Pwning the Bcm61650

93 points by kogir 3 years ago | 7 comments
  • anon9001 3 years ago
    > With uart output.

    Not super familiar with hardware hacking. Does this essentially mean you plug in the write wires, run minicom, and get a terminal with a shell?

    • Jenda_ 3 years ago
      You may get a tty with no getty/shell running, you may get a getty login prompt (which was probably this case, as the author proceeds to login as root with an empty password), you may get a custom CLI that only allows you to set some device parameters but no arbitrary command execution.
      • contingencies 3 years ago
        You get a potentially bidirectional serial interface. Whether there is a shell running or any input accepted is another question. Very often they are output only, merely for debugging.
      • stragies 3 years ago
        Great article, thanks for posting.

        At the end, I had hoped, there would be some hardware specs included, like exact quantity/types of RAM/Cores/UARTs. And also, some more details about his next plans with the device. Maybe that'll be in the followup article ;)

        • bigiain 3 years ago
          I would be somewhat circumspect about publicly blogging about what I planned to do with a rooted femtocell. There's a bunch of laws that're pretty easy to break there, and a bunch of in house legal departments itching to fire off lawsuits at anyone encroaching on their expensive licensed frequency bands.
        • aix1 3 years ago
          Amazing information density, kudos to the author.
          • ThePowerOfFuet 3 years ago
            Looks like the femtocell module issued by Free Mobile (Groupe Iliad) in France.