Reconnaissance
In this chapter we demonstrate on how to enumerate a device. It makes sense to follow a top down approach and start analyzing from the outside first before opening a device. Opening a unknown device comes always at the risk of triggering a tamper protection or damaging it. Even without opening the device we can already identify potential weaknesses.
Overview
Closed device
OSINT:
search the web for public information
use FCCID.io to get internal pictures of your device
Investigate USB Ports / SD-card
Opened device
Board Analysis:
Things to look out for on the PCB:
How to identify test pads as potential debug interfaces
component identification (flash chips, MCUs, wireless modules)
Last updated