Entries by Daniel Su

BlueSteal: Popping GATT Safes

Remotely Cracking Bluetooth Enabled Gun Safes In this blog post, we will detail BlueSteal, or the ability to exploit multiple security failures in the Vaultek VT20i. These vulnerabilities highlight the need to include security audits early in the product manufacturing process. These vulnerabilities include CVE-2017-17435 and CVE-2017-17436. The VT20i is a very popular product designed for […]

Pixhawk Firmware Hooking

In this post, we will be binary patching a firmware image in order to hook into the entry point. This is common practice when we are reverse engineering binary firmwares in an attempt to discover the interactions between machine code and hardware functionality. For the purposes of this post, we will be redirecting the control […]