with the keitai I have and have been mulling over making a tutorial on how to use them on US cell networks. Need to grab a SIM for mine so I can confirm it works first though!