Reverse-Engineering

Got a bunch of MikroTik switches running SwOS or SwOS Lite with no good way to manage them centrally? This library has you covered. Built by reverse engineering the SwOS HTTP API, it provides complete programmatic access to all switch features. Works with both SwOS and SwOS Lite, supports everything from port configs and PoE to VLANs and SNMP settings. Comes with a CLI tool for quick lookups and a full Ansible module for managing your entire switch fleet through YAML playbooks. Compatible with CRS305, CRS310, CRS326, CSS610 and other SwOS-based switches.

Bambu P1S Hacking contains firmware dumps, PCB analysis, and X-ray scans of the Bambu Labs P1S 3D printer’s ESP32-S3 controller board. The repository documents reverse engineering efforts to understand the printer’s firmware architecture and hardware implementation. The collection includes multiple firmware dumps processed through bin-voter to generate corrected flash images, detailed PCB trace analysis, and hardware documentation. This research provides insights into the printer’s embedded systems and potential modification opportunities.

This post outlines a security assessment of the new Sena Wifi Adapter I performed last summer for fun. With the world on lock-down due to COVID-19, I spent a lot of time last summer escaping the city going on motorcycle rides through the mountains and forests surrounding the bay area. It’s the perfect social distance activity because if you get within 6ft of someone you are likely to crash. One of my favorite motorcycle accessories is my Sena headset. It allows me to listen to navigation or music from my phone over Bluetooth while riding, and talk to other riders in my group. ...

M365 Toolbox demonstrates a security vulnerability in the Xiaomi M365 electric scooter’s communication protocol. The Java application exploits weaknesses in the scooter’s Bluetooth Low Energy (BLE) authentication mechanism to bypass security controls and execute unauthorized commands. The proof-of-concept tool reveals how the scooter’s authentication can be circumvented through protocol manipulation, allowing remote control access without proper authorization. This research highlighted critical security flaws in IoT device communication protocols commonly found in consumer transportation devices.