Sentraq S60x – Massdrop

Picked up this awesome little keyboard recently via Massdrop. Typically it took a while to get here, but it’s everything I wanted 😀


I wanted clicky keys so I picked Cherry Blues. Yep. It’s clicky! Very clicky! Such a pleasurable experience typing on it. Anyway it’s billed as ‘entry level’ but Massdrop unfortunately don’t provide anything in the way of instructions or anything to assist in building or flashing firmware.

So I luckily found some images on geekhack which helped with the mounting of the stabilisers, the key is to do these FIRST before you start soldering or you’re in trouble… Also, make sure you click the wire bit into the plastic bit (if you build the kit, you’ll see what I mean) or you’ll be in a world of pain.

Next… Flashing. If you’re like me and use Linux at home, you’ll need to do this – especially if you use ‘vi’ – as the default firmware doesn’t have an ‘esc’ key mapped! That makes exiting vi, err, tricky.

To flash a new layout on Linux:
Install dfu-programmer via your favourite package manager.
Connect keyboard. Hold button for 5 seconds.
‘lsusb’ should show the keyboard in DFU bootloader mode: Bus 003 Device 020: ID 03eb:2ff4 Atmel Corp. atmega32u4 DFU bootloader
sudo dfu-programmer atmega32u4 erase
sudo dfu-programmer atmega32u4 flash <your .hex file>
sudo dfu-programmer atmega32u4 reset (or, unplug and replug – worked ok for me)


Yes, I said 2017. DEFCON 2016 hasn’t even happened as yet, but the Mrs has given approval for me to attend DEFCON 2017!

So, now to commence saving and researching flights, transfers and accommodation.

I’d like to fly over a few days before and spend some time in San Francisco, then drive down to Las Vegas over the course of a day and a bit for DEFCON. After the conference I’m likely to be pretty tired – so will probably fly from Las Vegas to Los Angeles, then home again.

Lots of flying… But I’m sure it’ll be awesome!

Bellini Supercook Yumi Wi-Fi. The (in)security Perspective.

Oh, IoT. Internet of Things. How promising you are. Like most geeks I’ve dreamed of having everything electronic I own connected to the Internet. Ever since seeing the NetBSD Toaster online in 2005, my own mind and that of other developers, has clearly wandered into areas we never thought possible previously.

But, as anyone with any interest in Security will already be acutely aware of, the actual security of the software running on many of these things is, to put it lightly, COMPLETELY AND ABSOLUTELY TERRIBLE!

We were provided a beta device for assessment of the operation, and one of the things we said to the manufacturer at the time was that we would perform a security assessment of the device and provide our findings to them.

We did that. They went silent. I have no idea if any of this is resolved, or will ever be. We have reached out to the vendor to find out if they have resolved these issues. At the time of writing, we are running the same firmware version as the latest available on

Read on for my full assessment of the Supercook Wi-Fi Yumi security.

Continue reading Bellini Supercook Yumi Wi-Fi. The (in)security Perspective.

What the hell just happened! Did you just get PWND?

So, if you’ve been following this blog for a while (there aren’t many, but I do know of a couple) you may have just seen a whole bunch of infosec/ctf/hacking-related content added to the site.

No, my blog hasn’t been hacked.

No, I’m not a skript kiddie.

No, I don’t illegally access sites or servers I don’t have permission to access.

Yes, I do consider myself a hacker – but in the true sense of the word. Someone who uses hardware and software for purposes they were not originally designed for. Not the meaning of the word used by the media – someone who accesses systems illegally.

Yes, I do operate a small Information Security group – aimed at fostering knowledge and understanding of information security issues.

Yes, I am involved with assessing security of software as part of my full-time software development role.

Yes, I often undertake CTF challenges on the weekends.

Yes, I am aiming to move into a role with more involvement in Information Security in the future.

No, I will not hack your ex-girlfriends Facebook, and nor do I know anyone who can.

I was starting to operate a small blog hosted on to host all my CTF and security related content, but it was then becoming a little annoying to have this blog sitting here, only hosting brewing content. I can’t see a reason why it can’t do both, so I imported all the images and content over here.

So, from here on there won’t be ONLY homebrewing posts, I’ll be posting on information security related topics too. There are a stack of homebrewers who are in the IT industry too, so I think that content will also be kind of interesting for some of you anyway. Likewise, InfoSec people are often basically functioning alcoholics too – so they’ll probably get something from the homebrewing content too 🙂


Urrrrrgh…. OSMC/Kodi. Default passwords. Unprotected credentials. Default directories.

We run Kodi/OSMC on Raspberry Pi’s in our house, as media players. They work brilliantly. Give them a stable power supply, and they run forever.

But, last night and tonight I needed to get access to it via the shell to repair a plugin which fails to work properly.

OSMC has a default username and password.
It has a default directory.
Plugin and account passwords are in clear-text.
Screen Shot 2016-05-19 at 9.28.01 pm

So… it would take perhaps a half an hour for someone to write some Python code which checks for the defaults and raids the system for the usernames and passwords…

Red Team Engagements

I just LOVE this video! It’s coverage of RedTeam Security doing a Red Team engagement on a small US Power Company.

This has completely confirmed my desire to move into a hands-on white-hat penetration testing career (having spent the past 15 years as a developer and sysadmin), and it was a major driver for me to start doing CTF challenges before I get into doing the Offensive Security Certified Professional certificate, via the Pentesting with Kali course.

NullByte CTF – Walk Through

This is a writeup of the NullByte CTF challenge which can be found on VulnHub.

I really wasn’t sure what to do next after the last challenge, but this one looked as good as any!

I ultimately headed down the slightly wrong path at the end here, but I learned a lesson from that in itself. Also I learned about manual, blind SQL Injection rather than using SQLMap to do all the dirty work, so that was nice.

Continue reading NullByte CTF – Walk Through

Minotaur CTF – Walk Through

This is a writeup of the Minotaur CTF boot2root CTF VM which can be found on VulnHub.

This is my first CTF writeup, having previously done a couple of CTF challenges with varying levels of success. In each of the previous challenges I’ve done, I have had to look at other walkthroughs to get an idea of the next steps required. Pleasantly however in a couple of cases, the next step was what I’d assumed it would be – but thought to myself “Naa. That doesn’t seem right.”, only to find that in the walkthrough, that’s what they did.

For this CTF Walk Through, I’m going to give it my best go, without looking at other walk throughs. That is until I crack the shits and go looking for hints 🙂

Continue reading Minotaur CTF – Walk Through