Table Of Content

IoT HACKING - 101 Arun Magesh(@marunmagesh) Mounish Periasamy © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] Goal of the course • Learn more about IoT security and internals • Understand tools and techniques to exploit IoT devices • Get skills to perform • Embedded reverse engineering • Firmware and binary analysis • Conventional attack vectors • Comprise of both demos + hands-on exercise © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] Working in groups • We will be mostly working in groups for most of the lab exercises • Get to know your partner well • Highly encouraged to exchange ideas during class and come up with a solution for challenges © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] What are we going to cover • Understanding IoT devices from a pentester perspective • Firmware reverse engineering • Firmware based exploitation • Hacking a Smart switch • Few Demos (if we have time) © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] Thought Exercise Imagine you have a refrigerator connected to the Internet. It tells you when you are low on food and sends you pictures nightly. • What kinds of data is being collected? • Where does your data travel? • How many different organizations could see your data? © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] Thought Exercise – 2 • What are some security and privacy risks to you as a user? © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] What is IoT • Internet of Things or Smart Devices • Physical objects interacting with the outside world • Used for ease to the user, and for automation, monitoring, and data collection purposes • Thermostats, Smart plugs, TVs, ICS, Cars, Refrigerator, Kettles, Egg trays, Toys etc. © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] Offensive IoT Exploitation Current State of IoT security © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] IoT platforms • AWS IoT • ARM mbed • Ioteclipse.org • IBM Bluemix , etc. • Whatever be the platform, the vulnerabilities will be quite similar and the pentesting approach won’t change © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] IoT Landscape © Attify, Inc.| www.offensiveiotexploitation.com | [email protected]

Description:
Attify, Inc.| www.offensiveiotexploitation.com | [email protected]. IoT model (IBM) - what can be attacked? RADIO. COMMUNICATI. ON. WEB AND Case Study : Hacking a rifle .. Source : https://www.rapid7.com/docs/Hacking-IoT-A-Case-Study-on-Baby-Monitor-Exposures-and-Vulnerabilities.pdf
ebook img

Arun Magesh(@marunmagesh) PDF

150 Pages·2017·12.37 MB·English
by  
Save to my drive
Quick download
Download
Upgrade Premium
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Arun Magesh(@marunmagesh)

IoT HACKING - 101 Arun Magesh(@marunmagesh) Mounish Periasamy © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] Goal of the course • Learn more about IoT security and internals • Understand tools and techniques to exploit IoT devices • Get skills to perform • Embedded reverse engineering • Firmware and binary analysis • Conventional attack vectors • Comprise of both demos + hands-on exercise © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] Working in groups • We will be mostly working in groups for most of the lab exercises • Get to know your partner well • Highly encouraged to exchange ideas during class and come up with a solution for challenges © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] What are we going to cover • Understanding IoT devices from a pentester perspective • Firmware reverse engineering • Firmware based exploitation • Hacking a Smart switch • Few Demos (if we have time) © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] Thought Exercise Imagine you have a refrigerator connected to the Internet. It tells you when you are low on food and sends you pictures nightly. • What kinds of data is being collected? • Where does your data travel? • How many different organizations could see your data? © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] Thought Exercise – 2 • What are some security and privacy risks to you as a user? © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] What is IoT • Internet of Things or Smart Devices • Physical objects interacting with the outside world • Used for ease to the user, and for automation, monitoring, and data collection purposes • Thermostats, Smart plugs, TVs, ICS, Cars, Refrigerator, Kettles, Egg trays, Toys etc. © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] Offensive IoT Exploitation Current State of IoT security © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] IoT platforms • AWS IoT • ARM mbed • Ioteclipse.org • IBM Bluemix , etc. • Whatever be the platform, the vulnerabilities will be quite similar and the pentesting approach won’t change © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] IoT Landscape © Attify, Inc.| www.offensiveiotexploitation.com | [email protected]

Description:
Attify, Inc.| www.offensiveiotexploitation.com | [email protected]. IoT model (IBM) - what can be attacked? RADIO. COMMUNICATI. ON. WEB AND Case Study : Hacking a rifle .. Source : https://www.rapid7.com/docs/Hacking-IoT-A-Case-Study-on-Baby-Monitor-Exposures-and-Vulnerabilities.pdf
See more

The list of books you might like

Upgrade Premium
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.
DMCA & Copyright: Dear all, most of the website is community built, users are uploading hundred of books everyday, which makes really hard for us to identify copyrighted material, please contact us if you want any material removed.
Copyright @ PDFdrive.to, 2022 | We love our users