Hey Matt, loved the video as per usual. I’ve cracked the hash for the boot loader, the password is: ngpriv106

What a goldmine of a channel!

I know the hash has been cracked now, but if you wanted to get into the older firmware without having to do a chip-off you could also have tried interrupting the boot process a few times, ideally with a reset. This would simulate the crashing firmware that this sort of A/B deployment is supposed to protect against and may have caused the boot loader to fail back to the old version.

Bruh this is top quality content. Thank you so much 🙏

Great video Matt, amazing explanations. Very easy to follow and understand!

Damn man you're good! I like how you show your discovery process, so much awesome tricks!

Thanks Matt....Great video.

Hi @mattbrwn... Just discovering your channel now... Where are you on part 4 of this serie?? :D Awesome videos, keep it up!

Thanks for the videos I learned a lot from your videos.

Hey Matt thanks for the video. How did you know that the hash was unsalted? Was it in a previous video?

Did you end up making the 3rd video in this ARLO Q series?

Is it not possible for you to write your own known hash into the flash chip raw data dump or is this data retained in the armarello chip??

Amazing as always !ganbatte!!

Great video

Here i come hash cat.. guess the rainbow road was to easy a route

Is there more coming??

Very interesting videos!

Really good content

Says it will take a month but im having trouble getting both cpu and GPU running at same time... I don't have much experience with hashcat so if anyone knows whats going wrong im using hashcat launcher

What tools would you recommend for a beginner

bom video matt: o bootloader é u-boot ?

Any updates on what happened with the arlo?

Hope all is alright

The fact they patched the backdoor before rugging their customers is an even bigger FU / kick in the teeth to them. Not only are they pretty much bricking your camera but denying you the chance to modify it to stream to local storage 😡

Maybe somthing like if (1=1) may work

Cool video . But GPIO simply means general purpose input / output pin. GPIO isn't any type of mechanism..

Sir, i have been facings problems on my blutooth speaker, every time I turn it on it prompted heavy annoying sounds like "Bluetooth pairing is on" "usb mode" etc. How can we remove these prompts, or customise the blutooth device name. Also could we make a device which could connect to multiple bluetooth devices and simultaneously output all of them from one source/smartphone 🤔

I'm guessing they beefed up their passwords after this recent CVE: nvd.nist.gov/vuln/detail/CVE-2016-10115 One option may be to fuzz the UART inputs? Perhaps something in the password check logic may have a bug