IOT EXPLOITATION / RT430

FIVE   |   SEVEN   |   90%   |   40

          SCENARIOS                    LABS                        HANDS-ON           DURATION

IoT or the Internet of Things is one of the most upcoming trends. However, within the growth of many new devices coming up every few months, not much attention has been paid to its security until now. The course will be based on both theoretical and practical use of vulnerabilities in IoT devices, IoT devices architecture, identifying attack surfaces, and exploiting IoT vulnerabilities.

LAB 01

Mapping the Internet

LAB 02

Firmware Analysis

LAB 03

Single Emulations

LAB 04

Firmware Emulation

LAB 05

IoT Backdoors

LAB 06

Web Application Vulnerabilities

LAB 07

RouterSploit

Scenario: IOT001

Amazon’s video doorbell is in the news, due to hackers exploiting a bug in the device’s OS that allows hackers to discover your WiFi password. As the news about the bug went public, a mass panic occurred in the USA due to people fearing for their privacy. The R&D manager has issued a special team to replay the hacker’s steps and find the source of the bug.  

photo_2020-04-04_01-10-49.jpg

Scenario: IOT002

Phillips smart lightbulb has recently received a software update that included a patch to the implemented ZigBee communication protocol. Due to programming malpractice and code errors, the smart light bulb can be turned to a malware downloader and infect all devices on the network. As an IoT security specialist in Phillips, you need to disclose the vulnerability and find the solution.

photo_2020-03-23_22-24-51.jpg

Scenario: IOT003

An Indian hacker group has used the popular search engine Shodan, to install a specific strain of bot on vulnerable CCTV cameras around the state. That was used on a recent attack on a local e-commerce website to bring it down. The site owners have contacted the police to investigate the matter. Your commander has given you the mission to research the exploit on the CCTV cameras.

Annotation 2020-05-22 072722.jpg

Scenario: IOT004

Due to recent research on Drone hacking discovered, the security researcher computer was hacked, and the POC document was stolen. The United States federal aviation branch believes the stolen information was used to create the massive airport flight lane disruption that happened in Chicago, in which 20 hacked drones hovered over the flight runway and caused a delay of two hours in flights.

Annotation 2020-05-22 072841.jpg

Scenario: IOT005

Twenty flaws were found by security researchers in Samsung's SmartThings Hub controller that expose smart home devices to an attack. The vulnerability can give the hacker access to home cameras, preform alarming functions, and monitor the user's home. You have been assigned to investigate the weakness in the HTTP server of the hub.

photo_2018-07-26_22-26-45.jpg

© 2020 by ThinkCyber

THE 2020

CYBERIUM