{"guid":"9335f1f1-c0c5-5378-b686-fffd6781c5ce","title":"Inside Our Toys - How to Hack Into an Embedded Device","subtitle":null,"slug":"emf2016-242-inside-our-toys-how-to-hack-into-an-embedded-device","link":"https://www.emfcamp.org/schedule.frab","description":"While we all like to make, modify and re-appropriate technology, some of us like to break it for, um, fun and profit.  As a professional penetration tester (my job is to break my employer's devices before they release them) I will explain how I go about finding vulnerabilities in IoT devices. I will look at hardware, software and cryptographic attacks that can give us root on our toys.\r\nRather than focus on specific bugs in particular devices, this talk will describe a number of generic attacks that can be attempted against a wide variety of networked 'things'.  The attacks range from the trivial that anyone with a soldering iron and a few bits and bobs could attempt, through those that require moderate linux knowledge, to those that require a disassembler and a knowledge of reverse engineering.\r\nIt should be of interest to anyone who would like to root their own shiny, IoT devices.","original_language":"eng","persons":["Kev Sheldrake"],"tags":[],"view_count":368,"promoted":false,"date":"2016-08-07T17:10:00.000+02:00","release_date":"2016-08-07T02:00:00.000+02:00","updated_at":"2026-01-24T06:00:03.841+01:00","length":3515,"duration":3515,"thumb_url":"https://static.media.ccc.de/media/events/emf/2016/242-hd.jpg","poster_url":"https://static.media.ccc.de/media/events/emf/2016/242-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/events/emf/2016/9335f1f1-c0c5-5378-b686-fffd6781c5ce-timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/events/emf/2016/9335f1f1-c0c5-5378-b686-fffd6781c5ce-thumbnails.vtt","frontend_link":"https://media.ccc.de/v/emf2016-242-inside-our-toys-how-to-hack-into-an-embedded-device","url":"https://api.media.ccc.de/public/events/9335f1f1-c0c5-5378-b686-fffd6781c5ce","conference_title":"Electromagnetic Field 2016","conference_url":"https://api.media.ccc.de/public/conferences/emf16","related":[{"event_id":684,"event_guid":"import-3c6185884db88b4055","weight":3},{"event_id":1806,"event_guid":"IE5aOu8FUaPfpFv5v4rtJg","weight":5},{"event_id":2879,"event_guid":"3f61827f-8b17-47b4-a43c-e0dce6532cbe","weight":3},{"event_id":3097,"event_guid":"ffa36a68-67e0-4b5d-a932-a2250f725080","weight":4},{"event_id":3254,"event_guid":"7eab2c8e-e7c8-5687-a77f-05ecd52f26cc","weight":11},{"event_id":3261,"event_guid":"d29eabc5-e429-5e87-a011-95fd283ba949","weight":3},{"event_id":3264,"event_guid":"2f0699a5-6a5e-586f-9b21-4e2f68e161ce","weight":3},{"event_id":3268,"event_guid":"e216ccb9-01df-5998-b9bd-9d79b0b2ef3b","weight":3},{"event_id":3272,"event_guid":"e2fff38d-16eb-52b0-872a-ef9f4489ed5c","weight":6},{"event_id":3284,"event_guid":"30f92431-8ec3-51df-bd4f-e04df6d1b304","weight":3},{"event_id":3290,"event_guid":"29fbad3f-4c1f-589c-a6aa-2390f1641afb","weight":3},{"event_id":3302,"event_guid":"036c801c-d1d2-5502-b40c-242eb9779b0a","weight":3},{"event_id":3305,"event_guid":"d8c4b8d8-074a-5406-b220-4bbe9abe8083","weight":3},{"event_id":3307,"event_guid":"7403c88a-899b-56a9-a3b0-da874bb50c7e","weight":4},{"event_id":3308,"event_guid":"5ab9f90a-a768-59c0-a0e4-a7ad9f61279c","weight":6},{"event_id":3316,"event_guid":"424860b0-8a98-5304-8e9a-928d41f38284","weight":5},{"event_id":3317,"event_guid":"1baefd21-92b5-577c-b1a3-0e3f091e6033","weight":4},{"event_id":3318,"event_guid":"c0ba3db4-f8b8-57c3-bab9-9d60be316632","weight":3},{"event_id":3322,"event_guid":"eb9e12ac-f668-5906-8dd5-61f15d346484","weight":3},{"event_id":3460,"event_guid":"bb5e3e6e-d831-55e8-9d00-34a2da70f74b","weight":3}],"recordings":[{"size":311,"length":3515,"mime_type":"video/mp4","language":"eng","filename":"emf16-242-eng-Inside_Our_Toys_-_How_to_Hack_Into_an_Embedded_Device_hd.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2016-08-07T23:32:15.838+02:00","recording_url":"https://cdn.media.ccc.de/events/emf/2016/h264-hd/emf16-242-eng-Inside_Our_Toys_-_How_to_Hack_Into_an_Embedded_Device_hd.mp4","url":"https://api.media.ccc.de/public/recordings/11727","event_url":"https://api.media.ccc.de/public/events/9335f1f1-c0c5-5378-b686-fffd6781c5ce","conference_url":"https://api.media.ccc.de/public/conferences/emf16"},{"size":105,"length":3515,"mime_type":"video/mp4","language":"eng","filename":"emf16-242-eng-Inside_Our_Toys_-_How_to_Hack_Into_an_Embedded_Device_sd.mp4","state":"new","folder":"h264-sd","high_quality":false,"width":720,"height":576,"updated_at":"2016-08-08T02:50:37.396+02:00","recording_url":"https://cdn.media.ccc.de/events/emf/2016/h264-sd/emf16-242-eng-Inside_Our_Toys_-_How_to_Hack_Into_an_Embedded_Device_sd.mp4","url":"https://api.media.ccc.de/public/recordings/11807","event_url":"https://api.media.ccc.de/public/events/9335f1f1-c0c5-5378-b686-fffd6781c5ce","conference_url":"https://api.media.ccc.de/public/conferences/emf16"},{"size":368,"length":3515,"mime_type":"video/webm","language":"eng","filename":"emf16-242-eng-Inside_Our_Toys_-_How_to_Hack_Into_an_Embedded_Device_webm-hd.webm","state":"new","folder":"webm-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2016-08-08T03:44:48.332+02:00","recording_url":"https://cdn.media.ccc.de/events/emf/2016/webm-hd/emf16-242-eng-Inside_Our_Toys_-_How_to_Hack_Into_an_Embedded_Device_webm-hd.webm","url":"https://api.media.ccc.de/public/recordings/11847","event_url":"https://api.media.ccc.de/public/events/9335f1f1-c0c5-5378-b686-fffd6781c5ce","conference_url":"https://api.media.ccc.de/public/conferences/emf16"},{"size":51,"length":3504,"mime_type":"audio/opus","language":"eng","filename":"emf16-242-eng-Inside_Our_Toys_-_How_to_Hack_Into_an_Embedded_Device.opus","state":"new","folder":"opus","high_quality":false,"width":0,"height":0,"updated_at":"2016-08-08T09:41:20.240+02:00","recording_url":"https://cdn.media.ccc.de/events/emf/2016/opus/emf16-242-eng-Inside_Our_Toys_-_How_to_Hack_Into_an_Embedded_Device.opus","url":"https://api.media.ccc.de/public/recordings/11888","event_url":"https://api.media.ccc.de/public/events/9335f1f1-c0c5-5378-b686-fffd6781c5ce","conference_url":"https://api.media.ccc.de/public/conferences/emf16"},{"size":53,"length":3504,"mime_type":"audio/mpeg","language":"eng","filename":"emf16-242-eng-Inside_Our_Toys_-_How_to_Hack_Into_an_Embedded_Device.mp3","state":"new","folder":"mp3","high_quality":false,"width":0,"height":0,"updated_at":"2016-08-08T09:41:59.085+02:00","recording_url":"https://cdn.media.ccc.de/events/emf/2016/mp3/emf16-242-eng-Inside_Our_Toys_-_How_to_Hack_Into_an_Embedded_Device.mp3","url":"https://api.media.ccc.de/public/recordings/11889","event_url":"https://api.media.ccc.de/public/events/9335f1f1-c0c5-5378-b686-fffd6781c5ce","conference_url":"https://api.media.ccc.de/public/conferences/emf16"},{"size":125,"length":3515,"mime_type":"video/webm","language":"eng","filename":"emf16-242-eng-Inside_Our_Toys_-_How_to_Hack_Into_an_Embedded_Device_webm-sd.webm","state":"new","folder":"webm-sd","high_quality":false,"width":720,"height":576,"updated_at":"2016-08-08T09:42:52.305+02:00","recording_url":"https://cdn.media.ccc.de/events/emf/2016/webm-sd/emf16-242-eng-Inside_Our_Toys_-_How_to_Hack_Into_an_Embedded_Device_webm-sd.webm","url":"https://api.media.ccc.de/public/recordings/11890","event_url":"https://api.media.ccc.de/public/events/9335f1f1-c0c5-5378-b686-fffd6781c5ce","conference_url":"https://api.media.ccc.de/public/conferences/emf16"}]}