Page 1
Page 2
A first glance
Page 3
Hacking the BIO-250U
Page 4
Hacking the iUSB
Page 5
Page 6
Conclusion (+ discussion / remarks)
Do you like my hacking? If so, please consider leaving something in the
Fediverse (Mastodon etc): @Sprite_tm@social.
When I plugged in the BIO-250U, a friendly screen asking my fingerprint greeted me. The screen was familiar: the software running the fingerprint verification was almost the same as the white fingerprint-secured USB-stick I hacked some time back. The software was a tad different (it had to be because it had to talk to completely different hardware) but the fingerprint-recognition algorithms seemed the same. So I got the documentation of the hack I did with the stick and loaded up the debugger...
I selected the library I performed the original hack in, and, surprise, surprise:
this one was exactly the same. One breakpoint and one register modification
later, I had access to the 'secret' data. That was easy. Now to see if the
password-based iUSB was just as crackable...