- PRODUCT OVERVIEW
- PIN LAYOUT
- USE CASES
Attify Badge is a hardware security assessment tool created by Attify used to communicate between a PC and an embedded device over various hardware communication protocols. We initially built the device to help us with our IoT device pentests, but soon realized the immense potential of it.
The Attify Badge uses an FTDI chip allowing it to speak a wide variety of communication protocols and standards such as UART, SPI, I2C, 1-Wire and JTAG. This allows you to interact with any IoT/Embedded device which has one or more hardware communication ports exposed. It supports both 3.3V and 5V which makes it suitable for a large number of target devices.
You don’t require special hookup wires or cables to use Attify Badge, rather the standard dupont jumper wires (also included with all Attify Badges). Attify Badge has a micro USB port allowing it to be easily connected with your PC with a micro USB cable which is also included when you order an Attify Badge.
Master In Slave Out
Master Out Slave In
Note: For I2C, the D1 and D2 lines need to be connected together for SDA.
Test Data In
Test Data Out
Test Mode Select
You could use the Attify Badge to:
Gain serial root access on the target device using UART communication
Get debugging logs, U-Boot access and bootup logs over serial
Dump firmware, API keys or other sensitive information stored on the Flash chip over SPI or I2C
Write your own custom firmware to the device by Flash write
Perform JTAG Debugging using OpenOCD and GDB
Here's what some other people have done using Attify Badge:
Using UART to get a root shell on an IP Camera by David Sopas - https://www.davidsopas.com/using-uart-to-connect-to-a-chinese-ip-cam/
Accessing IoT Device SecretsDumping Data from an SPI Flash Memory by SecurityInnovation - https://blog.securityinnovation.com/iot_device_secrets
Performing JTAG debugging and Exploitation with Attify Badge by IoTSecJP (in Chinese) - http://ruffnex.net/iotsecjp/pdf/jtag.pdf
Intro to Hardware Hacking - Dumping your First Firmware by NVisium - https://nvisium.com/blog/2019/08/07/extracting-firmware-from-iot-devices.html