Unnamed Reverse Engineering Podcast

Reverse Engineering the MegaII with James Lewis. James (https://www.baldengineer.com/) joined Jen and Alvaro to chat about MegaII reverse engineering. Here are links to some of the topics we covered: Element 14 Presents Youtube Hackster.io News MegaIIe Video Apple II Versions Logo (Programming Language) 7400 Series Logic PLCC Package The MiSTer Project Digilent Digital Discovery Schmitt Trigger Analog Discovery 2 ElectroBOOM KiCad JLCPCB RP2040 Checkmate Retro Display Unitiblue HP/Agilent/Keysight 17600 Silicon Valley Maps James’ HDDG Capacitor Talk (video) HALT Testing Have comments or suggestions for us? Find us on twitter @unnamed_show,  or email us at show@unnamedre.com.  

In this episode, we talked about measuring things (Well mostly digital and some analog things)! Digital Multimeter Oscilloscope Passive vs active probes Current probes Logic Analyzers Saleae Logic Mentioned on the Embedded.fm podcast Episode 2 Now with Real Time View! Analog Discovery 2 Sigrok (Supported Logic Analyzers) Bitscope BusPirate Perhaps we missed your favorite tool or you had questions and comments about our list, find us on twitter @unnamed_show,  or email us at show@unnamedre.com and tell us. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)

Ian from DangerousPrototypes (@DangerousProto) joined us to chat about the new BusPirate 5, DirtyPCB’s, and more! Check out this BusPirate 5 post for pictures of many things we mentioned on the show. Ian’s Halloween onion rings (And other instructables) BusPirate Taobao Ian’s Maker Faire 2012 Video Seedstudio BusBlaster Haxelerator Bunnie’s “The Essential Guide to Electronics in Shenzen” Naomi Wu’s updated version of the guide OSHPark DirtyPCBs DirtySLA DirtyAcryllics DirtyCables Arduboy Canned Cheese (Alvaro’s recommendation) Expressway to Pleasure Hacker Camp  Shenzhen PCBite PIZZAbite Sigrok Saleae Prusa MINI Flylin Consulting   Have comments or suggestions for us? Find us on twitter @unnamed_show,  or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)  

We talked to Laurie Wired (X/Twitter, YouTube, Github) about malware reverse engineering, making youtube videos, and more! Check out her excellent series on Reverse Engineering 101 as well as her many Conference Talks.  Here are links to some other topics we covered: Serial Experiments Lain EIEIO instruction  Java Native Interface (JNI) .ipa file Virustotal MalwareBazaar RetroBar for Windows  https://alula.github.io/SpaceCadetPinball/ Neon White game vx underground  trivia Operation Triangulation and Video Presentation “What You Get When Attack iPhones of Researchers” Dalvik Executable Format (.dex) UPX  packer Apk file Neon Genesis Evangelion XcodeGhost https://frida.re/ https://github.com/Ch0pin/medusa Have comments or suggestions for us? Find us on twitter @unnamed_show,  or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)

Jen and Alvaro briefly chat with Jacob Creedon outside a restaurant. Sorry for the terrible sound quality 😅! We’ll try to get back on track this year :) ImHex - Hex editor Jacob mentioned.

No guest this time! Jen and Alvaro catch up 😀 NOTE: Alvaro will be at CCCamp in a few weeks https://events.ccc.de/camp/2023/infos/ Episode 03 - Barbies and Keyboards Barbie Liberation Organization Small Soldiers Movie Toys Movie Jumpin’ Jack Flash Rust - I Hear People Talk About It (shirt) OpenSauce Maker Faire Bay Area 2023 Alvaro’s USB Cable Tester Book Recommendations ARM Assembly and Reverse Engineering Fancy Bear Goes Phishing Fatal System Error Murdoch’s Pirates Cult of the Dead Cow  Past guest David teaching the first lady how to solder! RECESSIM - Reverse Engineering News on YouTube Excellent CAN Injection Write-up (And Great interview with Ken on The Amp Hour) Reverse Engineering A Mysterious UDP Stream in My Hotel WebOS Alvaro’s IR Volume Controller DJI Mic Have comments or suggestions for us? Find us on twitter @unnamed_show,  or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)  

Jen and Alvaro chat with Nika/ic3qu33n about 16-bit MS-DOS malware reverse engineering! You can find Nika in the following places: https://ic3qu33n.fyi/ https://github.com/nikaroxanne https://twitter.com/nikaroxanne https://infosec.exchange/@ic3qu33n Here are links to some of the topics we covered: Leviathan Security Group Hardware Happy Hour (3H) San Francisco BSidesSF Presentation -  MTV Reboot — my Super Sweet 16-bit malware. Mikko Hypponen Darknet Diaries - Mikko Internet Archive Malware Museum R2 IDA Rizin/Cutter (Listen to Episode 45 for more info!) Masm32 vx-underground github nasm  QEMU  FreeDOS bochs emulator Programming Boot Sector Games by Oscar Toledo VMware  Interview with Spanska (virus author) Dark Angel’s Phunky Virus Writing Guide Tequila virus  Bitsavers.org https://ic3qu33n.fyi/ (blog posts!) TSRs Screen Mode 13h Demoscene LayerOne Creeper virus Elk Cloner MTVRE  Electronics Flea Market Ken Shirriff ATT 26A RECON 2023 https://ben.the-collective.net/ https://twitter.com/suidroot Have comments or suggestions for us? Find us on twitter @unnamed_show,  or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)  

Jen and Alvaro chat with Thomas Roth (@ghidraninja on Twitter) about Airtag reverse engineering, debugging iPhones, and GameBoy RE! You can also find Thomas on his stacksmashing.net, YouTube, and @stacksmashing@infosec.exchange. Here are some links to the topics we covered: stacksmashing youtube channel Linux on iPod Airtag fault injection twitter thread Bypassing code protection on NRF52 Raspberry pi pico PIO Joe Grand wallet glitch video Wallet.fail Lennert’s Starlink terminal glitching DEFCON talk DEF CON 29 - Thomas Roth - Hacking the Apple AirTags How the Apple AirTags were hacked  Hardwear.io NL 2021: Over The Air-Tag: Shenanigans With A Keyfinder by Jiska , Fabian And Thomas Kanzi Cable Bonobo Cable MFi IDBus and Lightning The Secrets of Apple Lightning - Part 1 (Video)  The Hitchhacker’s Guide to iPhone Lightning and JTAG Hacking (DEF CON 30 Presentation)  DCSD cable (lightning uart) Frida Saleae Openocd Tamarin Firmware Repo USB Cable Tester Picoprobe rpi2040 swd adapter Mario Kart AI training video Tetris movie Multiplayer tetris Webusb Online Multiplayer on the Game Boy (video) Gameshark Ghidra ChipSHOUTER-PicoEMP F$#k powerpoint there’s no power in the point Have comments or suggestions for us? Find us on twitter @unnamed_show,  or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)

David from Cyber City Circuits (@MakeAugusta) joined us to chat about reverse engineering, manufacturing, escape rooms, and more! Here are links to some of the topics we covered: HackerBoxes KiCad GIMP Inkscape SVG2Shenzen TwinkleTwinkie on Twitter and Mastodon 83Redux Twitter Thread (TI-83 RE project) Sensor Watch on CrowdSupply  arturo182 on Twitter and Mastodon http://datamath.org/ https://tiplanet.org/ DigiHack Thread (Digimon Reversing Project) Joe Grand’s pizza finder Joe's PCB Deconstruction Techniques YouTube Playlist electronicstwitter.com  #newprop on Twitter ChatGPT Have comments or suggestions for us? Find us on Mastodon @unnamedre@infosec.exchange, Twitter @unnamed_show,  or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)

Note: We have 5 year anniversary T-Shirts available for sale. Order is open until Nov 28. We chatted with Sultan Qasim Khan (github) about BLE reverse engineering, relay attacks, and more! Libusb FTDI D2XX Motorola Mobility NCC Group Mike Ryan Ubertooth Mike’s Paper on BLE Security TI BLE sniffer Nordic BLE nRF snifferhttps://www.ellisys.com/products/bex400/ Time-of-flight 802.15z Relay attack  Sniffle Presentation at Hardwear.io 2019 and blog post Sniffle Git Repo https://fortune.com/2022/05/17/tesla-hacker-shows-how-to-unlock-start-and-drive-off-with-car/ nOBEX Have comments or suggestions for us? Find us on twitter @unnamed_show,  or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)

Jen and Alvaro chat about the last 5 years! Don’t forget to get past guest @TubeTimeUS’s new book Open Circuits over at https://nostarch.com/open-circuits. You can use promo code UNNAMEDRE25 to get 25% off. Alvaro is going to be in a panel about Debugging Embedded Devices in Production on August 25th run by the awesome folks at Memfault. Here are some links to things we mentioned: Toorcamp Ran into past guests: Joe Grand Jared Boon Rick Altherr https://hardwear.io/ One of Alvaro’s side projects: SWD over USB-C Behind the Rind Podcast Ferrite Recording Studio (iPad) Audacity Zencastr xArm 6 Robot https://www.jencostillo.com/ Buy Jen’s NFT https://makezine.com/ Kitty Yeung Jen’s Supercon Talk Hackaday Supercon Asahi Linux (and 2022 Progress Report) Jeri’s Episode Micah’s Episode Ken Shirfiff's Episode It’s Not Magic Evil Mad Scientist Labs Windell’s interview about the book on Embedded.fm Have comments or suggestions for us? Find us on twitter @unnamed_show,  or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)

Mike Ryan (bluetooth.expert) joins us once again to talk SDR’s, bluetooth, and more! If you need some consulting help, you can find him at ice9.us. Here are some links to things we talked about: Episode with Jiska Episode with Michael Ossmann Toorcon Toorcon 13 Badge Ice9 Consulting Web of Make Believe on Netflix Caltrain MTVRE Hacking Electric Skateboards Video @ DEFCON23 Inspectrum Rapid Radio Reversing Talk by Michael Ossmann NRF24 Ubertooth CC2400 Yardstick One Waterfall display/plot OOK FSK URH Baudline GNU Radio Companion Fcc.io Alvaro’s Quadcopter Reversing (github) SMC Connector RF Attenuator RF Splitter Natalie’s webRTC talk where the fuzzer “Fred” is mentioned  WirelessUSB BLE Coded PHY HOGP (HID over GATT Profile) You Can Lose in So Many Colors HackRF BladeRF USRP Polyphase channelizer Wireshark Wireshark’s extcap Kismet Dragorn Other Mike Ryans: Michael W. Ryan - Murderer Dr. Michael J. Ryan - Epidemiologist  Dr. Michael J. Ryan - Paleontologist Have comments or suggestions for us? Find us on twitter @unnamed_show,  or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)

Special thanks to Andrea of Hardwear.io team for inviting us. We learned a ton and meet a bunch of new people while (as of this writing) stayed COVID-free. Interviews in order:   Eric Schlaepfer - author of the  new book with co-author Windell Oskay (of “Evil Mad Scientists Laboratories” fame )  “Open Circuits” on No Starch press. Notes there are PREORDER discounts. Jacob Creedon: Just before his talk… at the Mountain View Reverse Engineering Meetup. Spencer Moss from Google (I’m sure you can google the company) security engineer Ken from Somerset Recon  Will McGuiness as the workshop assistant for John McMaster’s microprobing workshop. Mike Ryan: Bluetooth expert from Ice 9 Consulting and previous guest.  As promised he would be on this next show… but the part2 of our RF tools with him will be the next episode.   Have comments or suggestions for us? Find us on twitter @unnamed_show,  or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)

Michael Ossmann (@michaelossmann) from Great Scott Gadgets joined us to chat all things SDR, Open Source Hardware, education, and more! Here are links to some of the topics we covered: HackRF One Ubertooth One GreatFET One A Mathematician's Lament WEP  Wep dead again article APCO P25 Ettus USRP NTLMv1 Dominic Spill GNU Radio Michael’s KiCon Talk  gr-bluetooth Michael’s awesome video series on SDR http://www.nsaplayset.org/ https://en.wikipedia.org/wiki/NSA_ANT_catalog IMSI Catcher DEF CON 22 - Michael Ossmann - The NSA Playset: RF Retroreflectors https://en.wikipedia.org/wiki/The_Thing_(listening_device) Cyberspies book Samy Kamkar (Featured in Episode 41!) Rolljam  Yardstick One https://github.com/nonamecoder/CVE-2022-27254 https://www.rtl-sdr.com/tesla-charging-ports-opened-with-hackrf-replay-attack/ How To Write Pop Horn Parts

Oleg Kutkov (@olegkutkov) joined us from Kyiv to chat about Starlink reverse engineering, astrophysics, and more! Check out his awesome website for some excellent write ups on various topics. Here are some links to the topics we covered: Back To The Future SpaceX Starlink Phased array antenna Arecibo observatory Crimean Astrophysical Observatory Oleg's Allsky Camera Writeup Medical Research that Referenced Oleg's Writeup NASA's Spooky Space Sounds NOAA GOES Satellites https://usradioguy.com/goes-satellite-imagery-reception/ RTL-SDR HackRF ADS-B HackRF supercluster DBV-S DBV-S2 Phase Noise Starlink Patents Starlink Beacons Doppler shift NORAD’s Celestrak Low Noise Block (LNB) Starlink Dishy SpaceX's starlink-wifi github Oleg's Tesla LTE Modem Replacement Devicetree Boxee Iridium Reversing Episode Eccentric Orbits Book Saleae IDA Pro Used the following NASA recordings in the episode: https://soundcloud.com/nasa/sun-sonification https://soundcloud.com/nasa/jupiter-sounds-2001 https://soundcloud.com/nasa/juno-crossing-jupiters-bow-shock Have comments or suggestions for us? Find us on twitter @unnamed_show,  or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)  

Laura Abbott (website, @openlabbott) from Oxide.computer joins us to chat about reverse engineering the LPC55S69, linux kernel development, and more!Some of the topics we covered: Hubris Operating System Episode with Rick Altherr Laura’s Coworker Cliff’s Website Ghidra objdump SVD Loader for Ghidra Log4j ghidra DEF CON 29 - Breaking TrustZone M: Privilege Escalation on LPC55S69 Arm TrustZone-M TrustedFirmwareM project Oxide’s ROM patch POC Code Golfing Arm assembly manual CVE-2021-31532 PhD Thesis on Linux Kernel community Video about collaboration in kernel mailing lists Episode about Containers Moving the Kernel to Modern C QEMU Have comments or suggestions for us? Find us on twitter @unnamed_show,  or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)

Willem Melching(@PD0WM) joins us to chat about reverse engineering cars! We discovered him through his excellent blog. Willem is the head of openpilot at comma.ai. They are hiring! Here are links to some of the topics we discussed: LEGO Mindstorms PICBasic PIC Microcontroller ARM Mbed VHDL CTF Comma.ai CAN Bus Automotive ethernet CAN FD FlexRay DBC Files Opendbc The Car Hackers Handbook Hacking a VW Golf Power Steering ECU Series - https://blopart1/ Adventures with Flexray: performing a man-in-the-middle attack (Audi Q8 Hacking) Automotive Right to Repair Toyota Tech Info (for example) Unified Diagnostic Services (UDS) Comma.ai's Panda USB->CAN Tool (And Github Project) https://blog.willemmelching.nl/carhacking/2022/01/02/vw-part1/ V850 Processor Binwalk XOR Cypher Airbus’ cpu_rec Ghidra Ghidra SLEIGH ELF File CAN Calibration Protocol Openpilot Levels of Driving Automation Consumer Reports -  Active Driving Assistance Systems Tesla Rolling Stop Recall GlScopeClient (Hackaday Article) GNURadio Have comments or suggestions for us? Find us on twitter @unnamed_show,  or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)

Jen and Alvaro chat with Hash (@bitbangingbytes) about reverse engineering smart power meters! Check out Hash’s RECESSIM community as well as their Discord! Hash is also on TikTok @bitbangbytes. Here are some links: Remoticon presentation https://en.wikipedia.org/wiki/ZX81 Night rider lights Kinect reversing challenge ROS https://www.engadget.com/2010-11-29-neato-xv-11-robot-vacuum-gets-its-very-own-open-source-lidar-hac.html Tamper evident presentation by past guest Datagram! Bunnie Huang Hacking the Xbox (Available as a free PDF!) The Hardware Hacking Handbook by past guest Colin O'Flynn and Jasper van Dallas Hackers Association Geographical routing protocol GNU Radio Landis+Gyr Revelo California Blackouts + Enron Yardstick one HackRF One USRP B200 URH (Universal Radio Hacker) Baudline Inspectrum  Saleae Logic Analyzers Beagle I2C/SPI Protocol Analyzer Travis Goodspeed Chris Gerlinsky (Past guest on episode 22!) Chris Tarnovsky xv11hacking.wikispaces.com (Archive.org) Precursor on CrowdSupply Have comments or suggestions for us? Find us on twitter @unnamed_show,  or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)

In this episode, we chat with @TubeTimeUS about reverse engineering sound cards, how the MOnSter 6502 came to be, the Snappy Video Snapshot, ethics in engineering, troubleshooting techniques, and much more! Here’s a detailed list to many of the things we talked about: Eric's Website (TubeTime.us) MoNSter 6502 PCB Reverse Engineering - Hackaday Supercon Presentation Cloning a Sound Card - Hardware.io Presentation Fermi Estimation Bunny Huang Bill Mensch NMOS logic I2C Visual6502 project Windell and Lenore from Evil Mad Scientist Laboratories Snappy Video Snapshot Saleae  Excess Solutions in San Jose Electronics flea market Fry’s Electronics Winamp 555 timer kit 741 timer kit FIB Maker Faire Power line thread San Bruno gas explosion  Dieselgate Technology adoption curve California public utilities commission  Regulatory Capture This is How They Tell Me the World Ends Responsible disclosure Command and Control Nuclear Weapons, the Damascus Accident, and the Illusion of Safety by Eric Schlosser X-Unit Logic analyzer capture modes Ghidra IDA Radare (See Episode 45 for more details!) Cutter Hertha Ayrton Herta’s famous paper about the Arc Lamp and Negative Resistance Have comments or suggestions for us? Find us on twitter @unnamed_show,  or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)

Our guest, Jiska Classen (@naehrdine) is  a security researcher at University of Darmstadt (why, yes you can specialize in Security here) and focuses  on reverse engineering wireless things. She is a speaker at this year’s  Hardwear.io. We did a deep dive on ROM patches on Broadcom chips. You'll want to listen to this episode if you are thinking about using iOS devices for your reversing. https://github.com/seemoo-lab/frankenstein (Jan Ruge) https://github.com/seemoo-lab/internalblue (Dennis Mantz) - not be confused for eternal blue. Nexmon --- Nexus monitor wifi https://github.com/seemoo-lab/nexmon  https://github.com/seemoo-lab/polypyus (Jan Friebertshäuser) Thumbs up - ARM function identification ​​https://karta.readthedocs.io/en/latest/Thumbs%20Up.html  Checkra1n - bootloader to jailbreak on iOS. https://checkra.in/    ToothPicker (Dennis Heinze, aka Dennis #2*) https://github.com/seemoo-lab/toothpicker  fpicker - Another/2 Dennis (Dennis Heinze) https://github.com/ttdennis/fpicker  Xnuspy    https://github.com/jsherman212/xnuspy  Frida objection https://github.com/sensepost/objection  “funniest fuzzer  ever wrote” (ComCenter but this has the parsing guts) Obligatory video of AirTechno on AirTag. AirGuard - android air tag app. https://github.com/seemoo-lab/airguard  * Sorry Dennis. You were just the second Dennis in this interview. Certainly this doesn’t reflect upon you as a person or a professional.