Activity Stream
154,672 MEMBERS
1141 ONLINE
GPSurl On YouTube Subscribe to our Newsletter GPSurl On Twitter GPSurl On Facebook GPSurl On Google+

Page 52 of 61 FirstFirst ... 2425051525354 ... LastLast
Results 511 to 520 of 608
  1.    Cracking <2010 devices that connect through MyDrive rather than TTHome   Cracking <2010 devices that connect through MyDrive rather than TTHome Cracking <2010 devices that connect through MyDrive rather than TTHome
    #511

    If you need some test mules to solder on or tinker with, I have several (4-5) Via 1500 - 1505 I got from a liquidator I would gladly donate to the cause.

    [Login or Register to remove this advertisement]

  2. The Following 3 Users Say Thank You to Jason$ For This Useful Post:
    [ Click To Expand ]

    basflt (15th October 2013),biggerdave (15th October 2013),simba (17th October 2013)

  3.    Cracking <2010 devices that connect through MyDrive rather than TTHome   Cracking <2010 devices that connect through MyDrive rather than TTHome Cracking <2010 devices that connect through MyDrive rather than TTHome
    #512
    magho44's Avatar

    Thank you.....................

  4.    Cracking <2010 devices that connect through MyDrive rather than TTHome   Cracking <2010 devices that connect through MyDrive rather than TTHome Cracking <2010 devices that connect through MyDrive rather than TTHome
    #513

    Nothing new? There seems to be a lot harder than we expected.

  5.    Cracking <2010 devices that connect through MyDrive rather than TTHome   Cracking <2010 devices that connect through MyDrive rather than TTHome Cracking <2010 devices that connect through MyDrive rather than TTHome
    #514

    Does someone know how can I load the filesystem I can find in the update package (squashfs) and edit the files in it? I tries almost every way to mount it but it's always read-only.

  6.    Cracking <2010 devices that connect through MyDrive rather than TTHome   Cracking <2010 devices that connect through MyDrive rather than TTHome Cracking <2010 devices that connect through MyDrive rather than TTHome
    #515

    Hi Tam1337,
    What I first did is mount it, then use tar to archive everything in one file again, and then extract this tar-file at a different location. These unpacked files then can be edited without any problem.
    Alternatively you can run unsquashfs to extract the files (instead of mounting).


    Quote:
    Only the registered members can see the QUOTE Contents. Please Login OR Register.

  7. The Following 1 Users Say Thank You to arie0510 For This Useful Post:
    [ Click To Expand ]

    Trial_Master (29th November 2013)

  8.    Cracking <2010 devices that connect through MyDrive rather than TTHome   Cracking <2010 devices that connect through MyDrive rather than TTHome Cracking <2010 devices that connect through MyDrive rather than TTHome
    #516

    After using unsquashfs on the rootfs.img.new I obtained unpacking the system-update (content1), I realized that, as mentioned in an earlier post, that the webbrowser is serving from /var/run. So though we can upload files, they will always be somewhere in /var/run on the device.

    So if TT updates our system, they do not do it via port 80. Via port 22 is also unlikely, so appearently they use the only other open port for that: port 3129.

    I noticed that the file /etc/init/service_revinetd contains the lines

    export pnd_ip_address=0
    exec su revinetd -c "/bin/revinetd -s -c localhost:3128 -l $pnd_ip_address:3129 2>&1 | logger -t revinetd"

    So might this provide us with a way into our device?

  9. The Following 1 Users Say Thank You to arie0510 For This Useful Post:
    [ Click To Expand ]

    Trial_Master (29th November 2013)

  10.    Cracking <2010 devices that connect through MyDrive rather than TTHome   Cracking <2010 devices that connect through MyDrive rather than TTHome Cracking <2010 devices that connect through MyDrive rather than TTHome
    #517

    Hmm, I should have read post 481 by C(CH2OH)4+4HNO3 with more attention...

    I'll first try to learn more about revinetd, but apparently in the picture C(CH2OH)4+4HNO3 refers to in that post our TT device is the "attacker", our PC/Laptop with MyDriveConnect (or MyTomtom) installed is the "compromised server", and both having revinetd on it, enable our TT device to reach the Tomtom fileservers ("target server").

    Since we own the "compromised server", we might be able to fool the TT-device and point it to a different server. Either by editing the config file
    C:\Users\USERNAME\AppData\Local\TomTom\HOME3\prefs which contains some links (if those are used at all by our TT device), or otherwise by redirecting traffic to tomtom.com via either changes in the DNS-server on our home routers or via a proxy.

    I also read that MD5-signed packages can be modified where still the signature does not change (google for "MD5 Collision Demo"). I don't know if something similar can be done for differently signed packages, but I still have hope we can get access to our device...

  11.   Advertisements

  12.    Cracking <2010 devices that connect through MyDrive rather than TTHome   Cracking <2010 devices that connect through MyDrive rather than TTHome Cracking <2010 devices that connect through MyDrive rather than TTHome
    #518

    I now also installed wireshark and did some first analysis after I capturing packets while updating one file to my TT (gps-fix-20131121-064205.ttpkg).
    I am still learning, but it seems that not only connection is made with TT-sites (85.90.something), but also a https connection with 2.19.181.32 is made. For the TT-sites a DNS lookup was made, but for the 2.19.181.32 I could not find a lookup in the log. I was a little late with capturing packets, since I had to have the USB-connection setup before I could start logging in wireshark, and meanwhile the TT-device had already started communicating. But reverse IP Address Lookup of 2.19.181.32 told me only that the domain is from Akamai Technologies, a company that develops software for web content and application delivery.

    I now first start investigating the unsquashfs-ed rootfs.img.new.
    I notice that /usr/lib/opkg/info containts the .list and .control files from installing the packages.
    For instance the file safetycams-uploader.list contains the following files

    /usr/lib/jobhandlers/safetycamsupload
    /usr/lib/jobhandlers/helpers/safetycams-uploader
    /usr/lib/jobhandlers/impl/safetycams-upload.sh

    So files in /usr/lib/jobhandlers might learn us more on how tomtom updates files on our TT-device.

    Also dns-lookups for tomtom-sites (answered by the dns-servering in my router) looks promising (as mentioned in my earlier post). In particular after having listened to a talk by Moxie Marlinspike on DEFCON 17: More Tricks for Defeating SSL, a man in the middle attack on our TT-device might be possible...

  13. The Following 1 Users Say Thank You to arie0510 For This Useful Post:
    [ Click To Expand ]

    Trial_Master (29th November 2013)

  14.    Cracking <2010 devices that connect through MyDrive rather than TTHome   Cracking <2010 devices that connect through MyDrive rather than TTHome Cracking <2010 devices that connect through MyDrive rather than TTHome
    #519

    thank you very much

  15.    Cracking <2010 devices that connect through MyDrive rather than TTHome   Cracking <2010 devices that connect through MyDrive rather than TTHome Cracking <2010 devices that connect through MyDrive rather than TTHome
    #520
    TomTom Contributor

    Cracking <2010 devices that connect through MyDrive rather than TTHome

    Quote:
    Only the registered members can see the QUOTE Contents. Please Login OR Register.


    POST 11 (finally made it) : "Respect" : thumb Down:

Page 52 of 61 FirstFirst ... 2425051525354 ... LastLast

Similar Threads

  1. [HELP] Help with TT GO 6000 and connecting to MyDrive
    By thirkell in forum TomTom Discussions
    Replies: 1
    Last Post: 13th February 2016, 02:53 PM
  2. Replies: 1
    Last Post: 4th February 2015, 10:20 PM
  3. NAV3 devices that use v10-v14 navcore and MyTomTom/MyDrive connection
    By biggerdave in forum TomTom Models Listing
    Replies: 0
    Last Post: 8th May 2012, 03:32 PM
  4. Garmin CHINA City Navigator NT 2010.32
    By HULK in forum Garmin Maps
    Replies: 0
    Last Post: 5th March 2011, 01:32 AM
  5. City Navigator Singapore/Malaysia NT 2010.40
    By HULK in forum Garmin Maps
    Replies: 0
    Last Post: 5th March 2011, 01:22 AM

Tags for this Thread

Amount:

Enter a message for the receiver:
BE SOCIAL
Cracking <2010 devices that connect through MyDrive rather than TTHome Cracking <2010 devices that connect through MyDrive rather than TTHome Cracking <2010 devices that connect through MyDrive rather than TTHome GPSurl On Facebook Cracking <2010 devices that connect through MyDrive rather than TTHome