Philippe Laulheret - Intro to Hardware Hacking - DEF CON 27 Conference

preview_player
Показать описание
From small business to large enterprise, VOIP phones can be found on nearly every desk. But how secure are they? What if your phone was spying on every conversation you have?

This talk is an introduction to hardware hacking and as a case study I’ll use the [REDACTED] Deskphone, a device frequently deployed in corporate environments. I’ll use it to introduce the tools and methodology needed to answer these questions.

During this talk, attendees will get a close up look at the operations of a hardware hacker, including ARM disassembly, firmware extraction using binwalk, micro-soldering to patch an EEPROM and get a root shell over UART, and ultimately uncover an already known decade-old bug that somehow remained unnoticed in the device’s firmware.

Beyond the case study I will also address alternative tactics; some did not work, others may have but were not the lowest-hanging fruit. When it comes to hardware hacking, the process is as important as the result; knowing that there are multiple ways to reach the end goal helps researchers remain confident when hurdles arise. After the talk, attendees will have an increased distrust towards always-on devices; however, they will have the background knowledge to investigate the products and systems they encounter daily.

Philippe Laulheret
Philippe Laulheret is a Senior Security Researcher on the McAfee Advanced Threat Research team. With a focus on Reverse Engineering and Vulnerability Research, Philippe uses his background in Embedded Security and Software Engineering to poke at complex system and get them to behave in interesting ways. He previously talked about Reverse Engineering PSX game at Bsides PDX, created & contributed to some Hardware Hacking CTF when working at Red Balloon Security and shared the love of tearing apart VOIP phones during ad-hoc workshops at multiple conferences (Summer Con, Hardware Hacking Village, etc.)

Twitter: @phLaul
  1. DEFCONConference
  2. DC27
  3. security conference 2019
  4. DEF CON 27
  5. hacker conference
  6. hacker community
Рекомендации по теме
Philippe Laulheret - 0:46:07

Philippe Laulheret - Intro to Hardware Hacking - DEF CON 27 Conference

Philippe Laulheret - 0:46:07

Philippe Laulheret - Intro to Hardware Hacking - DEF CON 27 Conference

Philippe Laulheret Intro 0:46:07

Philippe Laulheret Intro to Hardware Hacking DEF CON 27 Conference

Philippe Laulheret - 0:22:43

Philippe Laulheret - Let’s learn MIPS and Japanese!!!

HEXACON2022 - Emulate 0:43:24

HEXACON2022 - Emulate it until you make it! Pwning a DrayTek Router by Philippe Laulheret

HEXACON2024 - What 0:43:08

HEXACON2024 - What the hell is Windows's CLIP Service by Philippe Laulheret

Breaking the security 0:41:55

Breaking the security barrier of a major infusion pump ▪ D. McKee & P. Laulheret ▪ Ekoparty 2021...

Fail Harder: Finding 0:37:48

Fail Harder: Finding Critical 0-Days in Spite of Ourselves

Code Blue! Medical 0:51:16

Code Blue! Medical Devices Under Attack

hacker hurt window 0:00:09

hacker hurt window

DEF CON 27 0:46:07

DEF CON 27 - Intro to Embedded Hacking-How you can find a decade old bug in widely deployed devices

Recon 2022 - 0:25:08

Recon 2022 - Reversing an M32C firmware Lesson learned from playing with an uncommon architecture

DEF CON 23 0:12:14

DEF CON 23 - Hardware Hacking Village - Soldering 101 - Melting metal for fun and profit

Using Sounds as 0:36:56

Using Sounds as Dangerous Weapons – DEF CON 27

do NOT hold 0:03:37

do NOT hold back - DEF CON 30 Call For Speakers

Andreas Baumhof - 0:48:42

Andreas Baumhof - Are Quantum Computers Really A Threat To Cryptography? - DEF CON 27 Conference

Intro to Hardware 0:35:02

Intro to Hardware Hacking - Emmanuel Adewale and Kenny Anderson

Hacking in the 0:00:35

Hacking in the Movie

Intro to Hardware 0:12:07

Intro to Hardware Reversing: Finding a UART and getting a shell

Minha intro - 0:00:11

Minha intro - By Designer | Prime :3

DEF CON 27 0:20:21

DEF CON 27 - Mike Spicer - I Know What You Did Last Summer 3 Years of Wireless Monitoring at DEF CON

Professor Phil Hodgkin 1:00:27

Professor Phil Hodgkin - Reverse Engineering the Immune System

Intro #7 - 0:00:11

Intro #7 - Plastyne

DEF CON 25 0:46:31

DEF CON 25 - How to roll your own counterfeit hardware security devices

Комментарии
Автор

I'm from poland and i understand almost everything what he said (yep i work in international team). Im amazed that frenchman talks in english (usually thay cant say yes or no, so...). You should be thankfull for what he said, because he has good knowledge.

magisterskierlip
Автор

Great talk, took a lot of notes, you name dropped a lot of stuff I'll have to look into deeper.

michaelclifton
Автор

Tip: use Audio EQ extension and hit the "mono" mode to make it come out of both R and L earphones / speakers

SinVsGaming
Автор

Not as much good pictures 😩. Anyone have better images. Or like a video of the phone?

amuga_
Автор

Lolz, I'm a ESL and I understood 90%+ of what he said. Not saying I would be able to pull off everything he did there, though...

KnightMirkoYo
Автор

I’m not sure but it has some serious Gen X vibes ❤

wyleong
Автор

I'm west African. I can understand everthing he said

shygrammer
Автор

Man’s accent is pretty understandable. But I’m Australian so what do I know

gravex
Автор

lot of information, but take your time, pas important si tu perd 2-3 desinteresser, exemple school teacher. dans tout les cas vous mavez entre ouvert quelque porte a explorer dans mon devloppement personel. thanks great overview of different method, thanks you

debilk
Автор

Started off thinking it might be good but went down hill, tracing vias that goto the other side? Isn't this a multi layer board?

timballam
Автор

Why did the console work through the plug but not through the pad?

renakunisaki
Автор

we have board CPU is SH4 family 6417751R is USB jtag support it to dump 2 of flash JS28F640J3 ??? OS IS VXworks system have UART and jtag pin out
Thanks

ammarsaad
Автор

I understood nothing. How do people learn this stuff??

jimj
Автор

13:42 Why does he have to use the devilhands grip when holding both the soldering iron and the airgun? Does he like to signal his fellow satan worshippers?

bobmcbob
Автор

Can someone please hack a Tesla so it can be used as a mobile surveillance platform with a live feed?
The next generation police cars will be electric and function as interconnected surveillance platforms. They will have on-board drones and robots to assist. Even today you could easily have a Boston Dynamics "Spot" and some DJI drones in a squad car. The "spot" is an ideal weapons platform for both lethal and non-lethal munitions. If they could link up both public and private surveillance cameras via 5G and all those Alexa home assistants and camera alarm systems, we really have a dystopian reality. I really don't like Elon's Star link satellites, facial recognition, social credit, cashless society, killer robots, drone swarms, no borders, international law.
In this nightmare of a future it might well be useful to hack hardware :/

Willy_Tepes
Автор

if you talk French it will be better 😂😂😂

alaker
Автор

Ugh just get someone to read it for you

dopeymetalbud