We'll show you how we did it!
Using some of the techniques from the broader week-long "Software Exploitation Via Hardware Exploitation" course, in one to two days we'll cover:
- Interfacing with low level hardware
- Interactively communicating with hardware (via various interfaces: UART, JTAG, SPI, I2C, etc.)
- Firmware extraction (in-circuit or "non-destructive" access to chips, destructive extraction of chips, JTAG, et al)
- Firmware analysis (disassembly, decompression, binary analysis, et al)
- Finding vulnerabilities with reverse engineering (IDA, Capstone Engine, et al)
- Exploitation of firmware vulnerabilities
Come hack embedded devices with us!
Next classes:
To Be Announced (Sign up for our newsletter!)
"Did what?"
Here's some background:
In 2016 the Senrio Research team (formerly Xipiter) published a vulnerability in a specific firmware component of a webcam. It turned out however that this component was used across MULTIPLE products by the manufacturer from NAS devices to DVRs (At the time, 120 products was the estimate!) You can read that initial publication in these places:
Read a technical "deep dive" on the vulnerability here on our blog:
"400,000 Publicly Available IoT Devices Vulnerable to Single Flaw"
"400,000 Publicly Available IoT Devices Vulnerable to Single Flaw"
Shodan Dlink report
This vulnerability was found to be exploitable in hundreds of thousands of publicly accessible devices on the internet. The "IoT Search Engine" Shodan collaborated with the Senrio team to show how many!
check out the shodan report
iot = Simple bugs, big impact:
Since our publication, the Federal Trade Commission has actually sued D-Link for poor device security!
A perfect "case study" for the state of security in IoT:
Due to the nature of the vulnerability (code execution in a reused firmware component) and the ubiquity of the hardware, the impact of the vulnerability changes with how the device is used in the "real world".
- Does the video stream overlook cash-register terminals, safes, or keypad door entry?
- Could an attacker (with access to the camera/stream) collect valuable information? PINs, passwords, etc?
- Can the device itself be used for lateral movement inside a network to launch attacks on other parts of the network?
- Can vulnerabilities like this be used to create botnets and worms?
So...come hack embedded devices with us!
Preview Video for the SexViaHex "WebCam Workshop"
Curious about how we prepare the hardware for these classes? Watch this!
IoT Webcam Serial Prep from Senrio Labs on Vimeo.
Reserve your seat for the next one!
Our trainings fill up pretty quickly (they are popular and unfortunately, there are limited seats) so if you're interested in participating get your seat, or if you miss it, sign up below to get details before we make them available publicly!