OCamlot
Feed
Users
Log in/Register
2

Whole-known-network

Local Network

|

Whole-known-network
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@whitequark" class="u-url mention">@<span>whitequark</span></a></span> 😂</p>
Posted on 14th of Apr 2025
1000millimeter1000millimeter@chaos.social
1000millimeter's profile picture
<p>i looked up a newer IP camera from the same vendor and they had a really funny &quot;Linux&quot; JFFS2 filesystem without a single ELF binary</p><p>turns out they ported everything to Huawei LiteOS <a href="https://github.com/LiteOS/LiteOS" target="_blank" rel="nofollow noopener" translate="no"><span class="invisible">https://</span><span class="">github.com/LiteOS/LiteOS</span><span class="invisible"></span></a> and so instead of having Linux run more or less one single ELF binary that does Everything (after busybox) they just have a single blob loaded at 0x40000000 that does Everything</p>
Posted on 14th of Apr 2025
Catherinewhitequark@mastodon.social
Catherine's profile picture
<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@RoganDawes" class="u-url mention">@<span>RoganDawes</span></a></span> qemu-system runs the stuff you give it in a VM, yes.</p>
Posted on 14th of Apr 2025
Catherinewhitequark@mastodon.social
Catherine's profile picture
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@whitequark" class="u-url mention">@<span>whitequark</span></a></span> oh my god I tried so hard to get ghidra to do this, and got nowhere.</p>
Posted on 14th of Apr 2025
NRoach44nroach44@mastodon.social
NRoach44's profile picture
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@whitequark" class="u-url mention">@<span>whitequark</span></a></span> Yeah, I wasn&#39;t running in a VM, so it rebooted the host instead. Whoops! 😂</p>
Posted on 14th of Apr 2025
Rogan DawesRoganDawes@infosec.exchange
Rogan Dawes's profile picture
<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@RoganDawes" class="u-url mention">@<span>RoganDawes</span></a></span> I just checked it and it indeed issues a reboot syscall, and when running in qemu-system it just reboots the VM</p>
Posted on 14th of Apr 2025
Catherinewhitequark@mastodon.social
Catherine's profile picture
<p>the reason it reboots, by the way, is that under qemu-user, calling the reboot syscall straight up just reboots your machine</p><p>(under qemu-system it reboots the VM, of course)</p>
Posted on 14th of Apr 2025
Catherinewhitequark@mastodon.social
Catherine's profile picture
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@whitequark" class="u-url mention">@<span>whitequark</span></a></span><br />I&#39;m not saying it was an APT 0day hidding in a IP cam firmware cloned to death but I&#39;m not saying it wasn&#39;t</p>
Posted on 14th of Apr 2025
Jonasmagnetic_tape@infosec.exchange
Jonas's profile picture
<p><span class="h-card" translate="no"><a href="https://mastodon.gamedev.place/@lesley" class="u-url mention">@<span>lesley</span></a></span> it&#39;s Binary Ninja&#39;s &quot;Pseudo Rust&quot;</p>
Posted on 14th of Apr 2025
Catherinewhitequark@mastodon.social
Catherine's profile picture