Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Hacking an Internet Enabled Lagomorph

44CON Information Security Conference via YouTube

Overview

Explore the intricacies of hacking an internet-enabled rabbit-like device in this 40-minute conference talk from the 44CON Information Security Conference. Delve into ARM exploitation techniques, including reverse engineering, cross-compiling, protocol analysis, and exploit development. Follow the speaker's journey through authentication bypass, jump table corruptions, and heap overflows, leading to unauthenticated ear wiggling exploits and remote code execution vulnerabilities. Learn about the processes and procedures used to identify and exploit vulnerabilities in the Karotz "smart companion," covering topics such as firmware analysis, off-target vulnerability research, debugging tools, Google Protocol Buffers, and authentication mechanisms. Gain insights into the ethical implications and practical applications of IoT device security research.

Syllabus

Introduction
Disclaimer
Introducing Carrot
Downloading Firmware
OffTarget Vulnerability Research
Heap Memory
Dan Crowley
Python Module Hijacking
Debugging Tools
Removing ThirdParty Servers
Google Protocol Buffers
Reverse Protocol Buffers
Moving the Third Party Server
Debugging
Authentication
Demo
Why was that important
What was the functionality
Player remote file overwrite
Limitations
Results
What can you do
Conclusion

Taught by

44CON Information Security Conference

Reviews

Start your review of Hacking an Internet Enabled Lagomorph

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.