Extracting Wi-Fi Password from Netgear N300 Router over UART
10,080
Published 2023-04-14
UART adapter datasheet:
www.ftdichip.com/Support/Documents/DataSheets/Cabl…
IoT Hackers Hangout Community Discord Invite:
discord.com/invite/vgAcxYdJ7A
🛠️ Stuff I Use 🛠️
🪛 Tools:
XGecu Universal Programmer: amzn.to/4dIhNWy
Multimeter: amzn.to/4b9cUUG
Power Supply: amzn.to/3QBNSpb
Oscilloscope: amzn.to/3UzoAZM
Logic Analyzer: amzn.to/4a9IfFu
USB UART Adapter: amzn.to/4dSbmjB
iFixit Toolkit: amzn.to/44tTjMB
🫠 Soldering & Hot Air Rework Tools:
Soldering Station: amzn.to/4dygJEv
Microsoldering Pencil: amzn.to/4dxPHwY
Microsoldering Tips: amzn.to/3QyKhrT
Rework Station: amzn.to/3JOPV5x
Air Extraction: amzn.to/3QB28yx
🔬 Microscope Setup:
Microscope: amzn.to/4abMMao
Microscope 0.7X Lens: amzn.to/3wrV1S8
Microscope LED Ring Light: amzn.to/4btqiTm
Microscope Camera: amzn.to/3QXSXsb
About Me:
My name is Matt Brown and I'm an Hardware Security Researcher and Bug Bounty Hunter. This channel is a place where I share my knowledge and experience finding vulnerabilities in IoT systems.
- Soli Deo Gloria
💻 Social:
twitter: twitter.com/nmatt0
linkedin: www.linkedin.com/in/mattbrwn/
github: github.com/nmatt0/
#iot #hacking #wifi #reverseengineering #firmware
All Comments (21)
-
Very nice, Matt! 👍 Liked that you worked on the audio quality in comparison to older videos! 👍 Pro tip for upcoming videos: look directly into the camera when you speak to us! 😉
-
Men am I glad I found you....Have been looking into IoT device security and this is the kind of content I exactly need
-
Always a good day when Matt Brown posts, love the work boss
-
Great work, great speach!
-
Awesome content, enjoying these videos, hope to see some more soon
-
Hey, I think there's some guy hacking my wifi
-
Nice work Matt!
-
It's 2024, and we still ain't getting university credits for these type of videos 😩.
-
Love this guy... we could be friends!!!
-
Could drop a UART shell but you can always reset the router password by holding in reset for a certain amount of time. I usually start with PWR, then TX a active High, leaving the other to be RX, and you can use any GRD. I made a little UART detection device you place the probes over the pins and it will emit a sound indicating they are most likely UART pins.. Also OSCOPE makes this all much much easier….
-
Great stuff
-
Can you make a video on firmware extraction and writing using the CAN bus protocol? Thank you
-
What is the microscope do you use? btw great show. Best
-
How to read out openwrt root password if I forgot? I cannot upload new firmware without login in.
-
love your stuff! would you be interested in taking viewer hardware? i have a stm32 scooter mainboard and id love to see what you could do with it, it’s a bit beyond my skills to work on rn 😢😢
-
I have an old T-Mobile branded WiFi LTE Signal Expander with a clearly labeled “FTDI” port, but no time to investigate. I believe it’s a small 4G LTE Femtocell the company handed out to subscribers who inquired. Would this be of any interest to you?
-
Hello nice video, thanks for sharing, can you please explain where the web UI password is stored, I have a second hand router and the previous owner change the web UI pass and I can not modify any router setting..... obviously reset the router is not an option.
-
Ive been looking at a Cisco MR74 and have been looking at ways i could replace the stock firmware with OpenWRT with your channel ive managed to remove the NAND flash chip and put it in a chip reader ive pulled the stock firmware off i need to now rewrite the uboot and the firmware is the uboot on a separate chip i could rewrite or are the uboot and firmware all on the same nand chip some of this stuff is confusing and i have loads of these cisco AP's id be willing to ship you one providing you dont share any of the serial numbers publicly
-
Hi, will you try with an "Alcatel Lucent 9361 Home Cell V2"? it's a good challenge :D
-
Could you try hacking the firmware of a modern router? Try a latest model. Maybe a huawei router. I tried to hack the huawei b535 router but I only managed to get uart output and wasn't able to type anything. Also I think the backend of that router uses lua.