Owning the Smart Home with Logitech Harmony Hub

Explore the process of reverse engineering Logitech's Harmony smart home hub in this 18-minute conference talk from BSidesSF 2019. Dive into vulnerability hunting techniques from a blackbox perspective, learn about the discovered vulnerabilities, and understand their post-exploitation implications. Follow along as the speaker outlines the smart home ecosystem, Python usage, network services analysis, firmware examination, and file system exploration. Gain insights into vulnerability overview, device interaction methods, command injection risks, and origin validation issues. Discover the potential commands an attacker could execute and witness a proof of concept demonstration. Whether you're a security professional or a smart home enthusiast, this talk offers valuable knowledge on the security landscape of popular smart home devices.