picocom_skill

This skill enables secure IoT UART interactions using picocom to enumerate devices, access shells, and discover vulnerabilities for pentesting.
  • Python

520

GitHub Stars

4

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill brownfinesecurity/iothackbot --skill picocom

  • examples.md11.1 KB
  • OBSERVING_SESSIONS.md8.9 KB
  • serial_helper.py31.3 KB
  • SKILL.md26.4 KB

Overview

This skill provides a reliable interface to interact with IoT device UART consoles using picocom and a Python serial helper. It is designed for pentesting workflows: device enumeration, bootloader interaction, AT command enumeration, vulnerability discovery, and obtaining interactive shells. The helper script cleans output, detects prompts, handles timeouts, and logs all serial I/O for safe, observable sessions.

How this skill works

The skill wraps picocom with a Python helper that opens the serial device, normalizes and cleans device output (removing echoes, prompts, and ANSI codes), and detects prompts or AT-style responses. It supports single commands, batch scripts, interactive mode, passive monitor mode with triggers, and JSON output for automated parsing. All I/O is logged by default to /tmp/serial_session.log so you can tail the file in another terminal to observe activity in real time.

When to use it

  • When you need to enumerate an embedded device (processes, network config, filesystem, firmware versions).
  • When interacting with bootloaders (U-Boot) or interrupting boot sequences for exploitation.
  • When probing cellular/satellite modems or AT interfaces for sensitive info or misconfigurations.
  • When passively capturing boot logs, triggered debug output, or authentication leakages via UART.
  • When scripting repeatable serial checks or integrating UART data into automated pentest workflows.

Best practices

  • Always include --logfile /tmp/serial_session.log so sessions can be observed with tail -f.
  • Prefer the serial_helper.py wrapper over raw picocom for reliable prompt detection and cleaner output.
  • Use --prompt to supply a device-specific regex when known to improve command/response pairing.
  • For modems and AT devices, use --at-mode to correctly interpret OK/ERROR style responses.
  • Run picocom interactions from a background shell or a separate terminal to avoid TTY conflicts.

Example use cases

  • Run a one-off command: python3 serial_helper.py --device /dev/ttyUSB0 --command "ifconfig" --logfile /tmp/serial_session.log
  • Enumerate modem details with AT batch script to collect IMEI, firmware, and network status.
  • Monitor boot sequence: use --monitor with a trigger-script to reboot the device and capture boot logs for secret leaks.
  • Interactive shell access to an embedded device to inspect /etc, services, and running processes.
  • Passive monitoring during authentication brute-force to see if credentials or tokens are printed to UART.

FAQ

Yes. The helper uses picocom under the hood (and pyserial). Ensure picocom and python-pyserial or pip-installed pyserial are present.

Why always log to /tmp/serial_session.log?

Logging to /tmp/serial_session.log lets you monitor I/O in real time with tail -f without interfering with the serial connection.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational