Hacking Video Conferencing Systems

Hacking Video Conferencing Systems

Black Hat via YouTube Direct link

System Architecture

18 of 37

18 of 37

System Architecture

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Hacking Video Conferencing Systems

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Agenda
  3. 3 Background
  4. 4 Revenue Market Share
  5. 5 Polycom HDX Systems
  6. 6 Attack Surface
  7. 7 Firmware Analysis
  8. 8 PUP File Structure
  9. 9 PUP Header
  10. 10 Header HMAC
  11. 11 Public Key DSA Signature
  12. 12 HDX Boot Modes
  13. 13 Enabling Development Mode
  14. 14 Polycom Command Shell
  15. 15 Device Rooting - Method #2
  16. 16 Problems with previous Methods
  17. 17 Device Rooting - Method #3
  18. 18 System Architecture
  19. 19 Filesystem
  20. 20 Configuration Files
  21. 21 Main Processes
  22. 22 AppMain Java Process
  23. 23 Polycom AVC
  24. 24 Remote Debugging
  25. 25 Watchdog Daemon
  26. 26 Ready for Bug Hunting...
  27. 27 H.323 Protocol
  28. 28 H.323 Signaling Protocols
  29. 29 Call Initiation
  30. 30 Call Detail Records
  31. 31 Vulnerabilities
  32. 32 SQL Injection Exploit Challenges
  33. 33 Vulnerability #2
  34. 34 Exploiting the Format String Bug
  35. 35 Post Exploitation
  36. 36 Polycom XCOM IPC
  37. 37 Polycom Disclosure Process

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.