Wow, this was just great. A little bit of hardware, a little bit of Linux, reverse engineering, and lots of networking?? Man, this series is like a jackpot! Thank you so much!
@jagga-jagga4 ай бұрын
It is so refreshing to see a bright, young man in his element in a sea of social media brainrot. Thank you for the videos, Matt!
@micahrunyon27434 ай бұрын
Are you planning on reverse engineering the protocol? If so a video from you using ghidra would be so cool.
@mattbrwn4 ай бұрын
This is a good idea 🙂
@monad_tcp4 ай бұрын
@@mattbrwn the protocol seems to be just a list of some sort of counters for telemetry, it would be cool to know what they are
@mattbrwn4 ай бұрын
yeah and also if the device accepts any interesting server responses that I'm not seeing in the current traffic. e.g. a response that initiates the device to pull a firmware update.
@Jeff-ss6qt4 ай бұрын
@@mattbrwnIf that happens, I wonder if the firmware update wouldn't be checked for a valid signature. Since it's coming from a 'trusted' source.
@Jeff-ss6qt4 ай бұрын
I'm also a bit curious if it's possible to change the address in the router interface, for something like a central monitoring server on your network or a piece of their software. Which might explain why they don't care about SSL certificate security too much for it.
@dothex4 ай бұрын
Bro I love your channel. Alot of your videos helped me get me setup for cert in security, and I can't thank you enough.
@stefanschz75894 ай бұрын
bro I've found your channel a few days ago! I highly recommend everyone to subscribe to this channel IMMEDIATELY! as it's AWESOME! I am over 30 and this topic is something that I always wanted to learn about but I haven't had time (life problems). You explain things perfectly and I thank you for that! Greetings from Europe! Bright future is ahead of you!
@mattbrwn4 ай бұрын
Thanks! It's never too late to learn something new when you're having fun 😄
@XYZ567714 ай бұрын
Great content Matt! And, please keep sprinkling counter measures throughout the video so we get a glimpse on the good practices too.
@stanstrum4 ай бұрын
I would like to ask if you have heard of Spotify's decision to brick all "Car Thing" devices at the end of this year. If it piques your interest, I would love to see a video by you that could allow the owners to continue using their devices rather than having to take them to e-waste centers en masse. Thanks for the great content.
@monad_tcp4 ай бұрын
15:52 lol, when the hacking tool doesn't support SSL3 because no one thinks someone is fool enough to use cryptography with SSL3 because its pointless, yet that company running a server with such protocol.
@mattbrwn4 ай бұрын
I've had this problem on pentest engagements multiple times...
@zerodegrekelvin24 ай бұрын
The sensord is the app that capture wifi traffic like in monitor mode. since Mojo aka Airtight is doing IDS on wifi, they sample raw wifi packets to detect if there are rogue AP connected to the LAN by a clever scheme of packet injection, they patented the idea so you can see in the patent database how they did it. But here the C-75 seems to run in router mode not AP mode so the sensor mode is probably not enabled. There is nothing wrong sending mac address in clear over the internet, they probably send the id of the device to a central server/cloud for registration. I thought your video would extract what ever key there is and decrypt the TLS session.
@mattbrwn4 ай бұрын
No need to extract the TLS session key when you can just mitm the traffic on the network. "There is nothing wrong sending mac address in clear over the internet" I could see any argument against this.
@jjc28962 ай бұрын
So glad I found your channel - all of your videos are fascinating! I’m learning something new with every watch :)
@dannnnnno4 ай бұрын
Your channel is gold keep it up! Don’t change your formula, it’s perfect in my opinion
@codetutor65934 ай бұрын
Oh man, I've been waiting for this!!!
@gomberfu4 ай бұрын
Fantastic content Matt. Been watching your channel since you started and I am learning so much. Please keep it up, it is always a good day when another video lands!!
@MrCustomabstract4 ай бұрын
One of the best channels on youtube right now. Keep it up big bro.
@0xbitbybit4 ай бұрын
Shoutout to your partner who is obviously okay with letting you make so many videos 🙏 I'm assuming you spend your evenings making them! You probably spend even more time than just making the videos, with editing etc. as well. Loving that setup for intercepting traffic for IoT devices 🙌
@almc84454 ай бұрын
You’re doing awesome work by uploading these videos, well presented and very information dense 😁
@aot20024 ай бұрын
Bro so you’re not going to dump what there sending. I’m over here wondering what they are doing with that data.
@BLiNKx864 ай бұрын
Great video! I love this kind of stuff.
@Sama_094 ай бұрын
Need firmware of hp printers to be rooted.
@dareelcatskull4 ай бұрын
Really enjoy your channel! I would love to learn more about Android since so many cheap devices use it now. Lot's of great hardware held back!
@6LordMortus94 ай бұрын
You are doing what I wanted to do 30 yrs ago! :) And you're explaining it in a way that people can understand. Thank you for sharing your knowledge and procedures.
@mattbrwn4 ай бұрын
never too late to learn my friend :)
@6LordMortus94 ай бұрын
@@mattbrwn Oh I know :) Took Net Eng in college 10+ yrs ago and am still learning :)
@theskelet4r4 ай бұрын
Another great video Matt, Question for you. The MITM tool you are using and have setup. Is there anything stopping you from using this setup to proxy TLS handshakes within other protocols or would it just work with web traffic? I am currently working on a project involving SQL and the TDS protocol which runs on 1433.
@andrewborntrager79094 ай бұрын
Awesome content very well presented. It's a little bit over my head, but your explanations enable me to follow along just fine. Thank you!