Gadget M5Core2 + HydraBus Update

swisskyrepo · Jan 21, 2024 · 4a47c29 · 4a47c29
1 parent c349f12
commit 4a47c29
Show file tree

Hide file tree

Showing 9 changed files with 183 additions and 81 deletions.
diff --git a/docs/assets/hydrabus_pin_assignment.jpg b/docs/assets/hydrabus_pin_assignment.jpg
diff --git a/docs/assets/image_bus_pirate.png b/docs/assets/image_bus_pirate.png
diff --git a/docs/gadgets/bus-pirate.md b/docs/gadgets/bus-pirate.md
@@ -1,15 +1,20 @@
 # Bus Pirate
 
-![MOSI-MISO](https://iotmyway.files.wordpress.com/2018/05/mode-guide.png)
+![BusPirate](../assets/image_bus_pirate.png)
 
 
-## Update Bus Pirate
+## Firmwares
 
-```powershell
-git clone https://github.com/BusPirate/Bus_Pirate.git
-cd Bus_Pirate/package/BPv4-firmware/pirate-loader-v4-source/pirate-loader_lnx
-sudo ./pirate-loader_lnx --dev=/dev/ttyACM0 --hex=../BPv4-firmware-v6.3-r2151.hex
-```
+* [BusPirate/Bus_Pirate](https://github.com/BusPirate/Bus_Pirate)
+    ```powershell
+    cd Bus_Pirate/package/BPv4-firmware/pirate-loader-v4-source/pirate-loader_lnx
+    sudo ./pirate-loader_lnx --dev=/dev/ttyACM0 --hex=../BPv4-firmware-v6.3-r2151.hex
+    ```
+
+
+## Examples
+
+Dump firmware over SPI using a Bus Pirate
 
 ```powershell
 # Identify EEPROM chip
@@ -22,4 +27,6 @@ sudo flashrom -p Buspirate_spi:dev=/dev/ttyUSB0,spispeed=1M -c (Chip name)  -r (
 
 ## References
 
-* [Bus Pirate Unboxing - Toolkit - Hacker Warehouse - 4 juin 2018](https://youtu.be/lP8vMvBu3Bg)
+* [Bus Pirate Unboxing - Toolkit - Hacker Warehouse - 4 juin 2018](https://youtu.be/lP8vMvBu3Bg)
+* [Bus Pirate 5 REV 10 Hardware](https://hardware.buspirate.com/)
+* [Ph0wn, my first IoT CTF - Part 2 - Sebastien Andrivet - 19 December 2018](https://sebastien.andrivet.com/fr/posts/ph0wn-my-first-iot-ctf-part-2/)
diff --git a/docs/gadgets/flipper-zero.md b/docs/gadgets/flipper-zero.md
@@ -2,7 +2,7 @@
 
 ![FlipperZero](../assets/image_flipper_cover.png)
 
-## **Firmwares**
+## Firmwares
 
 * [Flipper Zero Firmware](https://github.com/flipperdevices/flipperzero-firmware)
 * [Flipper Zero Unleashed Firmware](https://github.com/Eng1n33r/flipperzero-firmware)
@@ -32,9 +32,15 @@
 * [Flipper Zero: Want some good news? - Penthertz](https://www.youtube.com/watch?v=tB0eYatvu0k)
 * [Flipper Zero: is this for you? Follow our 1st tests! - Penthertz](https://www.youtube.com/watch?v=W5YYObSBUno)
 
+
 ## Tutorials and Resources
 
 * [Flipper Zero Hacking 101 - pingywon](https://flipper.pingywon.com/flipper/)
 * [Flipper Zero Playground - UberGuidoZ](https://github.com/UberGuidoZ/Flipper)
 * [Flashing Flipper Zero with RogueMaster CFW](https://interestingsoup.com/n00b-guide-flashing-flipper-zero-to-rougemaster/)
-* [Unleashed Firmware - Update firmware](https://github.com/DarkFlippers/unleashed-firmware/blob/dev/documentation/HowToInstall.md)
+* [Unleashed Firmware - Update firmware](https://github.com/DarkFlippers/unleashed-firmware/blob/dev/documentation/HowToInstall.md)
+
+
+## References
+
+* [The Ultimate Guide / CheatSheet to Flipper Zero - Ilias Mavropoulos - 17/01/2024](https://infosecwriteups.com/the-ultimate-guide-cheatsheet-to-flipper-zero-d4c42d79d32c)
diff --git a/docs/gadgets/hydrabus.md b/docs/gadgets/hydrabus.md
@@ -1,6 +1,6 @@
 # HydraBus
 
-![HydraBUS - Pin Assignment](https://hydrabus.com/wp-content/uploads/2024/01/HydraBus_1_0_HydraFW_Default_PinAssignment_A4-1024x724.jpg)
+![HydraBUS - Pin Assignment](../assets/hydrabus_pin_assignment.jpg)
 
 
 ## Features
@@ -16,11 +16,17 @@ External interactions:
 - UART
 - I2C
 - CAN/LIN Bus
+- SUMP
+- JTAG
 - SPI Bus
 - SD/SDIO
 - USB Bus
 - ADC / DAC (Analog / Digital)
 - GPIO
+- NFC
+- Wiegand
+- NAND flash
+- 1-wire,2-wire,3-wire
 
 
 ## Firmware
@@ -29,16 +35,50 @@ External interactions:
 * [hydrabus/hydrafw_hydranfc_shield_v2](https://github.com/hydrabus/hydrafw_hydranfc_shield_v2) - HydraFW dedicated to HydraBus v1 / HydraNFC Shield v2
 * [bvernoux/blackmagic](https://github.com/bvernoux/blackmagic) - In application debugger for ARM Cortex microcontrollers
 
-Commands examples:
 
-```ps1
-show system/memory/threads
-```
+## Commands
+
+* Basic info: `show system`
+    ```ps1> show system
+    HydraFW (HydraBus) v0.11-1-g4d74500 2023-05-09
+    sysTime: 0x000d82dd.
+    cyclecounter: 0x76ac02b9 cycles.
+    cyclecounter64: 0x0000000076ac02cb cycles.
+    10ms delay: 1680035 cycles.
+    ```
+
+* Determine the port name: `ls -l /dev/tty*`
+* Interact witht the HydraBus: `screen /dev/ttyACM0`
+* Switch to SPI mode: `spi`
+* Determine the pin for SPI: `show pins`
+
+
+## Syntax
+
+| Value | Description |
+|-------|-------------|
+| [	 | Chip select (CS) active (low) |
+| ]	 | CS disable (high) |
+| r	 | Read one byte by sending dummy byte (0xff). r:1...255 for bulk reads |
+| hd | Read one byte by sending dummy byte (0xff). hd:1...4294967295 for bulk reads. Displays a hexdump of the result |
+| w	 | Followed by values to write byte(s). w:1...255 for bulk writes |
+| 0b | Write this binary value. Format is 0b00000000 for a byte, but partial bytes are also fine: 0b1001 |
+| 0	 | Write this Octal value. Format is prefixed by a 0 (values from 000 to 077) |
+| "  | Write an ASCII-encoded string |
+| 0h/0x | Write this HEX value. Format is 0h01 or 0x01. Partial bytes are fine: 0xA. A-F can be lower-case or capital letters |
+| 0-255	| Write this decimal value. Any number not preceded by 0x, 0h, or 0b is interpreted as a decimal value |
+
+Examples:
+
+* Read Identification (0x9F): `[ 0x9F r:3 ]`
+* Read Data (0x03) at the address (0x00:3) and read 32 bytes (hd:32) `[ 0x03 0x00:3 hd:32 ]`
 
 
 ## References
 
+* [HydraBus/HydraFW wiki - Benjamin Vernoux - Jan 21, 2021](https://github.com/hydrabus/hydrafw/wiki/)
 * [HydraBus v1.0 Specifications - HydraBus](https://hydrabus.com/hydrabus-1-0-specifications)
 * [HydraBus Assembly Video - Lab401 - 30 may 2017](https://youtu.be/9lFEPG8EG6w)
 * [BlackAlps17: Hydrabus: Lowering the entry fee to the IoT bugfest - Benjamin Vernoux -  2 dec. 2017](https://www.youtube.com/watch?v=theYbzPhYH8)
-* [HydraBus - An Open Source Platform - RMLL Sec 2017](https://archives.pass-the-salt.org/RMLL%20Security%20Tracks/2017/slides/RMLL-Sec-2017-hydrabus.pdf)
+* [HydraBus - An Open Source Platform - RMLL Sec 2017](https://archives.pass-the-salt.org/RMLL%20Security%20Tracks/2017/slides/RMLL-Sec-2017-hydrabus.pdf)
+* [Ph0wn, my first IoT CTF - Part 3 - Sebastien Andrivet - Dec. 19, 2018](https://sebastien.andrivet.com/en/posts/ph0wn-my-first-iot-ctf-part-3/)
diff --git a/docs/gadgets/m5stack.md b/docs/gadgets/m5stack.md
@@ -0,0 +1,44 @@
+# Evil M5Core2
+
+> Evil-M5Core2 is an easy Evil portal and rogue app deployement software designed to work on M5Stack Core2.
+
+![Evil-M5Core2](https://raw.githubusercontent.com/7h30th3r0n3/Evil-M5Core2/main/Github-Img/menu-1.jpg)
+
+
+## Features
+
+* **WiFi Network Scanning**: Identify and display nearby WiFi networks.
+* **Network Cloning**: Check information and replicate networks for in-depth analysis.
+* **Captive Portal Management**: Create and operate a captive portal to prompt users with a page upon connection.
+* **Credential Handling**: Capture and manage portal credentials.
+* **Remote Web Server**: Monitor the device remotely via a simple web interface that can provide credentials and upload portal that store file on SD card.
+* **Sniffing probes**: Sniff and store on SD near probes.
+* **Karma Attack**: Try a simple Karma Attack on a captured probe.
+* **Automated Karma Attack**: Try Karma Attack on near probe automatically
+
+
+## Firmwares
+
+* Firmware: [7h30th3r0n3/Evil-M5Core2](https://github.com/7h30th3r0n3/Evil-M5Core2)
+
+**Requirements**:
+
+* `M5Stack` boards manager
+* `M5Unified` library
+
+
+**Install**:
+
+* Connect your `M5Core2` to your computer.
+* Open the `Arduino IDE` and load the provided code.
+* Ensure `M5unified` and `adafruit_neopixel` libraries are installed.
+* Ensure `esp32` and `M5stack` board are installed. (Error occur with esp32 `3.0.0-alpha3`, please use esp32 `v2.0.14` and below)
+* Place SD file content needed on the SD card. (IMG startup and sites folder)
+* Upload the script to your `M5Core2` device.
+* Restart the device if needed.
+
+
+## References
+
+* [Evil-M5Core2 v1.1.3 - Serial Command - Github Project](https://github.com/7h30th3r0n3/Evil-M5Core2)
+* [Evil Portal Meets Marauder on M5Stack!! Evil-M5Core2 Is the Best of Both Worlds! - Talking Sasquach - 7 jan 2024](https://youtu.be/jcVm4cysmnE)
diff --git a/docs/other/links-and-hardware-kits.md b/docs/other/links-and-hardware-kits.md
@@ -34,8 +34,9 @@
 
 ## Twitch & Streaming
 
-* [Twitch/virtualabs](https://www.twitch.tv/virtualabs)
-* [VirtuVOD - VOD of twitch.tv/virtualabs](https://www.youtube.com/@VirtuVOD)
+* [Twitch - virtualabs](https://www.twitch.tv/virtualabs)
+* [Youtube - VirtuVOD - VOD of twitch.tv/virtualabs](https://www.youtube.com/@VirtuVOD)
+* [Youtube - WHID We Hack In Disguise](https://www.youtube.com/@whid_ninja)
 
 
 ## Books