You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+7-1Lines changed: 7 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -175,6 +175,7 @@ Getting a sha512 hash:
175
175
## Basic Analysis of the Firmware: 💻🕵️
176
176
To gather basic strings and identify potential embedded information in the firmware before performing further analysis:
177
177
178
+
178
179
```bash
179
180
file doorbell.bin # Determine the file type
180
181
@@ -194,7 +195,10 @@ To unpack the firmware and extract embedded files or hidden elements, I used bin
194
195
binwalk -eM doorbell.bin # Extract known file types (-e), and recursively scan extracted files (-M)
195
196
```
196
197
## Basic Analysis of the Firmware's Filesystem: 🗃🕵️
197
-
198
+
<details>
199
+
<summary>🖱Click here to expand</summary>
200
+
If you want to follow along, I have included the passwd & shadow files in this repo.
201
+
198
202
#### We are performing <ins>*static*</ins> analysis, later in the series we look at <ins>*dynamic*</ins> analysis.
199
203
200
204
##### Here are some of the things we are looking for:
@@ -270,6 +274,8 @@ $ john hash.txt --show
270
274
271
275
1 password hash cracked, 0 left
272
276
```
277
+
</details>
278
+
273
279
## Password: 🗝 The password for the root user is <ins>tina.</ins>
274
280
I think it's safe to say that ***tina*** comes from ***Tina Linux*** and that implies that default passwords are being used. I was able to verify this by performing the same steps on another doorbell, same manufacturer.
0 commit comments