Valerio Di Giampietro

Personal Web Site

This is my personal Web Site, here you will find some IT related information based on my experience. I’m an Italian Electronic Engineer with more than 30 years of experience in the fields of IT management, Network and Unix System Administration, Telecommunications and Digital Electronics.

Make Me Hack YouTube Channel

Last week I started the Make Me Hack YouTube channel about Hardware Hacking and Reverse Engineering. I also started the Make Me Hack Website to complement the YoutTube channel with additional links and information.

Currently I have uploaded the following videos:

  • 01 – Identifying Components about how to open an IoT device and identify his main components (System On a Chip, RAM, EEPROM etc.)
  • 02 – How To Find The UART Interface about how to identify the position and pin-out of the IoT serial interface using simple tools, like a multi-meter, and how to connect this interface to a PC using a USB TTL Serial Adapter
  • 03 – How To Find The JTAG Interface about how to identify the position and pin-out of the JTAG interface, using simple tools, like a multi-meter or a Jtagulator board, and what to do when the JTAG interface has been identified but it is not working
Read the rest

Hackitivity 2019, Budapest – IT Security Festival

I did a workshop, at the Hacktivity 2019 – IT Security Festival on 25th and 26th October 2019 about “Introduction to IoT Reverse Engineering with an Example on a Home Router”.
Here you can find:

Presentation

GitHub repositories related to the Home Router Example

  • hacking-gemtek: the complete reverse engineering project for the home router example, a Gemtek home router (WVRTM-127ACN), distributed in Italy by Linkem, with the purpose to modify the firmware, gain root access, recover default WiFi password.
Read the rest

RomHack 2019 – Cyber Security Conference

I did a presentation, in Italian (see below for similar presentation in English), at the RomHack 2019 – Cyber Security Conference on 28th September 2019 about “Reverse Engineering of IoT devices: Hack a Home Router”.

Here you can find:

Presentation

GitHub repositories related to the Home Router Example

  • adbtools2: tools for hacking ADB Epicentro routers (the example home router), including firmware modification kit and VOIP password recovery;
  • Buildroot-armv7: a set of scripts, configuration files and Buildroot external tree to setup a Qemu emulation environment to run and reverse engineer the Netgear DVA 5592 executables.
Read the rest

Hack in Paris 2019 – Cyber Security Conference

I did a presentation at the Hack in Paris 2019 – Cyber Security Conference on 19th June 2019 about “Introduction to IoT Reverse Engineering with an example on a home router”.

Here you can find:

Presentation

GitHub repositories related to the Home Router Example

  • adbtools2: tools for hacking ADB Epicentro routers (the example home router), including firmware modification kit and VOIP password recovery;
  • Buildroot-armv7: a set of scripts, configuration files and Buildroot external tree to setup a Qemu emulation environment to run and reverse engineer the Netgear DVA 5592 executables.
Read the rest

LinuxLab 2018 Conference

I did a presentation at the LinuxLab Conference on 3rd December 2018 about “Introduction to IoT Reverse Engineering with an example on a home router”. You can find:

  • the presentation in pdf format, in the last pages of the presentation you will find the links to the tools mentioned in the presentation
  • abdtools2: tools for hacking ADB Epicentro routers (the example home router), including firmware modification kit and VOIP password recovery
  • buildroot-armv7: a set of scripts, configuration files and Buildroot external tree to setup a Qemu emulation environment to run and reverse engineer the Netgear DVA 5592 executables.
Read the rest

Cisco Network Emulation with GNS3 in a Docker container

GNS3 is a fantastic piece of software, it glues together different open source software and allows to emulate a network that includes Cisco routers (using real Cisco firmware), Cisco switches (using IOU, Cisco IOS on Unix), Cisco ASA and any other devices that can run on Qemu or Virtual Box emulator.

It also allows to connect the virtual network to the physical network, it is possible to access Internet in the emulated world and vice-versa. GNS3 is available on Windows, Mac OSX and on Linux, but it shines on Linux because, to use IOU, if you are not on Linux you need a Linux virtual machine running on VirtualBox.… Read the rest

Microsoft Exchange: complex and dangerous by design

I am not a fan of Microsoft products, I don’t like their complexity and the “dangerous by design” philosophy; recently I switched company and I am involved in implementing a data center for a public institution based primary on Microsoft Technology. One of this product is Microsoft Exchange; after many years of Unix System Management experience I didn’t believe how flawed Exchange was until I red by myself the official Microsoft Exchange documentation (Microsoft Exchange Server 2003 Resource Kit).… Read the rest

Posta che rifiutiamo considerandola Spam

English version here
Nel corso del mese di dicembre 2006 abbiamo provveduto ad installare un nuovo filtro per bloccare le email indesiderate (“spam”) e le email contenenti virus o files potenzialmente pericolosi per la sicurezza della nostra rete.
Le emails possono essere bloccate per le seguenti ragioni:

  1. il server che ci invia posta per conto del mittente è stato incluso in una lista nera (black list) di server usati dagli spammers. In questo caso l’errore ritornato al mittente &egrave: “554 Rejected as spam x.x.x.x
Read the rest

Emails that we reject as spam

Italian version here
In December 2006 we installed a new anti-spam/anti-virus email filter.
Emails can be blocked for the following reasons:

  1. the sender’s email server has been included in a blacklist of known spammers. In this case the error returned to the server is “554 Rejected as spam x.x.x.x found in dnsbl.sorbs.net” or “554 Rejected as spam see: http://spamcop.net/bl.shtml?x.x.x.x” where “x.x.x.x” is the sender’s server IP address.
    This means that this server has been included in one of the two blacklists that I am using.
Read the rest

Fighting Spam

The increase of Spam is a trend that started few years ago and it is continuously expanding, but to fight it there is plenty of good Open Source software. To use it effectively, anyway, it is needed a good knowledge of how spam floods our inboxes.

How spammers collect email addresses

The most used address gathering technique is using virus and spyware software that, without user awareness, gather email addresses from Outlook (or other email software) address-books and send this information to the spammers.… Read the rest