https://mac.sploit.dk/tags/firmware/ Recent content in Firmware on Martin's Blog Hugo en-us Wed, 15 Apr 2026 00:00:00 +0000 https://mac.sploit.dk/blog/synology-agent-audit/ Wed, 15 Apr 2026 00:00:00 +0000 https://mac.sploit.dk/blog/synology-agent-audit/ <p>This started with a simple question to a Claude model: <em>&ldquo;My NAS is at 192.168.0.103. What version is it running?&rdquo;</em></p> <p>I wanted to see how far I could push a conversational AI model to perform real security research on my personal Synology NAS. The setup was a GitHub Copilot CLI with Claude Opus 4.6 running in a terminal agent (Ubuntu) with access to standard tools, plus a handful of custom skills I had written previously: <code>decompile-idapro</code> (drives IDA Pro 9.3 headless decompilation), <code>binary-analysis</code> (triage and inspection of ELF/PE binaries), and <code>find-vulns</code> (structured vulnerability scanning with CWE tagging). The skills give the model capabilities it would not have out of the box, but the research direction was entirely unscripted &ndash; just natural language prompts, one leading into the next, following whatever thread looked interesting.</p>