Posts

In Latin America, some automotive dealerships source RKES systems from the Chinese market and subsequently homologate them for official use in their vehicles. This practice is risky, in another hand, these types of commercial RKES units are sold worldwide through the internet. In this post, I present the reverse engineering process I performed on this…

Resources: Video: https://www.youtube.com/watch?v=PJLWlmp8CDM https://dayzerosec.com/vulns/2024/01/08/exploiting-the-libwebp-vulnerability-part-1-playing-with-huffman-code.html Background: What Is libwebp and Why It Matters The vulnerability in question (tracked as CVE-2023-4863 / CVE-2023-5129) is a heap buffer overflow that happens when libwebp decodes a malicious WebP image. Huntress Core Concepts You Need to Understand First 1. What is Huffman Coding? Huffman coding is a common algorithm used…

Option A: Install URH like a boss Install prerequisites file:///media/sda1/index.html Depending the SDR device you are going to use, you need to install the packages which manage your SDR in linux. For example, for HackRF: For BladeRF: Install the dependencies required by URH: Create an python virtual environment: Into the virtual environment, execute the following:…