Webcam Workshop!

We'll show you how we did it!

Using some of the techniques from the broader week-long "Software Exploitation Via Hardware Exploitation" course, in one day we'll cover:

Interfacing with low level hardware
Interactively communicating with hardware (via various interfaces: UART, JTAG, SPI, I2C, etc.)
Firmware extraction (in-circuit or "non-destructive" access to chips, destructive extraction of chips, JTAG, et al)
Firmware analysis (disassembly, decompression, binary analysis, et al)
Finding vulnerabilities with reverse engineering (IDA, Capstone Engine, et al)
Exploitation of firmware vulnerabilities

Come hack embedded devices with us!

Next classes:

26Aug-27Aug 2017 San Francisco, CA (Register Now!)
10Nov-11Nov 2017 Manhattan, NY (Register Now!)
15Dec-16Dec 2017 Hamburg, Germany (Register Now!)

Get more info about our training venues here.

"Did what?" Here's some background

In 2016 the Senrio Research team (formerly Xipiter) published a vulnerability in a specific firmware component of a webcam. It turned out however that this component was used across MULTIPLE products by the manufacturer from NAS devices to DVRs (At the time, 120 products was the estimate!) You can read that initial publication in these places:

Read a technical "deep dive" on the vulnerability here on our blog:
"400,000 Publicly Available IoT Devices Vulnerable to Single Flaw"

Shodan Dlink report

This vulnerability was found to be exploitable in hundreds of thousands of publicly accessible devices on the internet. The "IoT Search Engine" Shodan collaborated with the Senrio team to show how many!

iot = Simple bugs, big impact:

Since our publication, the Federal Trade Commission has actually sued D-Link for poor device security!

A perfect "case study" for the state of security in IoT:

Due to the nature of the vulnerability (code execution in a reused firmware component) and the ubiquity of the hardware, the impact of the vulnerability changes with how the device is used in the "real world".

Does the video stream overlook cash-register terminals, safes, or keypad door entry?
Could an attacker (with access to the camera/stream) collect valuable information? PINs, passwords, etc?
Can the device itself be used for lateral movement inside a network to launch attacks on other parts of the network?
Can vulnerabilities like this be used to create botnets and worms?

For these reasons (and the nature of the hardware/firmware) this vulnerability provides a perfect case-study for insecure design patterns found in all kinds of embedded devices such as: SCADA/ICS, MedTech & H-IoT, Industrial IoT, Point-Of-Sale, you name it!

So...come hack embedded devices with us!

Preview Video for the SexViaHex "WebCam Workshop"

Curious about how we prepare the hardware for these classes? Watch this!

IoT Webcam Serial Prep from Senrio Labs on Vimeo.

Reserve your seat for the next one!

Our trainings fill up pretty quickly (they are popular and unfortunately, there are limited seats) so if you're interested in participating get your seat, or if you miss it, sign up below to get details before we make them available publicly!