Because all is not always about PCB, soldering and blinking leds, here is a post with more information about our technological choices concerning the way Harsploit will communicate with higher level layers. You will notice that some choices we’ve made are not necessarily dicted by a given technology but in contrary because it’s seemed fun , useful and interesting to achieve our functional goals : create an easy to use Hardware Hacking Framework !
Here is a graphic summary for those who are in a hurry :
The concept behind Hardsploit when the idea came up was “Make the hardware pentesting more accessible and more flexible”. What we mean by that ? Well, in few clicks you must be able to get the content or hack the electronic components you’re working on. So yes, if it wasn’t already clear in your mind there is a graphical interface, but don’t worry if you are more a command line person we haven’t forgotten you.
Why Ruby in particular ? First thing is, we were interrested to know more about it and then because we realize that it is very “smooth” to use (the gem system is very convenient, the simple syntax even more). No technical reasons here, we are not limited by it, technically speaking, and we hope that will continue this way (apparently no reason the inverse happen).
Is it still necessary to introduce it ? Logic choice for local/client storage, work great with Ruby and perfect system interoperability.
No doubt one of the most useful thing we use with Ruby. Define the database model, forget raw SQL. An invaluable time saving. As a security company that perform application pentesting we are still curious to know how it handle SQLi attempts…
We aren’t using it with Rails, just the activerecord core.
Finally the graphic part: We are using the well knowed Qt library (which is compatible with the most common platforms, a strong asset) to create the Hardsploit interface. Using Qt and the Qt designer with Ruby requires some tweak that are explain below:
Step 2 -> Use rbuic to convert the ui file to Ruby:
file.ui -o file.rb
Simple as that !