YoVDO

Owning the Smart Home with Logitech Harmony Hub

Offered By: Security BSides San Francisco via YouTube

Tags

Security BSides Courses Python Courses Reverse Engineering Courses Command Injection Courses Firmware Analysis Courses Smart Home Security Courses

Course Description

Overview

Explore the process of reverse engineering Logitech's Harmony smart home hub in this 18-minute conference talk from BSidesSF 2019. Dive into vulnerability hunting techniques from a blackbox perspective, learn about the discovered vulnerabilities, and understand their post-exploitation implications. Follow along as the speaker outlines the smart home ecosystem, Python usage, network services analysis, firmware examination, and file system exploration. Gain insights into vulnerability overview, device interaction methods, command injection risks, and origin validation issues. Discover the potential commands an attacker could execute and witness a proof of concept demonstration. Whether you're a security professional or a smart home enthusiast, this talk offers valuable knowledge on the security landscape of popular smart home devices.

Syllabus

Introduction
Who am I
Logitech Harmony Hub
The Smart Home
Python
Network Services
Firmware
Vulnerability
File System
Vulnerability Overview
Device Interaction
Command Injection
Origin Validation
Commands
What can you do
Proof of concept


Taught by

Security BSides San Francisco

Related Courses

Useful Primitives and Cryptography in the Ads Ecosystem
TheIACR via YouTube Towards a Natural Perspective of Smart Homes for Practical Security and Safety Analyses
IEEE via YouTube Discovering and Understanding the Security Hazards in the Interactions between IoT Devices, Mobile Apps, and Clouds on Smart Home Platforms
USENIX via YouTube Understanding and Improving Security and Privacy in Multi-User Smart Homes - A Design Exploration and In-Home User Study
USENIX via YouTube Delay Wreaks Havoc on Your Smart Home - Delay-based Automation Interference Attacks
IEEE via YouTube