Jooki's Ghost in the Machine: Exploiting Vulnerabilities in a Dead Audio Player
2025-02-14
Following the bankruptcy of its manufacturer, many Jooki kid-friendly audio players became unusable. This post details the reverse engineering of the Jooki firmware, revealing multiple vulnerabilities, including a backdoor and remote code execution. The author analyzes the firmware, filesystem, Mender OTA update mechanism, and HTTP server interface, demonstrating how to gain control of the device. Methods for exploiting these vulnerabilities to achieve remote code execution by modifying configuration files, using flags, and leveraging the OTA update mechanism are shown. A call to the creator to open-source their work is included.
Read more
Hardware