Yashin Mehaboobe

INDEPENDENT SECURITY RESEARCHER

Yashin Mehaboobe

Paper Title

Hardware Attack Vectors

Abstract

Hardware security is not as well known as other fields in computer security. This is chiefly because usually there are more widely known and easier paths into a target organisation. It's much easier to exploit a web application vulnerability or a wireless AP than to launch a hardware based attack. Sometimes however in situations where other attacks are impractical or downright impossible, a hardware attack might succeed. This presentation will be about using such techniques to gain access to the target systems. Each attack vector will be described in short detail and a demonstration will be provided for it.

HID Vector:

Imagine if an attacker had physical access to your system. This is what an HID attack almost entirely emulates. HID stands for Human Interface Device. It's a class of devices like keyboards and mouses that allow a user to interact with the system. An HID attack utilizes devices such as the Teensy microcontroller can store a set of user inputs in it and then replay it when it is plugged into a system. This would allow an attacker to execute commands as if he was sitting in front of the system.

IR Vector:

Infrared is a fairly widespread protocol. It's used in TV systems and even in traffic lights. However IR is one of those systems which was not built with security in mind. Unlike some radio keyfobs they do not employ any form of rolling codes. So it is a trivial job of recording the IR codes and retransmitting them. This session will handle the creation and use of a simple IR spoofer and discuss various issues with IR security.

Radio:

Radio technology is all around us. Instead of showing how to pwn wireless APs, this session will handle the usage of SDRs or software defined radios. Specifically the audience will be introduced to the RTL-SDR project ( a very cheap SDR). They will also be introduced on how to sniff for wireless data and understand what type of transmission it is. Car keyfob transmissions will be shown as an example. RFCat (another SDR with TX) will also be covered.

Bus protocol attacks:

This will be a brief introduction to bus protocols and how to abuse them for maximum effect. Topics covered will include UART, SPI and I2C sniffing using the bus pirate and discussion of it's inherent security failures.

Speaker Bio

Yashin Mehaboobe is a senior security researcher with the CSPF and a Student Partner with Microsoft. His areas of interest in this field span hardware security,network security, malware analysis and reverse engineering. He had discovered a denial of service vulnerability in Android that he reported to Google and presented at Defcon Kerala. His work includes creating a static file based web application fingerprinting script for nmap,several other contributions to other open source projects, automated malware detection system for the Raspberry Pi, a network proxy in Python and a malware analysis framework in Python. He's been also invited to speak at Defcon Bangalore, c0c0n and Toorcon San Diego.

Copyright © 2017-18 | Nullcon India | International Security Conference | All Rights Reserved