Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
"Hacking Internet of Things devices", Ivan Novikov
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
OWASP Moscow
December 04, 2017
Technology
160
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
"Hacking Internet of Things devices", Ivan Novikov
OWASP Russia Meetup #2
OWASP Moscow
December 04, 2017
More Decks by OWASP Moscow
See All by OWASP Moscow
"Evolution of Application Security Programs through OWASP SAMM 2.0", Yan Kravchenko
owaspmoscow
0
630
«Проекты OWASP: SAMM выпуск 2», Тарас Иващенко, OZON
owaspmoscow
0
740
«Типичные ошибки реализации SMS-аутентификации», Ramazan (r0hack), DETEACT
owaspmoscow
0
1k
«Dev, Sec, Oops: How Agile Security increases Attack Surface», Денис Макрушин
owaspmoscow
0
730
«From captcha to RCE. Сложности реализации механизма CAPTCHA в изолированных системах», Виталий Малкин
owaspmoscow
0
600
«OWASP Сheat Sheet Series. Microservices-based security architecture documentation», Александр Барабанов
owaspmoscow
0
650
«Проекты OWASP: следим за безопасностью 3rd-party-компонент с помощью Dependency Track», Тарас Иващенко, OZON.
owaspmoscow
0
660
«Будущее без паролей: про FIDO2/WebAuthN и не только», Сергей Белов, Mail.Ru Group.
owaspmoscow
0
610
«CTFZone, или как перестать ресёрчить и полюбить CTF», Никита Вдовушкин, BI.ZONE.
owaspmoscow
1
590
Other Decks in Technology
See All in Technology
Agile and AI Redmine Japan 2026
hiranabe
3
330
2026TECHFRESH畢業分享會 - AI 時代的人生存檔點
line_developers_tw
PRO
0
1.3k
MUSUBI 田中裕一『AIと共に行う「しごとのリデザイン」- スモールバックオフィス編』AI Ops Lab #4
musubi
0
280
自宅LLMの話
jacopen
1
670
iOS アプリの「これって不具合ですか?」を AI に調べてもらう
miichan
0
110
新しいUbuntu/GNOMEが使いたいからXからWaylandへ移行頑張ってるの巻 2026-06-20
nobutomurata
0
150
クラウドファンディング版StackChan 3体(4体)をインタラクティブな体験型作品にして展示もした話 / スタックチャンお誕生日会2026
you
PRO
0
100
アジャイルな経理と Claude Code と 経営の未来
kawaguti
PRO
3
170
マルチアカウント環境での コーディングエージェントを使った障害調査が大変なので AIエージェントにReadOnly権限を付与してみた / ReadOnly AI Agents for Multi-Account AWS Incident Response
yamaguchitk333
2
110
PostgreSQL 19 新機能概要 OSC Hokkaido 2026
nori_shinoda
0
180
AWS Security Hub CSPMの成功・失敗体験
cmusudakeisuke
0
290
SONiCのLinuxベースを活かしたZabbix監視
sonic
0
230
Featured
See All Featured
The Illustrated Guide to Node.js - THAT Conference 2024
reverentgeek
1
390
Java REST API Framework Comparison - PWX 2021
mraible
34
9.4k
Mobile First: as difficult as doing things right
swwweet
225
10k
Building a Scalable Design System with Sketch
lauravandoore
463
34k
Intergalactic Javascript Robots from Outer Space
tanoku
273
27k
Avoiding the “Bad Training, Faster” Trap in the Age of AI
tmiket
0
180
Exploring the relationship between traditional SERPs and Gen AI search
raygrieselhuber
PRO
2
4k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
AI in Enterprises - Java and Open Source to the Rescue
ivargrimstad
0
1.3k
Introduction to Domain-Driven Design and Collaborative software design
baasie
1
850
Ruling the World: When Life Gets Gamed
codingconduct
0
260
How People are Using Generative and Agentic AI to Supercharge Their Products, Projects, Services and Value Streams Today
helenjbeal
1
220
Transcript
OWASP Russia Meetup #2, 28/02/15 research Hacking Internet of Things
devices Ivan Novikov (@d0znpp)
Internet of Things. Story #1 • Take any device •
Find serial port (buttons + display) • Connect “WiFi to serial” module • Profit • What about this connecter cost? • What about this device cost?
Internet of Things. Story #2 • Take your exists device
(wifi router) • Make /dev/something with magic • Profit • What about this device cost?
AP at IoT device to configure • Encryption and credentials
(defaults) • Make sure that configuration interface disabled after initial setup How to connect IoT to your WiFi
Magic way (have a special name): • Enter your WiFi
SSID and password to app • Press ENTER • Profit • How it works? How to connect IoT to your WiFi
SSID+password encoding to $SP Find a network with this SSID
= $SP Catch broadcast packet Decode $SP to SSID and password Profit Connection magic
None
Hardcoded IP address Using as NTP service Firewalls legitimates Count
devices remotely Memory corruption vulnerability in response parsing function? Backdoor stories $ strings IoT-6235571.bin | egrep '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' 208.67.222.222 10.10.100.254 10.10.100.100 255.255.255.0 http://10.10.100.100/ 10.10.10.3 =DHCP,0.0.0.0,0.0.0.0,0.0.0.0 61.ZZZ.YYY.XXX netname: SHANGHAI-JIAOTONG-UNIVERSITY country: CN descr: Shanghai Jiaotong University mnt-by: MAINT-CN-CHINANET-ZJ-HZ role: CHINANET-ZJ Hangzhou address: No.352 Tiyuchang Road,Hangzhou,Zhejiang.310003 country: CN person: Zhihao Zhou nic-hdl: ZZ1073-AP
None
None
None
5/5 devices hacked (3 vendors) 3/5 backdoors found (2 vendors)
0/5 physical damage through IoT device Our stats
Taxonomy Methodology Check lists New OWASP chapter? Most important
External from Internet (CSRF+) WiFi guest (server-side) Neighbor (WiFi w/o
password) Vendor (backdoors) Retailer (firmware modifications after manufacturing) Attackers
https://www.owasp.org/index.php/IoT_Security _Checklist Criteria
The end Contacts: @wallarm, @d0znpp research
owaspmoscow
hiranabe
line_developers_tw
musubi
jacopen
miichan
nobutomurata
you
kawaguti
yamaguchitk333
nori_shinoda
cmusudakeisuke
sonic
reverentgeek
mraible
swwweet
lauravandoore
tanoku
tmiket
raygrieselhuber
chriscoyier
ivargrimstad
baasie
codingconduct
.png){kind=avatar}
helenjbeal
