Stepping into IoT Security

Transcript

1. Stepping Into IoT Security Null Humla @nullblr

2. Agenda 1. What is IoT Security? 2. Why it is

   so important? 3. IoT Security Challenges 4. Divide 4 5. Learning concepts 6. Need a hardware to break a hardware

3. IoT Security ..! What it is..? • IoT security is

   the technology area concerned with safeguarding connected devices and networks in the internet of things Simply : we need to secure the device which is connected to internet IoT - Internet of things IIoT - Industrial internet of things (Automobile) OT - Operational Technology(ICS/SCADA)

4. Importance of IoT 1. Human Race 2. Health care 3.

   Industrial 4. Home automation 5. Wearables 6. Smart Cars (automobiles) 7. Smart Cities 8. IoT in Agriculture 9. Power Engagement

5. IoT Security Challenges • Default passwords • Hardcoded data •

   Unnecessary ports opened • Insufficient testing and updating issues • IoT malware and ransomware • Data security and privacy concerns (mobile, web, cloud) • Lack of encryption • Authentication and authorization issues

6. IoT Attack Vectors • Network • Web & Embedded Application

   • Mobile & OTA • Communication Protocols (Wireless/Web/Network/Radio) • Firmware/Software • Hardware

7. Some test Cases

8. Divide Into 4 IoT Testing According to my View

9. Entry Level Testing in IoT • Default Login attacks •

   Open ports and running services • Hardcoded data like api keys , URLs , certificates , passwords • Using publicly available exploits like blue borne • Using Metasploit payloads and exploits • Spidering the web for login forms and parameter • Protocols information gathering • Looking for plaintext information • Tools : burp , curl , Nikto , dirb , Nmap , Metasploit , brute force tools , hci tool , nRF connect app,

10. Middleware Level Testing • Fuzzing URLs and identifying the input

    locations on embedded applications • Enumerating data of device from search engines - Shodan , fofa, Censys, zoomeye • Dorks for devices - Shodan and zoom eye • Hashing breaking • Communication Protocols testing – with Wireshark and other proxy tools • Firmware analysis static • Software application testing (thick client) • Datasheets and reconnaissance about the devices • Tools : exploit,

11. Advance Level Testing • Rewriting code or exploit to test

    – gnuradio scripts and python scripts • Replay attacks – car and door systems • Identifying architecture and analyzing the board to exploit it • Getting shell from hardware and testing filesystem • Firmware analysis dynamic • Re-flashing vulnerable firmware to devices • Debugging the hardware • Debug the Firmware / Software – buffer overflow/heap overflow/stack overflow • Tools: Jtag , UART, SPI&i2C , gdb, , x64dbg , radare2, ,Objdump, IDA Disassembler, Wireshark, hping3, Protocol Fuzzers (HTTP, Network), DetecItEasy , Fiddler, Echo Mirage, Sysinternals suite

12. Expert (Next level) • SIDE-CHANNEL ANALYSIS • Simple Power Analysis

    (SPA) • Differential Power Analysis (DPA) • Electromagnetic Field Analysis • Template Attacks • Timing Analysis • FAULT INJECTION AND FAULT ANALYSIS

13. https://github.com/adi0x90/IoT-Pentesting-Methodology Learning Concepts

14. Useful Search engines for IoT devices

15. Useful search engines

16. This is actual IoT

17. Need a hardware to break a hardware

18. References https://link.springer.com/content/pdf/10.1007%2F978-3-642-01001-9_26.pdf Books for IoT Security

19. For Best Resources follow me • @v33riot • https://github.com/V33RU/IoTSecurity101 •

    Join Telegram Group “iotsecurity1011” • Email me : [email protected] • iotpentest.com