Explore the HRES (Hardware Reverse Engineering Security) process in this 48-minute conference talk from Derbycon 7 (2017). Delve into embedded device security, network pin tests, and hardware security research, including a case study on a Bluetooth-controlled toilet. Learn about pre-engagement interactions, exploitation techniques, and post-exploit activities. Discover the tools and methods used in firmware analysis, including FCC and USPTO searches, logic analyzers, and UART interfaces. Gain insights into firmware review, memory manipulation, and SSL enablement. Understand the importance of lateral movement, reporting, and adherence to HRES standards in hardware security assessments.
Overview
Syllabus
Introduction
Tim Wright
Agenda
Embedded Device Security
Network Pin Tests
Hardware Security Research
Bluetooth Controlled Toilet
BlackEnergy
Safety
Preengagement interactions
Carver
Exploit
Post Exploit
Testing Report
Whats in the box
Getting the firmware
Targets
Tools
Box
Cable modem
Header
FCC Search
USPTO Search
Flash Chip
datasheet
intelligence gathering
logic analyzer
UART
Firmware
Firmware Review
P Menu
Read Write to Memory
Enable SSL
Lateral Movement
Report Time
Report Out
Report Detail
Wrapup
HRES Standard Org
