Gerhard Klostermeier

@[email protected]
49 Followers
81 Following
28 Posts
Pentester, Hacker, Researcher, IT💻/HW🛠️/RF📡 Security Enthusiast, Author of MIFARE Classic Tool
Webhttps://www.icaria.de
Githubhttps://github.com/ikarus23
Twitter/Xhttps://x.com/iiiikarus
LanguageEN/DE
Gerhard KlostermeierFeb 17

Hacking a home router. Boring?! What if I told you could hack thousands of them? Remotely! Over the Internet! Zero-click! And that's not all.

My colleague did some research and wrote it all up here: https://blog.syss.com/posts/meshhacks/

Highly recommended!
#hacking #iot #embedded #security

MeshHacks: Exploiting Linksys Intelligent Mesh from the Internet

In this blog post, we describe multiple vulnerabilities we found in Linksys Wi-Fi routers, especially exploiting the “Intelligent Mesh™” functionality, which can be used to wirelessly link routers to act as a Wi-Fi mesh.

SySS Tech Blog
Gerhard KlostermeierJan 25

Had been some time since I did some work on #MifareClassicTool. Finally released a new version. You can now increase values of Value Blocks which only have decrement/transfer/restore permissions.

https://github.com/ikarus23/MifareClassicTool/releases/tag/v4.3.0

Release Version 4.3.0 · ikarus23/MifareClassicTool

This release will not be available via Google Play Google Play requires to target SDK 35+ (this version uses 34). The next version (4.3.1) will address this issue and be released soon. Changelog: ...

GitHub
Show threadGerhard KlostermeierDec 26
@MacLemon Bei mir: "Bitte erschrecken Sie jetzt nicht, aber wir erreichen Kassel-Wilhelmshöhe 6 Minuten zu früh!" 🙂
Show threadGerhard KlostermeierDec 26
@ttdennis @willnix Was there at #Troopers25. Looking forward to the update. Really great work!
Gerhard KlostermeierDec 26
BalCConDec 26
Join us at #39c3 #BalCCon Assembly. CTF - https://events.ccc.de/congress/2025/hub/en/event/detail/ctf-smart-house
[39c3] CTF - Smart House

Move from floor to floor, solve challenges with friends, and crack the final safe at the top. Whether you're a beginner or an experienced hacker, everyone’s welcome to learn, collaborate, and have fun at BalCCon Assembly. 🕒 Time: 27 December,...

39c3
Gerhard KlostermeierOct 22
Matthias DeegOct 20

I'm back home from the beautiful city of Bergamo and the awesome @nohatcon.

Today, we have published the security advisories concerning the Verbatim security update I was talking about on Saturday in my presentation "Your Security Update is Not Secure Enough".

Show threadGerhard KlostermeierOct 12
The talk can now be found on YouTube https://www.youtube.com/watch?v=tmIoT2LtQ00
BalCCon2k25 - IKARUS - Prison Break - Kiosk Mode Environments

YouTube
Show threadGerhard KlostermeierSep 30

@emanuelduss Yeah, quite often it all comes down to links. But as you noticed, Android is a bit different from e.g. Windows when it comes to handling links referring to apps.

Thanks for sharing your story. I will add a extra hint to the Android section regarding links!

Show threadGerhard KlostermeierSep 27
@jomo 100% agree! Links are the best, especially the ones leading to things like Facebook, etc. Also great: some of these privacy or legal notes have "mailto" links. These often just open the default mail program. Easy to break out from there.
Show threadGerhard KlostermeierSep 27
If you have other ideas on how to break out of kiosk modes please share them over at github!