Hi. 馃憢

My name is Naz Markuta and I work in cyber security. This website serves as a personal blog where I share my experiences and occasional guides in various topics (mostly in IT). I鈥檝e tried to keep this blog clean and purely content focused.

Creating offline Authy backups

Overview This post should help users who want to create offline backups of Authy TOTPs secrets, using a rooted Android device, or a patched .APK file. I wrote a python script which can be used to import and export token secrets into a standardized format, including (re)generating QR codes. I briefly cover app reversing, specifically the API endpoints for device registration. Once a device is registered, each request uses 3 OTP tokens as URL parameters that rotate every 7 seconds....

30 July, 2024 路 19 min 路 Naz Markuta

Hacking Amazon's eero 6 (part 2)

This is second part of the Hacking Amazon鈥檚 eero 6 device, which covers reading and extracting firmware data directly from a eMMC flash chip. This is after the chip had been desoldered (not by me) off the device. I also share the equipment I bought during this project, including what didn鈥檛 work and what did. You can skip to this section on modifying a BGA159 chip reader. The firmware on the eMMC at the time version v7....

27 June, 2024 路 12 min 路 Naz Markuta

How to install OpenWRT on QEMU

Overview A short blog on how to install and run the latest version of OpenWRT using QEMU, on a machine with Apple M1. This is similar to my previous blog post on How to build a Debian MIPS image on QEMU. This guide uses the OpenWRT ARMv8 edition, which runs nicely on a Apple M1 chip. It also covers how to install the LuCI web management interface. Download and Install Select and download the necessary files from the link below....

8 April, 2024 路 4 min 路 Naz Markuta

Exploiting a JDBC deserialization vulnerability in MFT Server by JSCAPE

Update: Fixed proof of concept link. Background This research project started back in July 2023, at around the same time when a critical vulnerability in a popular file-sharing software called MoveIt Transfer was disclosed. More details about that particular vulnerability can be found here and here. I was curious and looked for other similar file-sharing software with security issues. And so a few Google searches later, I found a candidate, a software for enterprises called MFT Server by JSCAPE....

22 March, 2024 路 10 min 路 Naz Markuta

Hacking Amazon's eero 6 (part 1)

This is the first in the series of hacking Amazon鈥檚 eero 6 (3rd generation) Wi-Fi device. In this post I will be focusing on device disassembly, identifying pins, brute forcing JTAG, and reading serial output. The second part of the blog can be found: https://markuta.com/eero-6-hacking-part-2/ About Eero is a San Francisco-based wireless Internet company founded in 2015. It is known for making household consumer Wi-Fi products. The company was acquired by Amazon in 2019 for $97 million....

15 June, 2023 路 25 min 路 Naz Markuta