Well one thing that became obvious today is that companies that make wifi routers really dont want you flashing other firmware on it.

For example i got a new router cause it was time.
Ofc fully compatible with OpenWRT. The thing tho ? The GUI flashing process accepts only encrypted binaries. And surprise we as customers cant encrypt it like they do.

So the next thing that comes to mind instantly is UART. They cant break that right ? Well turns out they can. They just disallow key inputs from console. So you cant make the damn device load into TFTP mode.

And D-Link has this lovely recovery utility that accepts unencrypted firmware. EZ way to flash it right ? WRONG. The garbage doesnt load second time after you load it once in 1 boot. And even if you get it to start loading the firmware. It wont really flash it.

Luckily there was an exploit :)
And joining via telnet and enabling http server on PC and wget-ting the binary from there. And flashing.

Honestly now. I pay money for this garbage. I own the hardware. Let me do what i want with it.

At least it runs kernel 5.10 now and is super fast :) Worth the trouble honestly

(Should be noted im not new to flashing firmware on routers. But this is the first one that really didnt want me to flash it. Like nuking my freaking UART access ? Taking it too fucking far)

Windows 11 kinda defeated me (although probably by my own fault of installing it on unsupported hardware).

I’ve been having horrible input lag whenever my system has been doing something CPU intensive - gaming, even copying files, to the point where I would have 2 second delay between key input and key being registered by the system.

I reverted back to Windows 10.

After brute forced access to her hardware I spotted huge memory leak spreading on my key logger I just installed. She couldn’t resist right after my data reached her database so I inserted it once more to duplicate her primary key, she instantly locked my transaction and screamed so loud that all neighborhood was broadcasted with a message that exception is being raised. Right after she grabbed back of my stick just to push my exploit harder to it’s limits and make sure all stack trace is being logged into her security kernel log.
Fortunately my spyware was obfuscated and my metadata was hidden so despite she wanted to copy my code into her newly established kernel and clone it into new deadly weapon all my data went into temporary file I could flush right after my stick was unloaded.
Right after deeply scanning her localhost I removed my stick from her desktop and left the building, she was left alone again, loudly complaining about her security hole being exploited.
My work was done and I was preparing to break into another corporate security system.
- penetration tester diaries