This year, I have made a challenge for Ph0wn 2019, in two parts. The specificity of this challenge is that it is running Windows 10 IoT Core on a Raspberry Pi 3.
This post is a writeup of Level 1. Level 2 will follow in some days.
This document describes in details the way I like to install and configure a Raspberry Pi device running Raspbian and OctoPrint with Supervisor and Nginx. One of the objectives is to be able to run more than one instance of OctoPrint on the same Raspberry Pi device. This way, it is possible to test the latest Stable release, Release Candidates of the maintenance branch, the development branch, etc.
In this document, I will try to describe everything I know about the Wanhao Duplicator i3 Plus 3D Printers, regarding hardware and software. Do not expect a review or guides to do this or that. This document is about technical details, deep details.
My previous post describes the hardware challenge Flag Digger and a solution using Bus Pirate and flashrom. Here, I present a solution using Hydrabus and a custom Pyton 3 script. It goes also far more into technical details and explains how to communicate with SPI flash memories.
After a software challenge, a hardware one (still from the Ph0wn CTF):
Like many IoT devices, your adventure starts with a small chip. Can you find the flag?
This post describes a solution using Bus Pirate.
I had to install Fortinet client (FortiClient) in order to access to some servers remotely. FortiClient is not bad at all (in fact, I found their Vulnerability scanner very useful), but it is an heavy client, doing too much things (and exactly what, I do not know). For some time, I was looking for a way to remove the automatic startup of FortiClient but was not able to find anything useful. So this is my solution. It is for FortiClient, but it works also with any agent.