Summercon 2013: Hacking the Withings WS-30

This past weekend I presented Weighing in on Issues with “Cloud Scale” at Summercon 2013 (the title is totally a joke, btw). In the presentation, I talked about my experience reverse engineering and hacking the Withings WS-30 WiFi-enabled bathroom scale, a fun little embedded device running Thumb-2 code.

As mentioned during the talk, I’ve uploaded my slides, tools, and notes for download.  All of the tools I showed in the talk are fairly polished and ready for use in other projects.  There are also a good number of random crappy scripts that I used in one-off scenarios during the project but still may prove useful in some way.

I’ve included a copy of the WS-30 firmware (version 211) in the repo, as well as a copy with no header.  I’m also publishing my .idb so it may help others if they want to look at the code.  I’ve been annotating it for a number of months now so it should be fairly thorough.

If you have any feedback about the presentation or the project itself, let me know!

Slides: weighing-in-on-issues-with-cloud-scale.pdf

Tools/notes and everything else:

DEF CON 20 Presentation

By the way, I will be presenting “Owning the Network: Adventures in Router Rootkits” this Sunday, 12 noon at DEF CON 20.  If you enjoy ownage, networks, adventures, routers, and rootkits, this talk is for you. I’ll be releasing my firmware generation/manipulation framework at the talk, which will be made available on the site shortly afterwards.  Slides and (hopefully) video will be available as well.

Post-conference update:

Download slides: owning-the-network-adventures-in-router-rootkits.pdf
Download rpef: