Hacking, hardware hacking

My Start With IoT Exploitation

Intro

Since I’ve been really interested in hardware hacking for quite some time I finally decided to pull apart an Archer C7 v2(rip I fried it) new target is a D-link DIR-601 and poke around a bit. I got UART easily and suspect there’s JTAG pinout but won’t know for sure until I brute force them. I obviously could just look online as I’m sure this router is well documented by others doing the same thing, But trying to use this as a learning experience.

 

Sadly no JTAG on DIR-601

After some more poking around it appears the new DIR-601 I bought has no JTAG pinouts. I do have a TP-Link TC-W7960 that appears to have it tho so I guess the project is still a go when it comes to brute forcing JTAG pinouts and debugging over JTAG.

Noob mistake with some failure

So due to the fact I’m not only new to hardware hacking but electronics in general for the most part I made a mistake that ended fatally for the router I was targeting. First there are no headers on the debug ports of this board. I planned on soldering a pin header to connect to but before I had a chance to get some I decided it couldn’t hurt to connect to the UART interface by just resting the wires down in the hole of the pinout. Well it turns out that was a stupid idea as it seems the GND must have disconnected at some point. Although the board never just died while I was using it the next time I went to use it the router refused to power on…..Lesson learned!

All hope for this project is not lost though thanks to thrift shops selling cheap routers! I was able to get a brand new sealed package D-Link DIR-601 for $7 today, So let the fun (re)begin!

Update: So I got curious again about the router I fried and managed to track down exactly what I did to cause it. It had nothing to do with me connecting by stuffing the male end of the wire into the female pinout and GND wiggling. After checking the specs of the USB to TTL serial adapter I bought off ebay again I noticed that it was a 5v and the router requires a 3.3v. So that was in fact the cause of the problem.

Received my Attify Badge

Last night I received the Attify badge that I ordered. This will allow me to interface with UART, JTAG, SPI, GPIO, and I2C. I plan on doing in depth blog posts for all my steps which I’ll publish on https://togetherwehack.com then link here. Also if you’d like to order an Attify badge yourself you can do so here at https://www.attify-store.com/products/attify-badge-assess-security-of-iot-devices?rfsn=1269016.8c1922

JTAG on TC-W7960 and Update

So I finally opened up my TC-W7960. It does appear to have JTAG pinouts as well as UART so I’ll still be able to do a post with JTAGulator/JTAGEnum. I’ll keep posting project updates as well as tutorials on this blog so keep checking back here or on twitter

Please follow and like us:
Tagged , , , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.