Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

[2.2] Hacking Internet of Things devices - Ivan Novikov

Results of IoT security research by @d0znpp

  • Identifiez-vous pour voir les commentaires

[2.2] Hacking Internet of Things devices - Ivan Novikov

  1. 1. OWASP Russia Meetup #2, 28/02/15 research Hacking Internet of Things devices Ivan Novikov (@d0znpp)
  2. 2. Internet of Things. Story #1 • Take any device • Find serial port (buttons + display) • Connect “WiFi to serial” module • Profit • What about this connecter cost? • What about this device cost?
  3. 3. Internet of Things. Story #2 • Take your exists device (wifi router) • Make /dev/something with magic • Profit • What about this device cost?
  4. 4. AP at IoT device to configure • Encryption and credentials (defaults) • Make sure that configuration interface disabled after initial setup How to connect IoT to your WiFi
  5. 5. Magic way (have a special name): • Enter your WiFi SSID and password to app • Press ENTER • Profit • How it works? How to connect IoT to your WiFi
  6. 6. SSID+password encoding to $SP Find a network with this SSID = $SP Catch broadcast packet Decode $SP to SSID and password Profit Connection magic
  7. 7. Hardcoded IP address Using as NTP service Firewalls legitimates Count devices remotely Memory corruption vulnerability in response parsing function? Backdoor stories $ strings IoT-6235571.bin | egrep '[0-9]+.[0-9]+.[0-9]+.[0-9]+' 208.67.222.222 10.10.100.254 10.10.100.100 255.255.255.0 http://10.10.100.100/ 10.10.10.3 =DHCP,0.0.0.0,0.0.0.0,0.0.0.0 61.ZZZ.YYY.XXX netname: SHANGHAI-JIAOTONG-UNIVERSITY country: CN descr: Shanghai Jiaotong University mnt-by: MAINT-CN-CHINANET-ZJ-HZ role: CHINANET-ZJ Hangzhou address: No.352 Tiyuchang Road,Hangzhou,Zhejiang.310003 country: CN person: Zhihao Zhou nic-hdl: ZZ1073-AP
  8. 8. 5/5 devices hacked (3 vendors) 3/5 backdoors found (2 vendors) 0/5 physical damage through IoT device Our stats
  9. 9. Taxonomy Methodology Check lists New OWASP chapter? Most important
  10. 10. External from Internet (CSRF+) WiFi guest (server-side) Neighbor (WiFi w/o password) Vendor (backdoors) Retailer (firmware modifications after manufacturing) Attackers
  11. 11. https://www.owasp.org/index.php/IoT_Security _Checklist Criteria
  12. 12. The end Contacts: @wallarm, @d0znpp research

×