ebook img

Arun Magesh(@marunmagesh) PDF

150 Pages·2017·12.37 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Arun Magesh(@marunmagesh)

IoT HACKING - 101 Arun Magesh(@marunmagesh) Mounish Periasamy © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] Goal of the course • Learn more about IoT security and internals • Understand tools and techniques to exploit IoT devices • Get skills to perform • Embedded reverse engineering • Firmware and binary analysis • Conventional attack vectors • Comprise of both demos + hands-on exercise © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] Working in groups • We will be mostly working in groups for most of the lab exercises • Get to know your partner well • Highly encouraged to exchange ideas during class and come up with a solution for challenges © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] What are we going to cover • Understanding IoT devices from a pentester perspective • Firmware reverse engineering • Firmware based exploitation • Hacking a Smart switch • Few Demos (if we have time) © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] Thought Exercise Imagine you have a refrigerator connected to the Internet. It tells you when you are low on food and sends you pictures nightly. • What kinds of data is being collected? • Where does your data travel? • How many different organizations could see your data? © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] Thought Exercise – 2 • What are some security and privacy risks to you as a user? © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] What is IoT • Internet of Things or Smart Devices • Physical objects interacting with the outside world • Used for ease to the user, and for automation, monitoring, and data collection purposes • Thermostats, Smart plugs, TVs, ICS, Cars, Refrigerator, Kettles, Egg trays, Toys etc. © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] Offensive IoT Exploitation Current State of IoT security © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] IoT platforms • AWS IoT • ARM mbed • Ioteclipse.org • IBM Bluemix , etc. • Whatever be the platform, the vulnerabilities will be quite similar and the pentesting approach won’t change © Attify, Inc.| www.offensiveiotexploitation.com | [email protected] IoT Landscape © Attify, Inc.| www.offensiveiotexploitation.com | [email protected]

Description:
Attify, Inc.| www.offensiveiotexploitation.com | [email protected]. IoT model (IBM) - what can be attacked? RADIO. COMMUNICATI. ON. WEB AND Case Study : Hacking a rifle .. Source : https://www.rapid7.com/docs/Hacking-IoT-A-Case-Study-on-Baby-Monitor-Exposures-and-Vulnerabilities.pdf
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.