username/esp32-hacking
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 9 Wiki Activity
Files
0bcb5ddf0ca8ddce1533e4efb9c852beb6c354c6
esp32-hacking/TODO.md
user 0bcb5ddf0c fix: Enable stack canaries, heap poisoning, WDT panic; remove dead code 
- CONFIG_COMPILER_STACK_CHECK_MODE_NORM=y (buffer overflow detection)
- CONFIG_HEAP_POISONING_LIGHT=y (use-after-free/corruption detection)
- CONFIG_ESP_TASK_WDT_PANIC=y (auto-reboot on hung task)
- Remove unused #include "esp_now.h" (CVE-2025-52471 mitigation)
- Replace hardcoded default IP 192.168.129.11 with 0.0.0.0 in Kconfig
2026-02-14 22:16:13 +01:00

1.9 KiB
Raw Blame History

ESP32 Hacking TODO

Firmware

Security (from pentest findings)

  • Enable CONFIG_COMPILER_STACK_CHECK_MODE_NORM=y (stack canaries)
  • Enable CONFIG_HEAP_POISONING_LIGHT=y (heap corruption detection)
  • Enable CONFIG_ESP_TASK_WDT_PANIC=y (WDT auto-recovery)
  • Remove unused #include "esp_now.h" from app_main.c
  • Remove hardcoded default IP 192.168.129.11 from binary
  • Flash encryption planning (irreversible eFuse burn)
  • Secure Boot V2 planning (irreversible eFuse burn)
  • DTLS for UDP command channel (stretch goal)
  • OTA certificate pinning / embedded CA cert
  • NVS encryption for auth_secret at rest

Features

  • Multi-target (send UDP data to 2+ destinations simultaneously)
  • Deep sleep mode with wake-on-CSI-motion
  • Battery-optimized duty cycling
  • AP+STA config portal (captive portal for initial setup)

Testing

  • Tune presence threshold per room with real-world testing
  • Power consumption measurements (per-mode: idle, CSI, BLE, probe)
  • Benchmark: CSI callback latency
  • Benchmark: UDP throughput at different rates

Documentation

  • Document esp-crab dual-antenna capabilities
  • Document esp-radar console features
  • Pin mapping for ESP32-DevKitC V1
  • Compare CSI quality: passive (router) vs active (ESP-NOW)
  • Multi-sensor deployment guide (placement, zones, triangulation)

Tools (esp-ctl)

  • Migrate OSINT database to Flask API (esp-ctl becomes thin client)
  • esp-ctl api subcommand (query Flask API)

Ideas

  • ESP-NOW mesh for direct ESP32-to-ESP32 CSI
  • External PIR sensor for CSI ground truth validation
  • RSSI triangulation with 3+ sensors (approximate device location)
  • Home Assistant MQTT discovery integration
  • Grafana dashboards for long-term analytics
  • ML-based device classification (phone vs laptop vs IoT)
  • Webhook callbacks for alerts (Slack, Discord, ntfy)
Reference in New Issue View Git Blame Copy Permalink