| icon |
|---|
magnifying-glass |
OSINT (Open Source Intelligence) is the practice of collecting information from publicly available resources. In the context of IoT (Internet of Things) devices, this refers to gathering intelligence from a variety of sources to understand the ecosystem, identify potential vulnerabilities, or profile devices connected to networks. OSINT for a device is often overlooked. What to look for:
- Manufacturers release documentation detailing device functionalities.
- Key actions include Backup, USB Port usage, and Firmware Updates.
.png)
Search for user manuals or documentation of your target
- Public firmware may be available on manufacturers' websites.
- Allows for reverse engineering without dumping firmware directly from the device.
.png)
Example: Netgear offers free firmware downloads
- Devices often come with default credentials that are easily exploitable, check websites for them
- A great database of default passwords can be found on Github
- Community forums may reveal unreported vulnerabilities.
- Security research papers can highlight known exploits and weaknesses.
- Search on CVEdetails for your target or vendor
- If your device can transmit data over radio frequencies and is sold in the USA, it requires an FCC ID
- Often you can find it somewhere on the device label:
.png)
FCC ID found
- On https://fccid.io/ you can search the FCC ID and will get documentation, external photos and very interesting for us: Internal photos
.png)
Internal Photos of target device
- Here an example, where we can already spot a potential debug interface:
.png)
Potential UART found on FCC picture