Overview
Explore innovative hacking techniques using light and sound in this BruCON Security Conference talk. Discover how to leverage off-the-shelf hardware for C2 channels, exfiltration, and surveillance, bypassing traditional security protections. Learn about light-based and near-ultrasonic sound attacks, disabling motion detectors, laser microphones, and even catapulting drones. Gain insights into real-world case studies, advantages and disadvantages of these methods, and potential future developments. Understand how these techniques work and their practical applications in penetration testing. Explore mitigation strategies for defenders to counter these novel attack vectors. Dive into topics such as ambient light sensors, air gap breaches, infrared signal manipulation, and delayed auditory feedback. Conclude with a summary of pros and cons, mitigations, and future research directions in this cutting-edge area of cybersecurity.
Syllabus
Introduction
Outline
Disclaimers
Lifefire
Air Gaps
Previous research
Ambient light sensors
Could an attack a crate malware
Proof of concept
Exfiltration
Example
Dreddphone
Demo
Spectrogram
Mitigation
Laser microphones
Sniffing infrared signals
Playing back infrared signals
Infrared motion detectors
Phone to Doorbell
Active Infrared Motion Detector
Delayed Auditory Feedback
Delayed Sidetone
Gilmore Gilmore
Upshot
Astro Drones
Autonomous Vehicles
Drone repellant
Summary
Pros Cons
Mitigations
Future research
References
Taught by
BruCON Security Conference