YoVDO

From Printed Circuit Boards to Exploits: Pwning IoT Devices Like a Boss - Damien Cauquil - Hack in Paris - 2018

Offered By: Hack in Paris via YouTube

Tags

Hack in Paris Courses Microcontrollers Courses Reverse Engineering Courses Exploit Development Courses Mobile Application Security Courses Bluetooth Low Energy Courses

Course Description

Overview

Explore hardware hacking techniques and methodologies in this comprehensive conference talk from Hack in Paris. Dive into the world of IoT device exploitation, focusing on a Bluetooth Low Energy smartlock as a case study. Learn about printed circuit board analysis, firmware extraction, reverse engineering of microcontrollers and System-on-Chip devices, and mobile application vulnerabilities. Gain insights into essential electronics knowledge, tools, and protocols used in hardware hacking. Follow the step-by-step process of analyzing an IoT device, from initial PCB inspection to developing a fully functional exploit. Discover tips and tricks based on real-world experiences, including both successes and failures. Cover topics such as digital security, data extraction and analysis, wireless communications, debugging techniques, and architecture identification. Understand the importance of starting from the bottom up and utilizing tools like the Epson D600 scanner for effective hardware hacking.

Syllabus

Intro
What this talk is not about
What this talk is about
Existing methodologies
Digital security
Data Extraction
Data Analysis
Wireless Communications
Analogies
Smart Dog
Marvel Soft
Tools
Smart lock
A single tip
Global analysis
PCB design
Connectors
Components
Schematics
Schematic example
Data sheets
Final result
Debug mode
Modulation
Firmware
Debugging
Extracting firmware
OTA
Xcode
Search for strings
Spare data
Outofband data disparity
Target architecture
What architecture is
OS and file system
Linux
Soft device
Get SDK version
Drop binaries
Disassemble
Getting the code
Disassembling the code
Automation
Software
Github
Mobile applications
Details about everything
How do we perform this
Hardware needed
How it works
Mobile application
Lowhanging fruit
Analysis
Security issues
Replay attack
Exploit
Solution
The exploit
The more interesting thing
Reverse engineering
Conclusion
Pro tips
Start from the bottom
Epson D600 scanner
Conclusions
Questions


Taught by

Hack in Paris

Related Courses

Comprendre les Microcontroleurs
École Polytechnique Fédérale de Lausanne via Coursera Electronic Interfaces: Bridging the Physical and Digital Worlds
University of California, Berkeley via edX Arduino y algunas aplicaciones
Universidad Nacional Autónoma de México via Coursera Embedded Systems Design
Indian Institute of Technology, Kharagpur via Swayam Enseignes et afficheurs à LED
École Polytechnique Fédérale de Lausanne via Coursera