Notices by kajer (kajer@infosec.exchange)

@FritzAdalis @simple_sabotage

I don't get it, what is this about?

@ryanc @cR0w I know at least one of those challenges has hello.jpg as a dependency

@ryanc @cR0w

Lame, the OCTF zVOL is for the 2018 contest, not the 2014 contest... I mean, it makes sense since 2014 was largely infrastructure... 96 POTS lines wasn't going to spawn from a VM

@ryanc @cR0w 2flags1challenge

@ryanc @cR0w That sounds right... We wanted the 90's era gopher but running on FreeBSD 11

@cR0w @ryanc I might still have that challenge in an archive somewhere... I should check.

https://ctftime.org/task/1189

@cR0w @ryanc we also used finger IIRC

Stop using 1.1.1.1
Stop using 8.8.8.8
Stop using 4.2.2.1

quad9 is less evil

also, fun fact. the eSIM in the Flock cellular module is not electronic sim, but "e"mbedded sim... meaning it's a standard SIM card.

SCRCPY WORKS!!!!

🤔

I haven't tried to use SCRCPY

It wasn't listed as a "feature" in adb, but the logcat output indicates there is a "display" and "sleep" modes when pressing one of the buttons on the board.

Now I can't wait to go home and try it.

Stupid day jobs...

fuck ALPR tech

Positive thoughts?

These are so unlocked and so open, if these fucking devices ever made ewaste piles, the dev boards are so easy to harvest and repurpose as an unlocked android 8.1 dev board. Serial port is marked by G T R on the silk screen, and power seems wide input 12v tolerant.

The case of the cam has no intrusion detection.

There is no epoxy or potting or conformal coatring. I'm not sure there is even conformal coating. THe outer housing is sealed with a nice thicc gasket. Even the T20 security torx have o-rings. This is funny because the battery says not to charge in a sealed container.

I have yet to explore the back case button behavior, since I am stealing 3.3v for the serial TTL from that header. Now that I have adb bridge access via USB, i can remove the serial link and connect that button to see what logcat says.

The last bit for me to explore is to see if the 7 pin plug has any useful data on the bottom 3 pins.

Now I get to re-learn android hax0ring all over again, yay!

Can not set time in shell w/o root permissions.

okay, I missed the fact that the Android OS is convinced that the date is 1970

this may pose a problem

I have a feeling that the camera is halting the boot process due to the missing sim card and the modem not initializing.

I have yet to fully figure out the custom app ecosystem that makes up these cameras.

I will be testing that SIM in a different cellular modem soon enough, but I am starting to think the cam I got off of ebay is not quite right.

Watching the local logcat, there are a lot of permission errors and device errors. The QTI logging service on the SCRCPY console seems to never connect to the local logging services.

I got a bitbold and hit one of factort reset buttons in another homebrew flock app, and that did reset the device a f ew time with filesystem stuff in the console logs. Yes all the system apps remained in place, so no flock APKs were harmed... Although. I'm not sure if this camera had enough to work fully in the first place.

I can never get the camera to boot to it's ADB bridge consistently and rarely can I actually get the camera's local wifi hotspot to enable.

Also, the back button seems to enable hotspot mode, but, no network level ADB connections. :(

I am pretty sure I am going to attempt to enable the remote control ports on 8888 / 9999 to see if those render any results before going down the root filesystem path.

But, for anyone looking for an interesting tid bit...

Triple-press the button on the back of the flock. You will enable wifi tethering. PSK is security

Tested the "e"SIM in other cellular modems I have. Nada. This particular camera's sim card seems to have been disabled.

Any of my Android hacker friends with a nice CLI based priv escalation (for Android 8.1) would do well to DM me please.

@rickoooooo

ha ha

yeeeeeeessssssssssssssss