DoujinStars
LiveOverflow

LiveOverflow

patreon


LiveOverflow posts

What is a Security Vulnerability?

What is a Security Vulnerability?

When is a vulnerability actually a vulnerability? I can't answer this question easily, and thus we look at a few examples in this video. Do you have similar examples or counter arguments?

View Post

APDU Communication between Device and Host - Hardware Wallet Research #6

APDU Communication between Device and Host - Hardware Wallet Research #6

In this video we have a look at the part that interprets the APDU messages on the Ledger. And then we use a python tool from Ledger to figure out how to send them from our machine.
And at the end we have a quick look at IDA's gdb debugger.

View Post

Old Unreleased Video for Supporters

Hey!

I promised that I will occasionally share an old unpublished video or other bonus content with supporters. To make it fair with YouTube supporters who pledge ~5$/month, I set the reward limit for Patreon also to "at least 5$ monthly limit after first successful payment".

I have j...

View Post

Teaser Screenshot from a new Series/Course!

Teaser Screenshot from a new Series/Course!

Here is a screenshot from an animation that is part of a new series I'm working on. I'm really proud and excited about this one! 

Can you tell from the picture what it is about?
(if yes, then I guess you don't need this course 😞... 😥...

View Post

Identify Bootloader main() and find Button Press Handler - Hardware Wallet Research #5

Identify Bootloader main() and find Button Press Handler - Hardware Wallet Research #5

Now that we know where the firmware starts, we want to find how button presses are handled and where it might handle the APDU commands. 

The cool thing is that we find parallels from an AVR firmware that ZetaTwo reverse engineered with me a longe time ago during rhme2. So this is a per...

View Post

Setup and Find Entry-point in ARM Firmware - Hardware Wallet Research #4

Setup and Find Entry-point in ARM Firmware - Hardware Wallet Research #4

We are setting up IDA to analyze the ARM firmware. In this video we learn more about memory segments and about the interrupt vector table.

View Post

XS-Search abusing the Chrome XSS Auditor - filemanager 35c3ctf

XS-Search abusing the Chrome XSS Auditor - filemanager 35c3ctf

I edited this video write-up on stream last week. It took around 14h to make. The challenge was a web challenge from the 35c3ctf.

The full stream recording can be found here: https://www.youtube.com/watch?v=VI5...

View Post

Remote Debugging ARM Chip with SWD/JTAG - Hardware Wallet Research #3

Remote Debugging ARM Chip with SWD/JTAG - Hardware Wallet Research #3

We are setting up the hardware and learn about ARM SWD. Then we use an ARM development board to debug the Ledger chip with GDB.

View Post

Looking at the PCB & Chips - Hardware Wallet Research #2

Looking at the PCB & Chips - Hardware Wallet Research #2

We start the research about the hardware wallet, by looking at the chips, documentations and manuals.

View Post