Explore advanced techniques for finding and exploiting vulnerabilities in IoT devices in this 30-minute conference talk from the Hack In The Box Security Conference. Delve into in-depth research and forensic approaches for retrieving data, account information, and configurations from routers, IP cameras, and Smart TVs. Learn about physical hacking methods for Linksys and Dlink routers, including privilege escalation and firmware access. Discover how to conduct your own hardware hacking using JTAG/ISP and Chip-off techniques with affordable equipment. Gain insights from Kelvin Wong, an independent researcher and recognized expert in cyber forensics, as he shares his extensive experience and knowledge in investigating cybercrime and providing expert testimony in court.
How to Find and Exploit Bugs in IoT Devices - Kelvin Wong
Hack In The Box Security Conference via YouTube
Overview
Syllabus
SPEAKER BIO
Speaker@
Publications
Attack Vector on loT
Protocol / Software based
Cherry Blossom - Page 124, Para 13
Hardware based method?
Test Access Port (TAP)
Linksys Router JTAG pins
UART pins
OpenOCD
Kill the watchdog and halt system
Print the kernel address value
Magic Header of Kernel Section
Whole FLASH sturture
ISP - In System Circuit Programming
Amazon Alexa
Google Home Mini
Chip-off Village by VXRL
Taught by
Hack In The Box Security Conference
