IoT Hacking - Polycom Conference Phone - First Steps
6,274
Published 2024-04-12
IoT Hackers Hangout Community Discord Invite:
discord.com/invite/vgAcxYdJ7A
π οΈ Stuff I Use π οΈ
πͺ Tools:
XGecu Universal Programmer: amzn.to/4dIhNWy
Multimeter: amzn.to/4b9cUUG
Power Supply: amzn.to/3QBNSpb
Oscilloscope: amzn.to/3UzoAZM
Logic Analyzer: amzn.to/4a9IfFu
USB UART Adapter: amzn.to/4dSbmjB
iFixit Toolkit: amzn.to/44tTjMB
π« Soldering & Hot Air Rework Tools:
Soldering Station: amzn.to/4dygJEv
Microsoldering Pencil: amzn.to/4dxPHwY
Microsoldering Tips: amzn.to/3QyKhrT
Rework Station: amzn.to/3JOPV5x
Air Extraction: amzn.to/3QB28yx
π¬ Microscope Setup:
Microscope: amzn.to/4abMMao
Microscope 0.7X Lens: amzn.to/3wrV1S8
Microscope LED Ring Light: amzn.to/4btqiTm
Microscope Camera: amzn.to/3QXSXsb
About Me:
My name is Matt Brown and I'm an Hardware Security Researcher and Bug Bounty Hunter. This channel is a place where I share my knowledge and experience finding vulnerabilities in IoT systems.
- Soli Deo Gloria
π» Social:
twitter: twitter.com/nmatt0
linkedin: www.linkedin.com/in/mattbrwn/
github: github.com/nmatt0/
#hacking #iot #cybersecurity #privacy #wireshark
All Comments (21)
-
this is sick! i love your delivery, not just telling us the method but the logic behind it aswell, very cool
-
An interesting find because it seems this unnamed company did make some effort to protect their ethernet ports against random devices. But they may just have handed you the keys.
-
Nice one. Waiting for the next part
-
I love that you are Ethically Hacking and didn't out sensitive information about the company. Thoroughly enjoyed this video.
-
was just checkin your channel the other day to see if you had uploaded. Glad to see you back man!
-
Very very nice video, this is a great video to demonstrate to people who don't understand what IOT and hardaware hacking are!
-
excellent content! Subed for the next installment + more hacking and pentesting. ππ
-
Yesss, always get excited for your videos
-
Yesss more videos!
-
Great videos! π
-
If the firmware is Linux, you could try to experiment with the /etc/hosts file. For example, you could map the update domain to your own and have fun with that. Or just rewrite the entire webserver
-
Great stuff.
-
Really glad you are doing this. Grandstream phone next maybe?
-
YES more vidoes LFG
-
Good one bud
-
Finally back πͺ
-
So what your saying is, info from a company could still be on these voip devices which is dier if an i.t. specialist forgot to factory reset can be useful to an attacker? These voip devices are always sent to third party recycling contractors who come in and pick up these busniess voip hardware.
-
Stupid question Matt, could you setup your own 802.1x server with that address on the config but craft the packets to accept and authenticate all? Also does it have any serial pins where they uploaded the firmware from the factory.
-
Hi Matt, can you share how you got into embedded systems and security. I am really interested and not sure where to start. Should I learn a certain programming language and how can I get some devices?
-
9:41 wtf was that noise?