SlideShare une entreprise Scribd logo

Hardware hacking and internet of things

Télécharger en tant que PPTX, PDF
G
GeekNightHyderabad

--> What is Hardware Hacking ? --> How and Where to get started ? --> What is Best Arduino or Rasberry Pie ? --> Make a Simple Project with Arduino. --> Programming With Arduino IDE. --> Intro to Building The Internet of Things. --> Creating an IOT Solution. Now Let's Take an Update of Computer Security: --> Getting Aware of HID Attacks and Defence Against It. Finally we will have Good Understanding of How Hardware Works with Programming.

Technologie
1  sur  45
Intro to Hardware Hacking and Internet of Things By Mohsin khan
Mohsin khan RESEARCHER HARDWARE HACKER PENETRATION TESTER ETHICAL HACKING AND CTF TRAINER Researcher @RATTLEMINDS Speaker @nullhyd MUHSIN.GAP@GMAIL.COM
▶ Started in my Lab by Fixing Windows and Touching some Hardware. ▶ Later Got Bored from the Loop(First Step Towards Open Source). ▶ Inspired by Defcon (That’s my first Eureka Moment). ▶ Playing God Access in Terminal (Broke my windows few thousand times). ▶ Journey in Hacking was Pure Curiosity to explore and try making changes in I/O’s. ▶ Created Hardware Platform for Penetration Test in Real Scenarios. ▶ Interested in Red Teaming and Custom Attacks. ▶ Researcher and Pentester at “RATTLE MIND”. ▶ Security Researcher, Hardware Hacker and CTF Trainer At Rattlemind. About me
Thanks for the Support ▶ Global Justice World (Int Org) ▶ Nefamz LLC (Washington Dc) ▶ GeekNight
Agenda ▶ What is Hardware Hacking ? ▶ Getting Started with Hardware. ▶ Track to Hardware Hacking and Iot. ▶ Arduino , Node Mcu and How to start with it ? ▶ What is Iot ? Hands on Iot ? ▶ Create a project with Arduino. ▶ Fun with Node Mcu Ex : Control Led with Phone. ▶ Questions
Topics Covered ▶ Getting Started Hardware Hacking. ▶ What is Arduino and How to get Started. ▶ Led Blink Project and Adding Sensors. ▶ Internet of Things. ▶ Esp8266 and Node MCU. ▶ Home Automation . ▶ Hid Attacks and Defence. ▶ Conclusion
The Hard Way
The Hard Way is
The Hard Way The Hardware isn't
What is Hardware Hacking ? For More : https://www.sparkfun.com/news/1314
Track to Hardware Hacking
Getting hands Dirty Start from Fun Projects ? Arduino , Teensy or Rasberry Pie Links to get Started : https://samy.pl/ https://hackaday.com https://www.arduino.cc https://www.hackster.io/arduino/projects http://www.tech-tweaks.com/methods-hardware- hacking/
Arduino Teensy Rasberry Pie
Arduino Pro Micro Teensy Rasberry Pie Learning Curve Beginner Friendly Not For Beginners More Advance Hid Yes Yes Yes Integrated Development Environment Arduino Ide Teensyduino Scartch,Idle, Anything with Linux support Documentation Great Not Great Good Operating System None None Linux Distribution Community Support Great Good Good
Rasberry Pie
Teensy
Arduino for Being Friendly
Getting Started Track to Hardware Hacking.
What is Arduino? ▶ Arduino is an open-source electronics platform. ▶ Easy-to-use Hardware and software ▶ To do so you use the Arduino programming language. Why Arduino? ▶ The Arduino software is easy-to-use for beginners, yet flexible enough for advanced users ▶ Inexpensive cost less than Rs.3500. ▶ Cross-platform ▶ Simple, clear programming environment (The language can be expanded through C++ libraries). ▶ Open source and extensible software (circuit designers can make their own version of the module). How do I use Arduino? ▶ https://www.arduino.cc/en/Guide/HomePage ▶ https://www.hackster.io/arduino/projects
Project Demo
Project Demo
Adding Bluetooth
Pir Sensor Alarm
Shrink your Project
Hands On IOT (internet of things)
Internet Of Things (iot) Track to Hardware Hacking.
Esp8266
Arduino Bluetooth
Control LED’s
Node Mcu
Computer Security
Stuxnet was USB Attack
What is Hid Attack or Bad USB? Features: ▶ Contains Malicious Files. ▶ USB Hid Payload (Acts Like Keyboard). ▶ Detection (not so far). ▶ Faster than any Human Hand. ▶ Could take advantage of Driver which is vulnerable to zero day. ▶ Persistent.
Custom Hardware Attacks
Defence
Hardware Hacking Workshop Facebook.com/rattlemindofficial | @rattleminds |muhsin.gap@gmail.com
Questions ? More : Facebook.com/rattlemindofficial | @rattleminds | muhsin.gap@gmail.com

Recommandé

Hacking with Remote Admin Tools (RAT)
Hacking with Remote Admin Tools (RAT) Hacking with Remote Admin Tools (RAT)
Hacking with Remote Admin Tools (RAT)
Zoltan Balazs
 
Playing with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritzPlaying with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritz
Deepanshu Gajbhiye
 
Hacku Intro 2009
Hacku Intro 2009Hacku Intro 2009
Hacku Intro 2009
Paul Tarjan
 
Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)
Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)
Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)
Vale Security Conference
 
Open hack 2011-hardware-hacks
Open hack 2011-hardware-hacksOpen hack 2011-hardware-hacks
Open hack 2011-hardware-hacks
Sudar Muthu
 
Arduino
ArduinoArduino
Arduino
Ankit Sharma
 
Io t slides_iotvillage
Io t slides_iotvillageIo t slides_iotvillage
Io t slides_iotvillage
agmoneyy
 
Hacking - high school intro
Hacking - high school introHacking - high school intro
Hacking - high school intro
Peter Hlavaty
 

Recommandé

Hacking with Remote Admin Tools (RAT)
Hacking with Remote Admin Tools (RAT) Hacking with Remote Admin Tools (RAT)
Hacking with Remote Admin Tools (RAT)
Zoltan Balazs
 
Playing with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritzPlaying with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritz
Deepanshu Gajbhiye
 
Hacku Intro 2009
Hacku Intro 2009Hacku Intro 2009
Hacku Intro 2009
Paul Tarjan
 
Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)
Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)
Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)
Vale Security Conference
 
Open hack 2011-hardware-hacks
Open hack 2011-hardware-hacksOpen hack 2011-hardware-hacks
Open hack 2011-hardware-hacks
Sudar Muthu
 
Arduino
ArduinoArduino
Arduino
Ankit Sharma
 
Io t slides_iotvillage
Io t slides_iotvillageIo t slides_iotvillage
Io t slides_iotvillage
agmoneyy
 
Hacking - high school intro
Hacking - high school introHacking - high school intro
Hacking - high school intro
Peter Hlavaty
 
Offensive Security basics part 1
Offensive Security basics part 1Offensive Security basics part 1
Offensive Security basics part 1
wharpreet
 
Taking the hard out of hardware
Taking the hard out of hardwareTaking the hard out of hardware
Taking the hard out of hardware
Ronald McCollam
 
What is being exposed from IoT Devices
What is being exposed from IoT DevicesWhat is being exposed from IoT Devices
What is being exposed from IoT Devices
The Security of Things Forum
 
Get started with hacking
Get started with hackingGet started with hacking
Get started with hacking
Ham'zzah Mir-zza
 
Welcome to Python
Welcome to PythonWelcome to Python
Welcome to Python
Elena Williams
 
Super1
Super1Super1
Super1
neelakanteswarreddy
 
Presentation on Ethical Hacking ppt
Presentation on Ethical Hacking pptPresentation on Ethical Hacking ppt
Presentation on Ethical Hacking ppt
Shravan Sanidhya
 
Open source software for startups
Open source software for startupsOpen source software for startups
Open source software for startups
victorneo
 
Teensy Programming for Everyone
Teensy Programming for EveryoneTeensy Programming for Everyone
Teensy Programming for Everyone
Nikhil Mittal
 
Evangelizing Your Thing (Extended Edition)
Evangelizing Your Thing (Extended Edition)Evangelizing Your Thing (Extended Edition)
Evangelizing Your Thing (Extended Edition)
Rex St. John
 
Blackmagic Open Source Intelligence OSINT
Blackmagic Open Source Intelligence OSINTBlackmagic Open Source Intelligence OSINT
Blackmagic Open Source Intelligence OSINT
Sudhanshu Chauhan
 
OSINT Black Magic: Listen who whispers your name in the dark!!!
OSINT Black Magic: Listen who whispers your name in the dark!!!OSINT Black Magic: Listen who whispers your name in the dark!!!
OSINT Black Magic: Listen who whispers your name in the dark!!!
Nutan Kumar Panda
 
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdBeyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Nipun Jaswal
 
Cyber Security Workshop GDSC-BITW
Cyber Security Workshop GDSC-BITWCyber Security Workshop GDSC-BITW
Cyber Security Workshop GDSC-BITW
ChanchalHiwanj1
 
Path of Cyber Security
Path of Cyber SecurityPath of Cyber Security
Path of Cyber Security
Satria Ady Pradana
 
Path of Cyber Security
Path of Cyber SecurityPath of Cyber Security
Path of Cyber Security
Satria Ady Pradana
 
How To Become an Ethical Hacker?
How To Become an Ethical Hacker?How To Become an Ethical Hacker?
How To Become an Ethical Hacker?
Srashti Jain
 
Arduino presentation
Arduino presentationArduino presentation
Arduino presentation
Michael Senkow
 
Hakin9 05 2013
Hakin9 05 2013Hakin9 05 2013
Hakin9 05 2013
Rodrigo Gomes Pires
 
So You Want to be a Hacker?
So You Want to be a Hacker?So You Want to be a Hacker?
So You Want to be a Hacker?
Christopher Grayson
 
Testing strategies in microservices
Testing strategies in microservicesTesting strategies in microservices
Testing strategies in microservices
GeekNightHyderabad
 
Metaprogramming ruby
Metaprogramming rubyMetaprogramming ruby
Metaprogramming ruby
GeekNightHyderabad
 

Contenu connexe

Similaire à Hardware hacking and internet of things

Open source software for startups
Open source software for startupsOpen source software for startups
Open source software for startups
victorneo
 
OSINT Black Magic: Listen who whispers your name in the dark!!!
OSINT Black Magic: Listen who whispers your name in the dark!!!OSINT Black Magic: Listen who whispers your name in the dark!!!
OSINT Black Magic: Listen who whispers your name in the dark!!!
Nutan Kumar Panda
 

Similaire à Hardware hacking and internet of things (20)

Offensive Security basics part 1
Offensive Security basics part 1Offensive Security basics part 1
Offensive Security basics part 1
 
Taking the hard out of hardware
Taking the hard out of hardwareTaking the hard out of hardware
Taking the hard out of hardware
 
What is being exposed from IoT Devices
What is being exposed from IoT DevicesWhat is being exposed from IoT Devices
What is being exposed from IoT Devices
 
Get started with hacking
Get started with hackingGet started with hacking
Get started with hacking
 
Welcome to Python
Welcome to PythonWelcome to Python
Welcome to Python
 
Super1
Super1Super1
Super1
 
Presentation on Ethical Hacking ppt
Presentation on Ethical Hacking pptPresentation on Ethical Hacking ppt
Presentation on Ethical Hacking ppt
 
Open source software for startups
Open source software for startupsOpen source software for startups
Open source software for startups
 
Teensy Programming for Everyone
Teensy Programming for EveryoneTeensy Programming for Everyone
Teensy Programming for Everyone
 
Evangelizing Your Thing (Extended Edition)
Evangelizing Your Thing (Extended Edition)Evangelizing Your Thing (Extended Edition)
Evangelizing Your Thing (Extended Edition)
 
Blackmagic Open Source Intelligence OSINT
Blackmagic Open Source Intelligence OSINTBlackmagic Open Source Intelligence OSINT
Blackmagic Open Source Intelligence OSINT
 
OSINT Black Magic: Listen who whispers your name in the dark!!!
OSINT Black Magic: Listen who whispers your name in the dark!!!OSINT Black Magic: Listen who whispers your name in the dark!!!
OSINT Black Magic: Listen who whispers your name in the dark!!!
 
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdBeyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
 
Cyber Security Workshop GDSC-BITW
Cyber Security Workshop GDSC-BITWCyber Security Workshop GDSC-BITW
Cyber Security Workshop GDSC-BITW
 
Path of Cyber Security
Path of Cyber SecurityPath of Cyber Security
Path of Cyber Security
 
Path of Cyber Security
Path of Cyber SecurityPath of Cyber Security
Path of Cyber Security
 
How To Become an Ethical Hacker?
How To Become an Ethical Hacker?How To Become an Ethical Hacker?
How To Become an Ethical Hacker?
 
Arduino presentation
Arduino presentationArduino presentation
Arduino presentation
 
Hakin9 05 2013
Hakin9 05 2013Hakin9 05 2013
Hakin9 05 2013
 
So You Want to be a Hacker?
So You Want to be a Hacker?So You Want to be a Hacker?
So You Want to be a Hacker?
 

Plus de GeekNightHyderabad

Blockchain beyond bitcoin
Blockchain beyond bitcoinBlockchain beyond bitcoin
Blockchain beyond bitcoin
GeekNightHyderabad
 
Building Cloud Native Applications Using Spring Boot and Spring Cloud
Building Cloud Native Applications Using Spring Boot and Spring CloudBuilding Cloud Native Applications Using Spring Boot and Spring Cloud
Building Cloud Native Applications Using Spring Boot and Spring Cloud
GeekNightHyderabad
 
Scaling a Game Server: From 500 to 100,000 Users
Scaling a Game Server: From 500 to 100,000 UsersScaling a Game Server: From 500 to 100,000 Users
Scaling a Game Server: From 500 to 100,000 Users
GeekNightHyderabad
 

Plus de GeekNightHyderabad (20)

Testing strategies in microservices
Testing strategies in microservicesTesting strategies in microservices
Testing strategies in microservices
 
Metaprogramming ruby
Metaprogramming rubyMetaprogramming ruby
Metaprogramming ruby
 
Scaling enterprise digital platforms with kubernetes
Scaling enterprise digital platforms with kubernetesScaling enterprise digital platforms with kubernetes
Scaling enterprise digital platforms with kubernetes
 
FreedomBox & Community Wi-Fi networks
FreedomBox & Community Wi-Fi networksFreedomBox & Community Wi-Fi networks
FreedomBox & Community Wi-Fi networks
 
Rendezvous with aucovei (autonomous connected car)
Rendezvous with aucovei (autonomous connected car)Rendezvous with aucovei (autonomous connected car)
Rendezvous with aucovei (autonomous connected car)
 
Role of AI & ML in beauty care industry
Role of AI & ML in beauty care industryRole of AI & ML in beauty care industry
Role of AI & ML in beauty care industry
 
Breaking down a monolith
Breaking down a monolithBreaking down a monolith
Breaking down a monolith
 
Design lean agile_thinking presentation
Design lean agile_thinking presentationDesign lean agile_thinking presentation
Design lean agile_thinking presentation
 
Scaling pipelines
Scaling pipelinesScaling pipelines
Scaling pipelines
 
Blockchain beyond bitcoin
Blockchain beyond bitcoinBlockchain beyond bitcoin
Blockchain beyond bitcoin
 
Http/2
Http/2Http/2
Http/2
 
Spring to Cloud - REST To Microservices
Spring to Cloud - REST To MicroservicesSpring to Cloud - REST To Microservices
Spring to Cloud - REST To Microservices
 
Serverless
ServerlessServerless
Serverless
 
Building Cloud Native Applications Using Spring Boot and Spring Cloud
Building Cloud Native Applications Using Spring Boot and Spring CloudBuilding Cloud Native Applications Using Spring Boot and Spring Cloud
Building Cloud Native Applications Using Spring Boot and Spring Cloud
 
Progressive Web Applications - The Next Gen Web Technologies
Progressive Web Applications - The Next Gen Web TechnologiesProgressive Web Applications - The Next Gen Web Technologies
Progressive Web Applications - The Next Gen Web Technologies
 
Scaling a Game Server: From 500 to 100,000 Users
Scaling a Game Server: From 500 to 100,000 UsersScaling a Game Server: From 500 to 100,000 Users
Scaling a Game Server: From 500 to 100,000 Users
 
Big Data - Need of Converged Data Platform
Big Data - Need of Converged Data PlatformBig Data - Need of Converged Data Platform
Big Data - Need of Converged Data Platform
 
Building a Data Lake - An App Dev's Perspective
Building a Data Lake - An App Dev's PerspectiveBuilding a Data Lake - An App Dev's Perspective
Building a Data Lake - An App Dev's Perspective
 
Understanding the Intelligent Cloud
Understanding the Intelligent CloudUnderstanding the Intelligent Cloud
Understanding the Intelligent Cloud
 
GeekNight 22.0 Multi-paradigm programming in Scala and Akka
GeekNight 22.0 Multi-paradigm programming in Scala and AkkaGeekNight 22.0 Multi-paradigm programming in Scala and Akka
GeekNight 22.0 Multi-paradigm programming in Scala and Akka
 

Dernier

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 

Dernier (20)

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 

Hardware hacking and internet of things

  • 1. Intro to Hardware Hacking and Internet of Things By Mohsin khan
  • 2. Mohsin khan RESEARCHER HARDWARE HACKER PENETRATION TESTER ETHICAL HACKING AND CTF TRAINER Researcher @RATTLEMINDS Speaker @nullhyd MUHSIN.GAP@GMAIL.COM
  • 3. ▶ Started in my Lab by Fixing Windows and Touching some Hardware. ▶ Later Got Bored from the Loop(First Step Towards Open Source). ▶ Inspired by Defcon (That’s my first Eureka Moment). ▶ Playing God Access in Terminal (Broke my windows few thousand times). ▶ Journey in Hacking was Pure Curiosity to explore and try making changes in I/O’s. ▶ Created Hardware Platform for Penetration Test in Real Scenarios. ▶ Interested in Red Teaming and Custom Attacks. ▶ Researcher and Pentester at “RATTLE MIND”. ▶ Security Researcher, Hardware Hacker and CTF Trainer At Rattlemind. About me
  • 4. Thanks for the Support ▶ Global Justice World (Int Org) ▶ Nefamz LLC (Washington Dc) ▶ GeekNight
  • 5. Agenda ▶ What is Hardware Hacking ? ▶ Getting Started with Hardware. ▶ Track to Hardware Hacking and Iot. ▶ Arduino , Node Mcu and How to start with it ? ▶ What is Iot ? Hands on Iot ? ▶ Create a project with Arduino. ▶ Fun with Node Mcu Ex : Control Led with Phone. ▶ Questions
  • 6. Topics Covered ▶ Getting Started Hardware Hacking. ▶ What is Arduino and How to get Started. ▶ Led Blink Project and Adding Sensors. ▶ Internet of Things. ▶ Esp8266 and Node MCU. ▶ Home Automation . ▶ Hid Attacks and Defence. ▶ Conclusion
  • 9. The Hard Way The Hardware isn't
  • 10. What is Hardware Hacking ? For More : https://www.sparkfun.com/news/1314
  • 11. Track to Hardware Hacking
  • 12. Getting hands Dirty Start from Fun Projects ? Arduino , Teensy or Rasberry Pie Links to get Started : https://samy.pl/ https://hackaday.com https://www.arduino.cc https://www.hackster.io/arduino/projects http://www.tech-tweaks.com/methods-hardware- hacking/
  • 14. Arduino Pro Micro Teensy Rasberry Pie Learning Curve Beginner Friendly Not For Beginners More Advance Hid Yes Yes Yes Integrated Development Environment Arduino Ide Teensyduino Scartch,Idle, Anything with Linux support Documentation Great Not Great Good Operating System None None Linux Distribution Community Support Great Good Good
  • 17. Arduino for Being Friendly
  • 18. Getting Started Track to Hardware Hacking.
  • 19. What is Arduino? ▶ Arduino is an open-source electronics platform. ▶ Easy-to-use Hardware and software ▶ To do so you use the Arduino programming language. Why Arduino? ▶ The Arduino software is easy-to-use for beginners, yet flexible enough for advanced users ▶ Inexpensive cost less than Rs.3500. ▶ Cross-platform ▶ Simple, clear programming environment (The language can be expanded through C++ libraries). ▶ Open source and extensible software (circuit designers can make their own version of the module). How do I use Arduino? ▶ https://www.arduino.cc/en/Guide/HomePage ▶ https://www.hackster.io/arduino/projects
  • 25.
  • 27. Internet Of Things (iot) Track to Hardware Hacking.
  • 28.
  • 33.
  • 34.
  • 36. Stuxnet was USB Attack
  • 37.
  • 38. What is Hid Attack or Bad USB? Features: ▶ Contains Malicious Files. ▶ USB Hid Payload (Acts Like Keyboard). ▶ Detection (not so far). ▶ Faster than any Human Hand. ▶ Could take advantage of Driver which is vulnerable to zero day. ▶ Persistent.
  • 41.
  • 42.
  • 43.
  • 44. Hardware Hacking Workshop Facebook.com/rattlemindofficial | @rattleminds |muhsin.gap@gmail.com
  • 45. Questions ? More : Facebook.com/rattlemindofficial | @rattleminds | muhsin.gap@gmail.com

Notes de l'éditeur

  1. We think how to break and secure
  2. Im glad we are r all here to be part of this great community null hyd , lets start
  3. Security thing always teases me think … “What If “ !!!
  4. Mr robot for giving challenges
  5. We have seen mr robot and modern day attacks with hardware also read teaming is using it … so what is Hid
  6. We have seen mr robot and modern day attacks with hardware also read teaming is using it … so what is Hid
  7. We Will use pro micro , which family member of Arduino.
  8. We Will use pro micro , which family member of Arduino.
  9. We Will use pro micro , which family member of Arduino.
  10. Hacking Usb circuit for more
  11. What are the tools needed
  12. Think of these… I started with Arduino, it works for everyone
  13. We Will see Arduino ! “ask audience , could this be our Hid “
  14. We Will see Arduino ! “ask audience , could this be our Hid “….community Support is based on projects people have published.
  15. Rasberry pie for steel mountain hack
  16. Teensy USB Development Board. Technically more advance than arduino ,
  17. We Will see Arduino !
  18. Project in Arduino something looks like this.
  19. It is a free platform
  20. Blinking LED
  21. Make Some Noise
  22. we will make this
  23. First try bigger , than make it smaller.
  24. Think of these… I started with Arduino, it works for everyone
  25. Project in Arduino something looks like this.
  26. Project in Arduino something looks like this.
  27. Project in Arduino something looks like this.
  28. Project in Arduino something looks like this.
  29. https://www.teachmemicro.com/intro-nodemcu-arduino/
  30. Stuxnet is zero day attack…If a worker stuck a USB thumb drive into an infected machine, Stuxnet could, well, worm its way onto it, then spread onto the next machine Risk is Real ?
  31. Stuxnet is zero day attack…If a worker stuck a USB thumb drive into an infected machine, Stuxnet could, well, worm its way onto it, then spread onto the next machine Risk is Real ?
  32. “Pentesters this is for you” May I know which is tool is your favorite. It is actually hid device
  33. By adding modules doing more things
  34. usb firewall http://www.zdnet.com/article/how-to-use-linuxs-built-in-usb-attack-protection/
  35. usb firewall http://www.zdnet.com/article/how-to-use-linuxs-built-in-usb-attack-protection/
  36. Monthly we do workshop , join us at
  37. “Pentesters this is for you” May I know which is tool is your favorite.