I came across the tweet about this "Evil" dongle and instantly recognized it as ...

LeifCarrotson · 2025-01-17T23:42:39 1737157359

What happened to U3 at the top left in the image of the flash chip?

Looks like they had a footprint for a diode in a 3-pin SOT23 package and found they didn't have stock of the special part, so they installed a SOD323 diode at a 30 degree angle across two pins...

MartijnBraam · 2025-01-18T00:04:24 1737158664

I'm pretty sure that's exactly what happened

ta988 · 2025-01-18T18:50:51 1737226251

Or it was meant to be toggleable.

Cthulhu_ · 2025-01-18T09:42:40 1737193360

> Funnily enough this post now also gives you all the tooling to make an actual evil RJ45 dongle by reflashing one :D

Ironic! I'm convinced most security problems are caused by well-meaning people breaking down hard- and software and explaining how to "hack" things. I mean if that's unintentional than at best it was security by obscurity to begin with which should be exposed so people don't rely on it.

rickdeckard · 2025-01-18T10:42:15 1737196935

If you think some curious spare-time white-hat hackers are the main cause of most security problems, you grossly underestimate the size and skillset of the black-hat hacking industry, and the unlimited profit-potential available in that field...

jdietrich · 2025-01-18T11:06:35 1737198395

You can just buy a malicious USB cable, complete with a suite of payloads - from a US company, no less.

https://hak5.org/products/omg-cable

tacet · 2025-01-18T13:47:47 1737208067

I hope someday some youtuber drops omg cable at my office for content. Preferably several.

tjoff · 2025-01-18T11:26:57 1737199617

And here I thought the main cause of most security problems was stressed developers on rushed projects where noone cares about security.

lazide · 2025-01-18T10:28:37 1737196117

“I'm convinced most security problems are caused by well-meaning people breaking down hard- and software and explaining how to "hack" things.”

Huh?

gus_massa · 2025-01-18T13:34:20 1737207260

Is it possible to add an autorun.inf to the fake cd?

stavros · 2025-01-17T22:45:28 1737153928

Hm, why does shorting CS and S0 make it not work?

MartijnBraam · 2025-01-17T23:18:19 1737155899

Shorting almost any two of the communication lines of the flash chip will corrupt the communication enough that the ethernet controller thinks there's no flash installed at all.

nick__m · 2025-01-17T23:03:10 1737154990

I have no idea about S0 but CS is usually chip select. It should be sufficient to short it to prevent the chip from being selected. However CS is frequently inverted and you would have to pull it up to prevent the chip selection, so maybe S0 is always high and inhibit CS

cozzyd · 2025-01-17T23:13:10 1737155590

SO (MISO) should generally be high impedance if not selected...

I suspect this causes SO to always output the same value and the Ethernet controller must expect some magic

nick__m · 2025-01-17T23:21:18 1737156078

Thanks you for refreshing my memory, I learn about that in college twenty-something years ago but never used that knowledge!

stavros · 2025-01-17T23:10:58 1737155458

That makes sense, thank you.