In part 2, Juan Carlos was interacting with the CLI in U-Boot. What will happen in episode 3? Spoiler alert: there is an episode 4 planned!
Practical Reverse Engineering Part 3 – Following the Data
Part 1: We found a door into the firmware in the form of a UART debug port
Part 2: We took a first look at the firmware, collected all sorts of data
The best thing about hardware hacking is having full access to very bare metal, and all the electrical signals that make the system work. With ingenuity and access to the right equipment we should be able to obtain any data we want. From simply sniffing traffic with a cheap logic analyser to using thousands of dollars worth of equipment to obtain private keys by measuring the power consumed by the device with enough precission (power analysis side channel attack); if the physics make sense, it’s likely to work given the right circumstances. In this post I’d like to discuss traffic sniffing and how we can use it to gather intel. Traffic sniffing at a practical level is used all the time for all sorts of purposes, from regular debugging during the delopment process to reversing the interface of gaming controllers, etc. It’s definitely worth a post of its own, even though this device can be reversed without it. […]
Post:
http://jcjc-dev.com/2016/05/23/reversing-huawei-3-sniffing/
https://firmwaresecurity.com/2016/04/09/huawei-hg533-reversing-part-i/
https://firmwaresecurity.com/2016/04/30/reversing-huawei-router-part-2-u-boots-cli/
Firmware Security 