24 Sep 2023
This blog post demonstrates a security vulnerability I discovered in Ray-Ban Stories, a pair of sunglasses with a built-in camera. With the help of a companion app, users can download recorded videos from the glasses to their phones. However, a determined attacker with sufficient computational resources can perform a man-in-the-middle attack and intercept recorded videos during the download process. This attack was possible on both Android and iOS versions of the Facebook View application.
More …
06 Apr 2022
WiFi Travel routers are affordable and provide wireless networking as well as file sharing services at low cost. But how secure are they actually? I recently purchased one and had fun smashing its stack. This posts demonstrates how an unauthorized user can take full control over the router without any required user interaction. The full vulnerability is published under CVE-2022-28113.
More …
01 Apr 2022
Here’s a link to an NFT on opensea.io. Do you dare to click on it? If you do, I’ll know your IP Address and whether you are using crypto wallet browser add-ons. This post will show you how it’s done
More …
28 Jan 2022
Here’s a collection of tools I commonly use for exploiting embedded systems together with an installation guide. This post will be updated regularly, to include the latest scripts and tools.
More …
05 Jan 2022
The security researcher @silky and I looked into the security of a low-cost wifi travel router. We were able to find and exploit a vulnerability in web interface and escalate privileges from guest user to admin and finally root user. The full vulnerability is published under CVE-2020-29669.
More …