SlideShare a Scribd company logo

Hardware hacking and internet of things

Download as PPTX, PDF
G
GeekNightHyderabad

--> What is Hardware Hacking ? --> How and Where to get started ? --> What is Best Arduino or Rasberry Pie ? --> Make a Simple Project with Arduino. --> Programming With Arduino IDE. --> Intro to Building The Internet of Things. --> Creating an IOT Solution. Now Let's Take an Update of Computer Security: --> Getting Aware of HID Attacks and Defence Against It. Finally we will have Good Understanding of How Hardware Works with Programming.

Technology
1 of 45
Intro to Hardware Hacking and Internet of Things By Mohsin khan
Mohsin khan RESEARCHER HARDWARE HACKER PENETRATION TESTER ETHICAL HACKING AND CTF TRAINER Researcher @RATTLEMINDS Speaker @nullhyd MUHSIN.GAP@GMAIL.COM
▶ Started in my Lab by Fixing Windows and Touching some Hardware. ▶ Later Got Bored from the Loop(First Step Towards Open Source). ▶ Inspired by Defcon (That’s my first Eureka Moment). ▶ Playing God Access in Terminal (Broke my windows few thousand times). ▶ Journey in Hacking was Pure Curiosity to explore and try making changes in I/O’s. ▶ Created Hardware Platform for Penetration Test in Real Scenarios. ▶ Interested in Red Teaming and Custom Attacks. ▶ Researcher and Pentester at “RATTLE MIND”. ▶ Security Researcher, Hardware Hacker and CTF Trainer At Rattlemind. About me
Thanks for the Support ▶ Global Justice World (Int Org) ▶ Nefamz LLC (Washington Dc) ▶ GeekNight
Agenda ▶ What is Hardware Hacking ? ▶ Getting Started with Hardware. ▶ Track to Hardware Hacking and Iot. ▶ Arduino , Node Mcu and How to start with it ? ▶ What is Iot ? Hands on Iot ? ▶ Create a project with Arduino. ▶ Fun with Node Mcu Ex : Control Led with Phone. ▶ Questions
Topics Covered ▶ Getting Started Hardware Hacking. ▶ What is Arduino and How to get Started. ▶ Led Blink Project and Adding Sensors. ▶ Internet of Things. ▶ Esp8266 and Node MCU. ▶ Home Automation . ▶ Hid Attacks and Defence. ▶ Conclusion
The Hard Way
The Hard Way is
The Hard Way The Hardware isn't
What is Hardware Hacking ? For More : https://www.sparkfun.com/news/1314
Track to Hardware Hacking
Getting hands Dirty Start from Fun Projects ? Arduino , Teensy or Rasberry Pie Links to get Started : https://samy.pl/ https://hackaday.com https://www.arduino.cc https://www.hackster.io/arduino/projects http://www.tech-tweaks.com/methods-hardware- hacking/
Arduino Teensy Rasberry Pie
Arduino Pro Micro Teensy Rasberry Pie Learning Curve Beginner Friendly Not For Beginners More Advance Hid Yes Yes Yes Integrated Development Environment Arduino Ide Teensyduino Scartch,Idle, Anything with Linux support Documentation Great Not Great Good Operating System None None Linux Distribution Community Support Great Good Good
Rasberry Pie
Teensy
Arduino for Being Friendly
Getting Started Track to Hardware Hacking.
What is Arduino? ▶ Arduino is an open-source electronics platform. ▶ Easy-to-use Hardware and software ▶ To do so you use the Arduino programming language. Why Arduino? ▶ The Arduino software is easy-to-use for beginners, yet flexible enough for advanced users ▶ Inexpensive cost less than Rs.3500. ▶ Cross-platform ▶ Simple, clear programming environment (The language can be expanded through C++ libraries). ▶ Open source and extensible software (circuit designers can make their own version of the module). How do I use Arduino? ▶ https://www.arduino.cc/en/Guide/HomePage ▶ https://www.hackster.io/arduino/projects
Project Demo
Project Demo
Adding Bluetooth
Pir Sensor Alarm
Shrink your Project
Hands On IOT (internet of things)
Internet Of Things (iot) Track to Hardware Hacking.
Esp8266
Arduino Bluetooth
Control LED’s
Node Mcu
Computer Security
Stuxnet was USB Attack
What is Hid Attack or Bad USB? Features: ▶ Contains Malicious Files. ▶ USB Hid Payload (Acts Like Keyboard). ▶ Detection (not so far). ▶ Faster than any Human Hand. ▶ Could take advantage of Driver which is vulnerable to zero day. ▶ Persistent.
Custom Hardware Attacks
Defence
Hardware Hacking Workshop Facebook.com/rattlemindofficial | @rattleminds |muhsin.gap@gmail.com
Questions ? More : Facebook.com/rattlemindofficial | @rattleminds | muhsin.gap@gmail.com

Recommended

Hacking with Remote Admin Tools (RAT)
Hacking with Remote Admin Tools (RAT) Hacking with Remote Admin Tools (RAT)
Hacking with Remote Admin Tools (RAT)
Zoltan Balazs
 
Playing with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritzPlaying with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritz
Deepanshu Gajbhiye
 
Hacku Intro 2009
Hacku Intro 2009Hacku Intro 2009
Hacku Intro 2009
Paul Tarjan
 
Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)
Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)
Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)
Vale Security Conference
 
Open hack 2011-hardware-hacks
Open hack 2011-hardware-hacksOpen hack 2011-hardware-hacks
Open hack 2011-hardware-hacks
Sudar Muthu
 
Arduino
ArduinoArduino
Arduino
Ankit Sharma
 
Io t slides_iotvillage
Io t slides_iotvillageIo t slides_iotvillage
Io t slides_iotvillage
agmoneyy
 
Hacking - high school intro
Hacking - high school introHacking - high school intro
Hacking - high school intro
Peter Hlavaty
 

Recommended

Hacking with Remote Admin Tools (RAT)
Hacking with Remote Admin Tools (RAT) Hacking with Remote Admin Tools (RAT)
Hacking with Remote Admin Tools (RAT)
Zoltan Balazs
 
Playing with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritzPlaying with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritz
Deepanshu Gajbhiye
 
Hacku Intro 2009
Hacku Intro 2009Hacku Intro 2009
Hacku Intro 2009
Paul Tarjan
 
Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)
Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)
Vale Security Conference - 2011 - 17 - Rodrigo Rubira Branco (BSDaemon)
Vale Security Conference
 
Open hack 2011-hardware-hacks
Open hack 2011-hardware-hacksOpen hack 2011-hardware-hacks
Open hack 2011-hardware-hacks
Sudar Muthu
 
Arduino
ArduinoArduino
Arduino
Ankit Sharma
 
Io t slides_iotvillage
Io t slides_iotvillageIo t slides_iotvillage
Io t slides_iotvillage
agmoneyy
 
Hacking - high school intro
Hacking - high school introHacking - high school intro
Hacking - high school intro
Peter Hlavaty
 
Offensive Security basics part 1
Offensive Security basics part 1Offensive Security basics part 1
Offensive Security basics part 1
wharpreet
 
Taking the hard out of hardware
Taking the hard out of hardwareTaking the hard out of hardware
Taking the hard out of hardware
Ronald McCollam
 
What is being exposed from IoT Devices
What is being exposed from IoT DevicesWhat is being exposed from IoT Devices
What is being exposed from IoT Devices
The Security of Things Forum
 
Get started with hacking
Get started with hackingGet started with hacking
Get started with hacking
Ham'zzah Mir-zza
 
Welcome to Python
Welcome to PythonWelcome to Python
Welcome to Python
Elena Williams
 
Super1
Super1Super1
Super1
neelakanteswarreddy
 
Presentation on Ethical Hacking ppt
Presentation on Ethical Hacking pptPresentation on Ethical Hacking ppt
Presentation on Ethical Hacking ppt
Shravan Sanidhya
 
Open source software for startups
Open source software for startupsOpen source software for startups
Open source software for startups
victorneo
 
Teensy Programming for Everyone
Teensy Programming for EveryoneTeensy Programming for Everyone
Teensy Programming for Everyone
Nikhil Mittal
 
Evangelizing Your Thing (Extended Edition)
Evangelizing Your Thing (Extended Edition)Evangelizing Your Thing (Extended Edition)
Evangelizing Your Thing (Extended Edition)
Rex St. John
 
Blackmagic Open Source Intelligence OSINT
Blackmagic Open Source Intelligence OSINTBlackmagic Open Source Intelligence OSINT
Blackmagic Open Source Intelligence OSINT
Sudhanshu Chauhan
 
OSINT Black Magic: Listen who whispers your name in the dark!!!
OSINT Black Magic: Listen who whispers your name in the dark!!!OSINT Black Magic: Listen who whispers your name in the dark!!!
OSINT Black Magic: Listen who whispers your name in the dark!!!
Nutan Kumar Panda
 
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdBeyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Nipun Jaswal
 
Cyber Security Workshop GDSC-BITW
Cyber Security Workshop GDSC-BITWCyber Security Workshop GDSC-BITW
Cyber Security Workshop GDSC-BITW
ChanchalHiwanj1
 
Path of Cyber Security
Path of Cyber SecurityPath of Cyber Security
Path of Cyber Security
Satria Ady Pradana
 
Path of Cyber Security
Path of Cyber SecurityPath of Cyber Security
Path of Cyber Security
Satria Ady Pradana
 
How To Become an Ethical Hacker?
How To Become an Ethical Hacker?How To Become an Ethical Hacker?
How To Become an Ethical Hacker?
Srashti Jain
 
Arduino presentation
Arduino presentationArduino presentation
Arduino presentation
Michael Senkow
 
Hakin9 05 2013
Hakin9 05 2013Hakin9 05 2013
Hakin9 05 2013
Rodrigo Gomes Pires
 
So You Want to be a Hacker?
So You Want to be a Hacker?So You Want to be a Hacker?
So You Want to be a Hacker?
Christopher Grayson
 
Testing strategies in microservices
Testing strategies in microservicesTesting strategies in microservices
Testing strategies in microservices
GeekNightHyderabad
 
Metaprogramming ruby
Metaprogramming rubyMetaprogramming ruby
Metaprogramming ruby
GeekNightHyderabad
 

More Related Content

Similar to Hardware hacking and internet of things

Open source software for startups
Open source software for startupsOpen source software for startups
Open source software for startups
victorneo
 
OSINT Black Magic: Listen who whispers your name in the dark!!!
OSINT Black Magic: Listen who whispers your name in the dark!!!OSINT Black Magic: Listen who whispers your name in the dark!!!
OSINT Black Magic: Listen who whispers your name in the dark!!!
Nutan Kumar Panda
 

Similar to Hardware hacking and internet of things (20)

Offensive Security basics part 1
Offensive Security basics part 1Offensive Security basics part 1
Offensive Security basics part 1
 
Taking the hard out of hardware
Taking the hard out of hardwareTaking the hard out of hardware
Taking the hard out of hardware
 
What is being exposed from IoT Devices
What is being exposed from IoT DevicesWhat is being exposed from IoT Devices
What is being exposed from IoT Devices
 
Get started with hacking
Get started with hackingGet started with hacking
Get started with hacking
 
Welcome to Python
Welcome to PythonWelcome to Python
Welcome to Python
 
Super1
Super1Super1
Super1
 
Presentation on Ethical Hacking ppt
Presentation on Ethical Hacking pptPresentation on Ethical Hacking ppt
Presentation on Ethical Hacking ppt
 
Open source software for startups
Open source software for startupsOpen source software for startups
Open source software for startups
 
Teensy Programming for Everyone
Teensy Programming for EveryoneTeensy Programming for Everyone
Teensy Programming for Everyone
 
Evangelizing Your Thing (Extended Edition)
Evangelizing Your Thing (Extended Edition)Evangelizing Your Thing (Extended Edition)
Evangelizing Your Thing (Extended Edition)
 
Blackmagic Open Source Intelligence OSINT
Blackmagic Open Source Intelligence OSINTBlackmagic Open Source Intelligence OSINT
Blackmagic Open Source Intelligence OSINT
 
OSINT Black Magic: Listen who whispers your name in the dark!!!
OSINT Black Magic: Listen who whispers your name in the dark!!!OSINT Black Magic: Listen who whispers your name in the dark!!!
OSINT Black Magic: Listen who whispers your name in the dark!!!
 
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdBeyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
 
Cyber Security Workshop GDSC-BITW
Cyber Security Workshop GDSC-BITWCyber Security Workshop GDSC-BITW
Cyber Security Workshop GDSC-BITW
 
Path of Cyber Security
Path of Cyber SecurityPath of Cyber Security
Path of Cyber Security
 
Path of Cyber Security
Path of Cyber SecurityPath of Cyber Security
Path of Cyber Security
 
How To Become an Ethical Hacker?
How To Become an Ethical Hacker?How To Become an Ethical Hacker?
How To Become an Ethical Hacker?
 
Arduino presentation
Arduino presentationArduino presentation
Arduino presentation
 
Hakin9 05 2013
Hakin9 05 2013Hakin9 05 2013
Hakin9 05 2013
 
So You Want to be a Hacker?
So You Want to be a Hacker?So You Want to be a Hacker?
So You Want to be a Hacker?
 

More from GeekNightHyderabad

Blockchain beyond bitcoin
Blockchain beyond bitcoinBlockchain beyond bitcoin
Blockchain beyond bitcoin
GeekNightHyderabad
 
Building Cloud Native Applications Using Spring Boot and Spring Cloud
Building Cloud Native Applications Using Spring Boot and Spring CloudBuilding Cloud Native Applications Using Spring Boot and Spring Cloud
Building Cloud Native Applications Using Spring Boot and Spring Cloud
GeekNightHyderabad
 
Scaling a Game Server: From 500 to 100,000 Users
Scaling a Game Server: From 500 to 100,000 UsersScaling a Game Server: From 500 to 100,000 Users
Scaling a Game Server: From 500 to 100,000 Users
GeekNightHyderabad
 

More from GeekNightHyderabad (20)

Testing strategies in microservices
Testing strategies in microservicesTesting strategies in microservices
Testing strategies in microservices
 
Metaprogramming ruby
Metaprogramming rubyMetaprogramming ruby
Metaprogramming ruby
 
Scaling enterprise digital platforms with kubernetes
Scaling enterprise digital platforms with kubernetesScaling enterprise digital platforms with kubernetes
Scaling enterprise digital platforms with kubernetes
 
FreedomBox & Community Wi-Fi networks
FreedomBox & Community Wi-Fi networksFreedomBox & Community Wi-Fi networks
FreedomBox & Community Wi-Fi networks
 
Rendezvous with aucovei (autonomous connected car)
Rendezvous with aucovei (autonomous connected car)Rendezvous with aucovei (autonomous connected car)
Rendezvous with aucovei (autonomous connected car)
 
Role of AI & ML in beauty care industry
Role of AI & ML in beauty care industryRole of AI & ML in beauty care industry
Role of AI & ML in beauty care industry
 
Breaking down a monolith
Breaking down a monolithBreaking down a monolith
Breaking down a monolith
 
Design lean agile_thinking presentation
Design lean agile_thinking presentationDesign lean agile_thinking presentation
Design lean agile_thinking presentation
 
Scaling pipelines
Scaling pipelinesScaling pipelines
Scaling pipelines
 
Blockchain beyond bitcoin
Blockchain beyond bitcoinBlockchain beyond bitcoin
Blockchain beyond bitcoin
 
Http/2
Http/2Http/2
Http/2
 
Spring to Cloud - REST To Microservices
Spring to Cloud - REST To MicroservicesSpring to Cloud - REST To Microservices
Spring to Cloud - REST To Microservices
 
Serverless
ServerlessServerless
Serverless
 
Building Cloud Native Applications Using Spring Boot and Spring Cloud
Building Cloud Native Applications Using Spring Boot and Spring CloudBuilding Cloud Native Applications Using Spring Boot and Spring Cloud
Building Cloud Native Applications Using Spring Boot and Spring Cloud
 
Progressive Web Applications - The Next Gen Web Technologies
Progressive Web Applications - The Next Gen Web TechnologiesProgressive Web Applications - The Next Gen Web Technologies
Progressive Web Applications - The Next Gen Web Technologies
 
Scaling a Game Server: From 500 to 100,000 Users
Scaling a Game Server: From 500 to 100,000 UsersScaling a Game Server: From 500 to 100,000 Users
Scaling a Game Server: From 500 to 100,000 Users
 
Big Data - Need of Converged Data Platform
Big Data - Need of Converged Data PlatformBig Data - Need of Converged Data Platform
Big Data - Need of Converged Data Platform
 
Building a Data Lake - An App Dev's Perspective
Building a Data Lake - An App Dev's PerspectiveBuilding a Data Lake - An App Dev's Perspective
Building a Data Lake - An App Dev's Perspective
 
Understanding the Intelligent Cloud
Understanding the Intelligent CloudUnderstanding the Intelligent Cloud
Understanding the Intelligent Cloud
 
GeekNight 22.0 Multi-paradigm programming in Scala and Akka
GeekNight 22.0 Multi-paradigm programming in Scala and AkkaGeekNight 22.0 Multi-paradigm programming in Scala and Akka
GeekNight 22.0 Multi-paradigm programming in Scala and Akka
 

Recently uploaded

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
UiPathCommunity
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
UiPath New York Community Day in-person event
UiPath New York Community Day in-person eventUiPath New York Community Day in-person event
UiPath New York Community Day in-person event
DianaGray10
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 

Recently uploaded (20)

Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
UiPath New York Community Day in-person event
UiPath New York Community Day in-person eventUiPath New York Community Day in-person event
UiPath New York Community Day in-person event
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»
НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»
НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 

Hardware hacking and internet of things

  • 1. Intro to Hardware Hacking and Internet of Things By Mohsin khan
  • 2. Mohsin khan RESEARCHER HARDWARE HACKER PENETRATION TESTER ETHICAL HACKING AND CTF TRAINER Researcher @RATTLEMINDS Speaker @nullhyd MUHSIN.GAP@GMAIL.COM
  • 3. ▶ Started in my Lab by Fixing Windows and Touching some Hardware. ▶ Later Got Bored from the Loop(First Step Towards Open Source). ▶ Inspired by Defcon (That’s my first Eureka Moment). ▶ Playing God Access in Terminal (Broke my windows few thousand times). ▶ Journey in Hacking was Pure Curiosity to explore and try making changes in I/O’s. ▶ Created Hardware Platform for Penetration Test in Real Scenarios. ▶ Interested in Red Teaming and Custom Attacks. ▶ Researcher and Pentester at “RATTLE MIND”. ▶ Security Researcher, Hardware Hacker and CTF Trainer At Rattlemind. About me
  • 4. Thanks for the Support ▶ Global Justice World (Int Org) ▶ Nefamz LLC (Washington Dc) ▶ GeekNight
  • 5. Agenda ▶ What is Hardware Hacking ? ▶ Getting Started with Hardware. ▶ Track to Hardware Hacking and Iot. ▶ Arduino , Node Mcu and How to start with it ? ▶ What is Iot ? Hands on Iot ? ▶ Create a project with Arduino. ▶ Fun with Node Mcu Ex : Control Led with Phone. ▶ Questions
  • 6. Topics Covered ▶ Getting Started Hardware Hacking. ▶ What is Arduino and How to get Started. ▶ Led Blink Project and Adding Sensors. ▶ Internet of Things. ▶ Esp8266 and Node MCU. ▶ Home Automation . ▶ Hid Attacks and Defence. ▶ Conclusion
  • 9. The Hard Way The Hardware isn't
  • 10. What is Hardware Hacking ? For More : https://www.sparkfun.com/news/1314
  • 11. Track to Hardware Hacking
  • 12. Getting hands Dirty Start from Fun Projects ? Arduino , Teensy or Rasberry Pie Links to get Started : https://samy.pl/ https://hackaday.com https://www.arduino.cc https://www.hackster.io/arduino/projects http://www.tech-tweaks.com/methods-hardware- hacking/
  • 14. Arduino Pro Micro Teensy Rasberry Pie Learning Curve Beginner Friendly Not For Beginners More Advance Hid Yes Yes Yes Integrated Development Environment Arduino Ide Teensyduino Scartch,Idle, Anything with Linux support Documentation Great Not Great Good Operating System None None Linux Distribution Community Support Great Good Good
  • 17. Arduino for Being Friendly
  • 18. Getting Started Track to Hardware Hacking.
  • 19. What is Arduino? ▶ Arduino is an open-source electronics platform. ▶ Easy-to-use Hardware and software ▶ To do so you use the Arduino programming language. Why Arduino? ▶ The Arduino software is easy-to-use for beginners, yet flexible enough for advanced users ▶ Inexpensive cost less than Rs.3500. ▶ Cross-platform ▶ Simple, clear programming environment (The language can be expanded through C++ libraries). ▶ Open source and extensible software (circuit designers can make their own version of the module). How do I use Arduino? ▶ https://www.arduino.cc/en/Guide/HomePage ▶ https://www.hackster.io/arduino/projects
  • 25.
  • 27. Internet Of Things (iot) Track to Hardware Hacking.
  • 28.
  • 33.
  • 34.
  • 36. Stuxnet was USB Attack
  • 37.
  • 38. What is Hid Attack or Bad USB? Features: ▶ Contains Malicious Files. ▶ USB Hid Payload (Acts Like Keyboard). ▶ Detection (not so far). ▶ Faster than any Human Hand. ▶ Could take advantage of Driver which is vulnerable to zero day. ▶ Persistent.
  • 41.
  • 42.
  • 43.
  • 44. Hardware Hacking Workshop Facebook.com/rattlemindofficial | @rattleminds |muhsin.gap@gmail.com
  • 45. Questions ? More : Facebook.com/rattlemindofficial | @rattleminds | muhsin.gap@gmail.com

Editor's Notes

  1. We think how to break and secure
  2. Im glad we are r all here to be part of this great community null hyd , lets start
  3. Security thing always teases me think … “What If “ !!!
  4. Mr robot for giving challenges
  5. We have seen mr robot and modern day attacks with hardware also read teaming is using it … so what is Hid
  6. We have seen mr robot and modern day attacks with hardware also read teaming is using it … so what is Hid
  7. We Will use pro micro , which family member of Arduino.
  8. We Will use pro micro , which family member of Arduino.
  9. We Will use pro micro , which family member of Arduino.
  10. Hacking Usb circuit for more
  11. What are the tools needed
  12. Think of these… I started with Arduino, it works for everyone
  13. We Will see Arduino ! “ask audience , could this be our Hid “
  14. We Will see Arduino ! “ask audience , could this be our Hid “….community Support is based on projects people have published.
  15. Rasberry pie for steel mountain hack
  16. Teensy USB Development Board. Technically more advance than arduino ,
  17. We Will see Arduino !
  18. Project in Arduino something looks like this.
  19. It is a free platform
  20. Blinking LED
  21. Make Some Noise
  22. we will make this
  23. First try bigger , than make it smaller.
  24. Think of these… I started with Arduino, it works for everyone
  25. Project in Arduino something looks like this.
  26. Project in Arduino something looks like this.
  27. Project in Arduino something looks like this.
  28. Project in Arduino something looks like this.
  29. https://www.teachmemicro.com/intro-nodemcu-arduino/
  30. Stuxnet is zero day attack…If a worker stuck a USB thumb drive into an infected machine, Stuxnet could, well, worm its way onto it, then spread onto the next machine Risk is Real ?
  31. Stuxnet is zero day attack…If a worker stuck a USB thumb drive into an infected machine, Stuxnet could, well, worm its way onto it, then spread onto the next machine Risk is Real ?
  32. “Pentesters this is for you” May I know which is tool is your favorite. It is actually hid device
  33. By adding modules doing more things
  34. usb firewall http://www.zdnet.com/article/how-to-use-linuxs-built-in-usb-attack-protection/
  35. usb firewall http://www.zdnet.com/article/how-to-use-linuxs-built-in-usb-attack-protection/
  36. Monthly we do workshop , join us at
  37. “Pentesters this is for you” May I know which is tool is your favorite.