Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
T

UAV?  D C]/ Lco13Y

~ KASFERSKY LAB

~ Sscvmry Re5T: AR(HEP~
—QET? A© C/ [E514
'7/-/ oRRoR NERD
_/ /
_/2
""° =3 E_ZZ
_ Re‘/4 
/ QCMOFL p “"7 root
- (M ‘
QE -4 BL: -xx; 
“THC 4
D4/pJ= xC
Bo
3 NM’04D

RR C

0MP‘°""“szs

JL +7}-

RDW  BJWXZQD...
I/ r

1 at 2 /3;; /bin/ pm
2 <? php
3

/ .

$cancelFxla =  'canca1.gh": 
ssm =  exec('Bl I Ran ". $_GET["5e:5ion']. '.; h ...
A
[BLACK ARMOR CONFIG EXTRATOR]

['1 Downloading configuration file
* Machinename:  BA»073098
« Description:  storage

[! ...
NORMAL Sew P/
SENDS Emu
/ /CT/ /~/1 / ‘SW5 Lmn<
Bfiowséfi scan/5 / VE: TwoF<<
AA

  Glgff ;  S-HE/ .L
T

9/5 D6 MO

QEMQTE IN Fgifio/ ;
T

N, /,1; '4/LDDEN @ DMTLSWM7-N5 7’7~C7'°”!5
OLE ~Sw‘—’T / // RE
WV
x33. BA<<DoD; ae D 

@636?
’ érkiv Eedrgera iliga

 

  

-5- Technicolor Gateway - DSL Co. ..

{- 192.168.1.1

TG799vn v2
_g_ a"-_d! _'‘r L: ~'u1x

...
grim gedigera vise

Hislgvik gakmarken yerieyg fiialp

-3 Technicolor Gateway — Fivewall +

(- 19215311

TG 799vn V2
.3 $Ji...
Arklv gedigeia visa Hisiorik gakmarkeri yeiktyg fliilp

«Q Teeiinieaiai Gateway — $ynE’“41v +

192163.11

TG799vlI V7

gill...
-  '. A.-. _,. '

  

. "' ‘fit
, . :1

_ Ȣ
AM/ f HA}E/ '1a[LT'_ Co mug C733 Ebgulc ES

AEAD GU75 / Aggy Ammo;  L) 5 , <

A543 A/ Vb EFFEQTIVEY

A N0 Err-ecfl‘V& $oL 1...
/ EA/00113
, // z_L

F/ >< -rms -

 

V
CODE BLUE 2014 : How I Hacked My Home by David Jacoby
CODE BLUE 2014 : How I Hacked My Home by David Jacoby
CODE BLUE 2014 : How I Hacked My Home by David Jacoby
CODE BLUE 2014 : How I Hacked My Home by David Jacoby
CODE BLUE 2014 : How I Hacked My Home by David Jacoby
CODE BLUE 2014 : How I Hacked My Home by David Jacoby
CODE BLUE 2014 : How I Hacked My Home by David Jacoby
CODE BLUE 2014 : How I Hacked My Home by David Jacoby
CODE BLUE 2014 : How I Hacked My Home by David Jacoby
CODE BLUE 2014 : How I Hacked My Home by David Jacoby
CODE BLUE 2014 : How I Hacked My Home by David Jacoby
CODE BLUE 2014 : How I Hacked My Home by David Jacoby
CODE BLUE 2014 : How I Hacked My Home by David Jacoby
Upcoming SlideShare
Loading in …5
×

CODE BLUE 2014 : How I Hacked My Home by David Jacoby

1,263 views

Published on

In the IT-security industry, we are at the moment releasing articles about how hackers and researchers find vulnerabilities in for example cars, refrigerators, hotels or home alarm systems. All of these things go under the term IoT (Internet of Things), and is one of the most hyped topics in the industry. The only problem with this kind of research is that we cannot really relate to all of it. I decided to conduct a some research from which I thought was relevant, trying to identify how easy it would be to hack my own home. What can the attacker actually do if these devices are compromised? Is my home “hackable?”. Before I started my research I was pretty sure that my home was pretty secure, I mean, ive been working in the security industry for over 15 years, and I’m quite paranoid when it comes to applying security patches! It turned out I was wrong, and that i had a lot of devices connected to my network which was very vulnerable.

Published in: Technology
  • STOP GETTING RIPPED OFF! LEARN THE SHOCKING TRUTH ABOUT ACNE, DRUGS, CREAMS AND THE ONLY PATH TO LASTING ACNE FREEDOM... To get the FACTS on exactly how to eliminate your Acne from the root 100% naturally and Permanently and achieve LASTING clear skin without spending your hard-earned money on drugs and over the counters...  https://bit.ly/2xJfKi2
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

CODE BLUE 2014 : How I Hacked My Home by David Jacoby

  1. 1. T UAV? D C]/ Lco13Y ~ KASFERSKY LAB ~ Sscvmry Re5T: AR(HEP~ —QET? A© C/ [E514 '7/-/ oRRoR NERD
  2. 2. _/ /
  3. 3. _/2
  4. 4. ""° =3 E_ZZ
  5. 5. _ Re‘/4 / QCMOFL p “"7 root - (M ‘ QE -4 BL: -xx; “THC 4 D4/pJ= xC Bo 3 NM’04D RR C 0MP‘°""“szs JL +7}- RDW BJWXZQD Aflx
  6. 6. I/ r 1 at 2 /3;; /bin/ pm 2 <? php 3 / . $cancelFxla = 'canca1.gh": ssm = exec('Bl I Ran ". $_GET["5e:5ion']. '.; h | head -11 1 I an '(pxint 51)” p. - aaho SPID; if ($ P( if($PID : = "H ' Scancelcmd . = "kill >15 " . SFID . " ' ' '11 pxccess I. I!lS£ scpm = axe: :("pg | gggg ". $AGET['seasxnn"] unse i. f(5CPID ! = "")[ $cancelCnd . = "kill -15 SCPID n". -/null ; ; _: :sce5S . gp | bend -n 1 I as} ‘(print s1)" ); 1 "WV #' L“, _, _ , _.__u-_, _ 4-_-_ / /he; der("Con; én: -Type: :ex: /html; g; §;= §’= UTF-8"); require_onoe(': z:3xssesa. a£. i9-i. a:; '); require_onoe ( ' readconfigure .54}; ' ) ; require_onoe('writeImmedI. og. j,, g;; ‘); / / write immediate log require onoe('loca1BuckDecide. j,_gg'); /'. / g; or :0 do copy $immed. LggDir = trim $immedLog = trim(ge M A L “fl _ CQM/ / D éxac / ULIVS Smultiple = "N"; $session = $_GET["s Stempsrc — exec("<: ¢.. . -¢-. ... ... .. ... .., , . -E 3"); $des — exeI: ("ca1: $immedLog I gggjz Ssession I cut -d "'. Chr(OO2). "' -f 4"); acancmanu . — m . ; ur_A| aesaxon J. .gpn ; m1:er: 3‘. 'e 3521; ac _ . ___- . F I-rwv1VH_. __-. _.. ‘ . . . .. .. .. __. --. um. .. V/ read configure v—v——I—va. uIAn . —4o u . .. ..u. .., . J ££(£1.1e_ex1.sI:5($LmmediateD: .:. $_GETI": a:: ion"]-"Siz: .;; §"))( Scancelcmd . = -3 ''. SimmediaI: eDir. S_GET[''sBssiDn'']-''5ize. g§n''; /wrem: ~:'e 3:-.211 scrlpt J 5<: an<: elCmd . = "ache "SnziceSczing" >> ". $im| nedxaceDir. "canr: el‘1ogn"; /y _—. g : c cancEL. lcg ) $<: am: elCInd . = my cAnce1.ghn"; //renzwe 3.-mu Scrip: N 56
  7. 7. A [BLACK ARMOR CONFIG EXTRATOR] ['1 Downloading configuration file * Machinename: BA»073098 « Description: storage [! ] Extrating usernales and passwords! username: admin fullnamu Administrator passwd: smblanz smhnt : aduin : username: fullname: ' ~n“- passvd: o» . . V - 5,, ,3,1am . .. .. -<. .-. -9 smbnt: «. -. ~_—o. .r¢ u . . adlln: HASH( Ox1B2fdaO) username: davicl fullname: David Jacoby passvd: 0 to ca nu - . smhlan: ‘no - ‘. -. . guru nan smbnt; .- -o coco. .. -- adlin : yes username: .. . fullname: I-‘| 'P user passvd: u n- u - o . . 5,, .b1an; u-.4 . . -. n — . -- smbnt: . . . . .u _ . ¢n. .«. —. adnin: HASH( 0x18328aO) username: test : ::: ::v= = 3:". . $709 I D C<>~IFIL—. VRAT I ON gmglam c. . c-- 0-oo not / . . -- . . _. :33"; ‘ E RROR davideuhuntuu-/ code/1at-researchs |
  8. 8. NORMAL Sew P/
  9. 9. SENDS Emu
  10. 10. / /CT/ /~/1 / ‘SW5 Lmn<
  11. 11. Bfiowséfi scan/5 / VE: TwoF<<
  12. 12. AA Glgff ; S-HE/ .L
  13. 13. T 9/5 D6 MO QEMQTE IN Fgifio/ ;
  14. 14. T N, /,1; '4/LDDEN @ DMTLSWM7-N5 7’7~C7'°”!5 OLE ~Sw‘—’T / // RE WV x33. BA<<DoD; ae D @636?
  15. 15. ’ érkiv Eedrgera iliga -5- Technicolor Gateway - DSL Co. .. {- 192.168.1.1 TG799vn v2 _g_ a"-_d! _'‘r L: ~'u1x Home Technicolor Gateway -. ..: .-u. .m DSL Cunnectxon Internet Servwces Toolbox Home Network Help Information Histgnk gakmarken yerktyg‘ + Home : Broadband Cannectmn AN-Sensmg DSL Connection Link Information upume: DSL Type: Bandwidth (Up/ Dawn) [kbps/ kbps]: Data Transferred (sent/ Recewed) [5/B]: 14 days, 19:47:51 ITU-T 5393.2 5.403 / 33.997 D/ D
  16. 16. grim gedigera vise Hislgvik gakmarken yerieyg fiialp -3 Technicolor Gateway — Fivewall + (- 19215311 TG 799vn V2 .3 $Jiv1n gr :1 1 _.1l 1.14311 Home » Toolbox > Hume Technicolor Galeway r . Broadband Connection r. ..-i. ., Address Bank IPv5 DHCP oneranan TelePNonV Pnnn13P5 came anpaiieanen Sharing Parental Control Firewall Intrusion Deteirnan Dvnarnic 0115 user Management Cantenl Sharing Home Network neip Information b cameras Firewall nus page summanzes the overaii security D0l1Cy configured an your Technlculur Galewav. > Security Settings 5e: ur1t‘/ Level‘ Standard use me Security Level to allow all uulgoina eanneeuens and black an incoming traffic. Game and Appiieanan snanng is allowed by the nrewaii.
  17. 17. Arklv gedigeia visa Hisiorik gakmarkeri yeiktyg fliilp «Q Teeiinieaiai Gateway — $ynE’“41v + 192163.11 TG799vlI V7 gill! - iiiiiig» 1-11 7._ Name 7 Teenniee= er Gateway > update Home System Configuration i. .i«. 14.'rlllfv1 A TMS wage summarizes me current configuraixion of your Tecnnicoiar Gateway. infermaxion Configuration » service Configuration .3,. ,s, d., a,. d c. ,,. ,.Ecm, ,. Tnis seeiian eanrains inramiaiian regarding the s: r/ ice configuration currently applying to yfluf Tecrinicoier Gateway. Toolbox Service Name: Teiiasanera SMARY Zl. A.2 (modified by user) Home Network , rune configuranun Help Time Source Automatic , Date: 17-n7-2014 information nme: l3.'SD: Sl Timezone: (UYC+Dl: l]E| ) summer rinie: ves Time since i>awer—aiii 13 daysi 19155:37 Time server 1: ncax. rgw,1eiia. se Time server 2: n: a2.rgw. ieiia. se System Configuration Web Browsing Intercepmon:
  18. 18. - '. A.-. _,. ' . "' ‘fit , . :1 _ »¢
  19. 19. AM/ f HA}E/ '1a[LT'_ Co mug C733 Ebgulc ES AEAD GU75 / Aggy Ammo; L) 5 , < A543 A/ Vb EFFEQTIVEY A N0 Err-ecfl‘V& $oL 11710337} kg; ~/ L
  20. 20. / EA/00113 , // z_L F/ >< -rms - V

×