Hacking the Arlo Q Security Camera: Firmware Extraction

anyone have a good rainbow table for unsalted sha256 hashes? alternatively, what's your go to wordlist?

mattbrwn

Love your stuff man. Keep doing what you are doing! Coming from network pentesting, having jumped into programming, then pentest labs and then SIEM stuff and IR competitions in college and wanting to have a better bottom up knowledge of devices, I find your videos extremely revealing.

zezimadude

This is an awesome video series. Im loving seeing the guts of this camera.
As far as your soldering goes, if you ran some leaded solder over the pins of the IC first it would have come off easier. That factory solder is quite high temp and the leaded solder will mix with it and make it melt at a lower temp. Also they mace chip extraction solder that almost melts in your hand. Thats the best, however it is quite expensive.
EDIT: spelling
Another tip: I will heat the board before I wipe off the flux with cotton, and much of it comes off when hot. I try not to use the IPA because it spreads the flux around a lot. But with the amount of flux you used (and you used way too much, however you can NEVER have too much flux!) I would have hit it with IPA once or twice.

braddofner

Adding some low melt solder before you use the heat gun helps.

hammerdownfpv

These are great videos, Matt. I've found when using solder wick that it's best to cut off the used part of the wick. If you don't, you're heating up the wick in both directions from the soldering iron tip. With the used part cut off, more heat from the iron goes through to the pads instead of just heating the braid. Thanks again for what you do!

curtlundgren

The YouTube algorithm leads me to another great YouTuber

markf

It really helps if you apply some fresh solder to the pins before desoldering, so you don't have to heat the board that long. Even better if it was a juicy leaded solder.

alexfedorov

Thanks Matt for giving me the courage to start in hardware stuff. I know it will be hard but i will stick with it til die. Those vids on your channel are so so great

vergil

When I take chips off I like to add some low melt (or even just reguler leaded) solder to the pins, less chance of cooking the chip/killing pads and comes off easier :)

Julzilla

Was there a link to part 1 somewhere or am I blind? Maybe add what part it is in the titles because looking at your channel I still have no idea which one is part one lol

xbitbybit

my nand is 64gb and when i copy the firmware by rt809h it only stuck at logo in another device and the data i collect from that 64gb nand is just “9.something” gb so i think as u said i have to copy it by ts56 or any of xgecu by selecting “include spare area” right? so that all the data i can get correctly and that i can write in another nand and can run the device. am i right sir? or i should select “none” option? please reply.

rajuradios

I enjoy these videos a lot. Thanks for sharing!

Knolraab

Great stuff! Can't wait for the next part

sunmicrosystems

I'm wondering why you're using flux to remove the chip. From my understanding, flux just helps solder flow smoothly and cleans contacts. What will help with removing chips from the board would be adding lead solder and mixing with the unleaded solder on the board. The unleaded solder has a higher temperature at which it melts, where as the commonly used leaded solder melts at a lower temperature.

JamesColeman

One of the nice things about these flash chips is that they only use like half of the pins.... So if you accidentally lift a pad it'll probably still work

xenoxaos

Capcom tape! I love it! That's what it will now be called for the rest of my life.

tomamore

what temperature do you usually use to desolder?

u-ux

Why did all the flux go on the chip package, rather than a blob on either side where the pins are?

nickstallman

What flash reader are you using and where can i buy one?

michaelstallsworth

Louis would use a whole bottle of flux

neon_Nomad