Wifi - WPA EAP

swisskyrepo · Feb 8, 2024 · b118b64 · b118b64
1 parent 3e27eb1
commit b118b64
Show file tree

Hide file tree

Showing 9 changed files with 834 additions and 695 deletions.
diff --git a/docs/firmware/firmware-dumping.md b/docs/firmware/firmware-dumping.md
@@ -87,7 +87,6 @@
 
 ## Dump Flash via SPI
 
-
 * Using [flashrom/flashroom](https://github.com/flashrom/flashrom)
     ```ps1
     sudo apt-get install build-essential pciutils usbutils libpci-dev libusb-dev libftdi1 libftdi-dev zlib1g-dev subversion libusb-1.0-0-dev
@@ -213,8 +212,6 @@ $ binwalk -E fw
 ```
 
 
-
-
 ## Encrypted firmware
 
 ![](https://images.squarespace-cdn.com/content/v1/5894c269e4fcb5e65a1ed623/1581004558438-UJV08PX8O5NVAQ6Z8HXI/ke17ZwdGBToddI8pDm48kHSRIhhjdVQ3NosuzDMrTulZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZamWLI2zvYWH8K3-s\_4yszcp2ryTI0HqTOaaUohrI8PIYASqlw8FVQsXpiBs096GedrrOfpwzeSClfgzB41Jweo/Picture2.png?format=1000w)

diff --git a/docs/gadgets/bruschetta-board.md b/docs/gadgets/bruschetta-board.md
@@ -0,0 +1,30 @@
+# Bruschetta
+
+![](https://github.com/whid-injector/BRUSCHETTA-board/raw/main/images/Mode%202%20-%20SPI%20and%20I2C.jpg)
+
+
+## Documentation
+
+* [whid-injector/BRUSCHETTA-Board](https://github.com/whid-injector/BRUSCHETTA-Board) - The Multi-Protocol Swiss-Army-Knife for Hardware Hackers (UART/JTAG/SPI/I2C)
+* [whid-injector/PIZZAbite](https://github.com/whid-injector/PIZZAbite) - A cheaper and open-hardware version of the blasoned Sensepeek's PCBite for Hardware Hacking and DIY Hobbyists
+
+![](https://private-user-images.githubusercontent.com/26245612/270132857-2a87c37b-01fa-427c-87e4-f95feca5f2b6.jpg?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MDc0MDI1OTgsIm5iZiI6MTcwNzQwMjI5OCwicGF0aCI6Ii8yNjI0NTYxMi8yNzAxMzI4NTctMmE4N2MzN2ItMDFmYS00MjdjLTg3ZTQtZjk1ZmVjYTVmMmI2LmpwZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDAyMDglMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwMjA4VDE0MjQ1OFomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTRjYWJhMGMwMDQwMDJlNjUxMzRhMWZlMjdmZTMwYjJjYmFkYmNhZjZiNzIzZWU0MTdiOTRhZTI3OTU0MDJkOTkmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.-cCmS3eF-ps8FtJwvRunCnxJS6DedYPc_DirD0Jl3-A)
+
+Bruschetta is the latest board to interact with Hardware, it is an upgraded version of these projects.
+
+* [whid-injector/Focaccia-Board](https://github.com/whid-injector/Focaccia-Board) - Multipurpose Breakout for the FT232H
+* [whid-injector/Burtleina-Board](https://github.com/whid-injector/Burtleina-Board) - Yet another Multipurpose Breakout Board to hack hardware in a clean and easy way
+* [whid-injector/NANDo-board](https://github.com/whid-injector/NANDo-board) - 2nd Generation of Multipurpose FTDI-based board for Hardware Hacking and IoT Security Testing
+
+
+## Usage
+
+- Mode 2 (UART1+I2C+SPI-VCP): S1=ON and S2=OFF
+- Mode 4 (UART1+JTAG): S1=ON and S2=ON
+
+
+## References
+
+* [🍕PIZZAbite & BRUSCHETTA-board: The Hardware Hacking Toolkit you need for your own Lab! 🇮🇹 - WHID - We Hack In Disguise - 28 sept. 2023](https://www.youtube.com/watch?v=r7BOBPbq83M)
+* [PIZZAbite & BRUSCHETTA-board: The Hardware Hackers tools you need to kickstart your own Lab! - WHID - We Hack In Disguise - SEP 28, 2023](https://www.whid.ninja/blog/pizzabite-bruschetta-board-the-hardware-hackers-tools-you-need-to-kickstart-your-own-lab)
+* [Hacking IoT & RF Devices with BürtleinaBoard™ - Luca Bongiorni - Jul 27, 2020](https://lucabongiorni.medium.com/hacking-iot-rf-devices-with-bürtleinaboard-165e246b1ed0)
diff --git a/docs/gadgets/esp32.md b/docs/gadgets/esp32.md
@@ -0,0 +1,33 @@
+# ESP32
+
+## Tools
+
+* [espressif/esptool](https://github.com/espressif/esptool) - Espressif SoC serial bootloader utility
+* [jmswrnr/esp32knife](https://github.com/jmswrnr/esp32knife) - Tools for ESP32 firmware dissection
+
+
+## Flashing
+
+The ESP32 microprocessor uses the Xtensa instruction set, use `Tensilica Xtensa 32-bit little-endian` in Ghidra.
+
+* Dump the flash
+    ```ps1
+    esptool -p COM7 -b 115200 read_flash 0 0x400000 flash.bin
+    ```
+
+* Dissect the flash
+    ```ps1
+    python esp32knife.py --chip=esp32 load_from_file ./flash.bin
+    ```
+
+* Flash the new firmware
+    ```ps1
+    # repair the checksum
+    python esp32fix.py --chip=esp32 app_image ./patched.part.3.factory 
+    esptool -p COM7 -b 115200 write_flash 0x10000 ./patched.part.3.factory.fixed
+    ```
+
+## References
+
+* [ESP32-reversing - BlackVS](https://github.com/BlackVS/ESP32-reversing)
+