SlideShare a Scribd company logo

Hacking and Forensics on the Go with Low-Power Devices

Philip Polstra
Philip Polstra

44Con 2012 presentation on The Deck a brand new full featured penetration testing and forensics platform for the BeagleBoard-xM and BeagleBone

Technology
1 of 45
Download to read offline
Hacking and Forensics on the Go Philip A. Polstra, Sr. @ppolstra DrPhil@polstra.org http://ppolstra.blogspot.com
What is this talk about? ● Hacking and/or forensics with small, low- power devices ● ARM-based Beagleboard & Beaglebone running full suite of security/forensics tools ● Porting tools to a new platform ● USB forensics (now at high speed!!)
Why You Should Care ● A full set of tools that can fit in a child's lunch box ● A full-featured Linux install for flexibility ● Low-power devices can run for days or weeks on battery power ● Small devices can be planted for later retrieval ● Did I mention high-speed USB?
Who is this handsome man with the sexy accent anyway? ● If you were at last year's 44Con & you don't know, you partied much too hard Thursday night ● For the rest of you: – Professor at a medium size (1800 student) private university in Dubuque, Iowa – Programming from age 8 – Hacking hardware from age 12 – Also known to fly and build airplanes
Roadmap ● Choosing a platform ● Selecting a base OS ● Building a base system ● The easy part – leveraging repositories ● The slightly harder part – building tools ● Building your own accessories ● Demonstrations ● Future directions
Choosing a Platform ● Small ● Low-power ● Affordable ● Mature ● Networking built in ● Good USB support ● Convenient input and output
And the Winning Platform is... ● Beagleboard – 3.25” square – <10 Watts – £125 (or buy in USA for only $149) – Based on Cortex A8 – 100 Mbs Ethernet built in – 4 high-speed USB plus USB-on-the-go – DVI-D, S-video, and LCD output – RS-232, webcam, audio, and microSD
Beagleboard
Selecting a Base OS ● Angstrom comes in the box – Optimized for hardware – Nice package management – Poor repository support for our purposes ● Ubuntu is available – Backtrack is based on Ubuntu – Ubuntu is very popular – Good repository and community support
Building a Base Device ● Upgrade to 16GB microSD (8GB would work, but go big) ● Download an image for microSD card – Canonical image or – Robert C. Nelson demo images – I used Nelson's because they are tweaked for Beagleboard and updated frequently ● Good instructions available at http://elinux.org/BeagleBoardUbuntu
The Easy Part – Using Repositories ● Many of the tools we want are available in the standard Ubuntu repositories ● Some are also available as .deb files – Packages written in interpreted languages (Java, Python, PERL, Ruby) usually work out of the box – C-based packages depend on libraries that may or may not be available/installed
The Harder Part – Building Your Own Tools ● Native or cross-compile? ● Native – Straightforward – Can be slow on 1GHz ARM with 512 MB RAM ● Cross-compile – A bit more complicated – Take advantage of multi-core desktop with plenty of RAM
Native Compilation ● “Sudo apt-get install build-essential” is about all you need to be on your way ● Something to keep in mind if you SSH in and use DHCP: Ethernet is via USB chipset and MAC address varies from one boot to next which leads to different address being assigned
Cross-Compile Method 1 ● Download a toolchain “wget http://angstrom- distribution.org/toolchains/angstrom-<ver>-armv7a...” ● Untar toolchain “tar -xf angstrom-<ver>-armv7a-linux-gnueabi- toolchain.tar.bz2 -C” ● Setup build environment “. /usr/local/angstrom/arm/environment- setup” ● Download source ● Configure with “./configure --host=arm-angstrom-linux-gnueabi – prefix=/home/...” ● Build with “make && sudo make install” ● Copy binaries to BB-xM ● Could have problems if there is a kernel mismatch between setup and what is installed to BB-xM
Cross-Compile Method 2 ● Install a toolchain as in Method 1 ● Install Eclipse ● Install C/C++ Development Tools in Eclipse ● Download software ● Use makefile to create Eclipse project ● Create a Build Configuration in Eclipse ● Compile ● Move binaries to BB-xM
Create a Project from the Makefile ● Can have a makefile based project – Simple – Requires slight modification of makefile ● Can use makefile to create Eclipse project – Slightly more involved – Dependencies and special compile flags can be divined from makefile – More flexible if you want to make modifications
Create a Build Configuration ● Right-click project in Project Explorer select Build Configurations-Manage ● Click New to create new configuration ● Set the paths to point to cross-compilation tools for installed toolchain – Set compiler, linker, and assembler commands – Set include and library paths – Good tutorial on http://lvr.com
Cross-Compile Method 3 ● Same as Method 2, but with the addition of remote debugging ● Has advantage of easy transfer of binaries ● In Eclipse under Mobile Development add – C/C++ DSF GDB Debugger Integration – C/C++ Remote Launch – Remote System Explorer End-User Runtime – Remote System Explorer User Actions
Cross-Compile Method 3 (contd.) ● Create /etc/hosts entry for BB-xM IP ● On BB-xM install SSH & GDBServer – “sudo apt-get install ssh” – “sudo apt-get install gdbserver” ● Manually SSH to BB-xM to make sure it works and to set up key cache ● In Eclipse create a connection ● Create .gdbinit file ● Create debug configuration
Create a Connection ● Open Remote System Explorer view ● Select Connection->New->Linux ● Use BB-xM IP with options ssh.files, processes.shell.Linux, ssh.shells, and ssh.terminals ● After creating connection enter IP, user, and password under properties
Create .gdbinit ● Change to the directory with your source code ● “touch .gdbinit” ● Go forth and have fun
Create Debug Configuration ● Run->Debug Configurations->C/C++ Remote Configurations ● Main tab – set configuration ● Set remove absolute path ● Commands to execute before “chmod 777” ● Set path to GDB debugger ● Set the GDB port to an appropriate value
Building Your Own Hardware Accessories
Demo 1 - Hardware
Demo 1 - Hardware
Demo 1 – Chris John Riley
Demo 1 (contd.)
Demo 1 (contd.)
Demo 2 – Wifi Cracking
Demo 2 (contd.)
Demo 2 (contd.)
Demo 3 – Password Cracking
Demo 4 – WPS Cracking
Demo 4 (contd.)
Demo 5 – Pwn Win7 Like Its a Mac
Demo 5 (contd.)
tm Demo 6 – Clickiddies
WTF – I thought you said there would be forensics in this talk!
USB Forensics – Now at High Speed!! ● Use a magical USB hub – Everything connected to magic hub automatically mounted read only – Everything not connected to the magic hub is mounted normally (probably with a prompt, etc.) ● Initially wanted to dive in and hack USB drivers – But there is a better way! ...
Enter Udev Rules ● Udev rules allow you to handle what happens when devices are connected, disconnected, etc. ● Every block device connected downstream of magic hub (parent with appropriate VID/PID) is automatically mounted read only ● Suitable for hard disks and ANYTHING that can be mounted via USB
Udev Rules Reali(z|s)ed ● In /etc/udev/rules.d/10-protectedmt.rules ACTION=="add", SUBSYSTEM=="block", KERNEL=="sd?[1-9]", ATTRS{idVendor}=="1a40", ATTRS{idProduct}=="0101", ENV{PHIL_MOUNT}="1", ENV{PHIL_DEV}="%k", RUN+="/etc/udev/scripts/test.sh %k" ACTION=="remove", SUBSYSTEM=="block", KERNEL=="sd?[1-9]", ATTRS{idVendor}=="1a40", ATTRS{idProduct}=="0101", ENV{PHIL_UNMOUNT}="1", RUN+="/etc/udev/scripts/test3.sh %k" ENV{PHIL_MOUNT}=="1", ENV{UDISKS_PRESENTATION_HIDE}="1", ENV{UDISKS_AUTOMOUNT_HINT}="never", RUN+="/etc/udev/scripts/test2.sh" ENV{PHIL_MOUNT}!="1", ENV{UDISKS_PRESENTATION_HIDE}="0", ENV{UDISKS_AUTOMOUNT_HINT}="always" ENV{PHIL_UNMOUNT}=="1", RUN+="/etc/udev/scripts/test4.sh"
Udev Rules Scripts ● /etc/udev/scripts/test.sh #!/bin/bash echo "#!/bin/bash" > /etc/udev/scripts/test2.sh echo "mkdir /media/$1" >> /etc/udev/scripts/test2.sh echo "chmod 777 /media/$1" >> /etc/udev/scripts/test2.sh echo "/bin/mount /dev/$1 -o ro,noatime /media/$1" >> /etc/udev/scripts/test2.sh chmod +x /etc/udev/scripts/test2.sh
Udev Rules Scripts (contd.) ● /etc/udev/scripts/test3.sh #!/bin/bash echo "#!/bin/bash" > /etc/udev/scripts/test4.sh echo "/bin/umount /dev/$1" >> /etc/udev/scripts/test4.sh echo "rmdir /media/$1" >> /etc/udev/scripts/test4.sh chmod +x /etc/udev/scripts/test4.sh
Future Directions ● Continue to add useful packages as need arises ● Optimize some packages for BB-xM ● Other output devices ● Port to BeagleBone ● Custom printed case ● Associate with a standard pentest distro ● Port to another platform
Questions?

Recommended

Rapidly developing IoT (Internet of Things) applications - Part 2: Arduino, B...
Rapidly developing IoT (Internet of Things) applications - Part 2: Arduino, B...Rapidly developing IoT (Internet of Things) applications - Part 2: Arduino, B...
Rapidly developing IoT (Internet of Things) applications - Part 2: Arduino, B...Raul Chong
 
Thotcon2013
Thotcon2013Thotcon2013
Thotcon2013Philip Polstra
 
The Deck by Phil Polstra GrrCON2012
The Deck by Phil Polstra GrrCON2012The Deck by Phil Polstra GrrCON2012
The Deck by Phil Polstra GrrCON2012Philip Polstra
 
Cyberhijacking Airplanes Truth or Fiction
Cyberhijacking Airplanes Truth or FictionCyberhijacking Airplanes Truth or Fiction
Cyberhijacking Airplanes Truth or FictionPhilip Polstra
 
Philip polstra
Philip polstraPhilip polstra
Philip polstraPhilip Polstra
 
Hardware Hacking area: Make Cool Things with Microcontrollers (and learn to s...
Hardware Hacking area: Make Cool Things with Microcontrollers (and learn to s...Hardware Hacking area: Make Cool Things with Microcontrollers (and learn to s...
Hardware Hacking area: Make Cool Things with Microcontrollers (and learn to s...codebits
 
Raspberry Pi and Amateur Radio
Raspberry Pi and Amateur RadioRaspberry Pi and Amateur Radio
Raspberry Pi and Amateur RadioKevin Hooke
 
Beagle board
Beagle boardBeagle board
Beagle boardKondaveeti Arun Gopal
 

Recommended

Rapidly developing IoT (Internet of Things) applications - Part 2: Arduino, B...
Rapidly developing IoT (Internet of Things) applications - Part 2: Arduino, B...Rapidly developing IoT (Internet of Things) applications - Part 2: Arduino, B...
Rapidly developing IoT (Internet of Things) applications - Part 2: Arduino, B...Raul Chong
 
Thotcon2013
Thotcon2013Thotcon2013
Thotcon2013Philip Polstra
 
The Deck by Phil Polstra GrrCON2012
The Deck by Phil Polstra GrrCON2012The Deck by Phil Polstra GrrCON2012
The Deck by Phil Polstra GrrCON2012Philip Polstra
 
Cyberhijacking Airplanes Truth or Fiction
Cyberhijacking Airplanes Truth or FictionCyberhijacking Airplanes Truth or Fiction
Cyberhijacking Airplanes Truth or FictionPhilip Polstra
 
Philip polstra
Philip polstraPhilip polstra
Philip polstraPhilip Polstra
 
Hardware Hacking area: Make Cool Things with Microcontrollers (and learn to s...
Hardware Hacking area: Make Cool Things with Microcontrollers (and learn to s...Hardware Hacking area: Make Cool Things with Microcontrollers (and learn to s...
Hardware Hacking area: Make Cool Things with Microcontrollers (and learn to s...codebits
 
Raspberry Pi and Amateur Radio
Raspberry Pi and Amateur RadioRaspberry Pi and Amateur Radio
Raspberry Pi and Amateur RadioKevin Hooke
 
Beagle board
Beagle boardBeagle board
Beagle boardKondaveeti Arun Gopal
 
Introduction To The Beagleboard
Introduction To The BeagleboardIntroduction To The Beagleboard
Introduction To The BeagleboardNeHal VeRma
 
Beagle board101 esc-boston-2009b
Beagle board101 esc-boston-2009bBeagle board101 esc-boston-2009b
Beagle board101 esc-boston-2009bMichael Hallak-Stamler
 
Hardware hacking
Hardware hackingHardware hacking
Hardware hackingTavish Naruka
 
Introduction to beagle board
Introduction to beagle boardIntroduction to beagle board
Introduction to beagle boardAmit Karpe
 
Taking the BeagleBone Cookbook recipes beyond BeagleBone Black
Taking the BeagleBone Cookbook recipes beyond BeagleBone BlackTaking the BeagleBone Cookbook recipes beyond BeagleBone Black
Taking the BeagleBone Cookbook recipes beyond BeagleBone BlackDrew Fustini
 
PCB Business Card
PCB Business CardPCB Business Card
PCB Business Cardyeokm1
 
Internet of things - with routers
Internet of things - with routersInternet of things - with routers
Internet of things - with routersTavish Naruka
 
Hands On Embedded Linux with BeagleBone Black
Hands On Embedded Linux with BeagleBone BlackHands On Embedded Linux with BeagleBone Black
Hands On Embedded Linux with BeagleBone BlackDaniele Costarella
 
Redteaming HID attacks
Redteaming HID attacksRedteaming HID attacks
Redteaming HID attacksJuan Espin
 
Bus Pirate Workshop Ruxcon Hardware Hacking 2017
Bus Pirate Workshop Ruxcon Hardware Hacking 2017Bus Pirate Workshop Ruxcon Hardware Hacking 2017
Bus Pirate Workshop Ruxcon Hardware Hacking 2017Tim N
 
Controlling USB Flash Drive Controllers: Expose of Hidden Features
Controlling USB Flash Drive Controllers: Expose of Hidden FeaturesControlling USB Flash Drive Controllers: Expose of Hidden Features
Controlling USB Flash Drive Controllers: Expose of Hidden Featuresxabean
 
Kernel Recipes 2017 - HDMI CEC: Status Report - Hans Verkuil
Kernel Recipes 2017 - HDMI CEC: Status Report - Hans VerkuilKernel Recipes 2017 - HDMI CEC: Status Report - Hans Verkuil
Kernel Recipes 2017 - HDMI CEC: Status Report - Hans VerkuilAnne Nicolas
 
Windows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardwareWindows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardwareyeokm1
 
Reflections on Trusting Trust
Reflections on Trusting TrustReflections on Trusting Trust
Reflections on Trusting Trustyeokm1
 
BeagleBone black
BeagleBone blackBeagleBone black
BeagleBone blackRaja Vedula
 
Useful USB Gadgets on Linux
Useful USB Gadgets on LinuxUseful USB Gadgets on Linux
Useful USB Gadgets on LinuxGary Bisson
 
Kernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime Ripard
Kernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime RipardKernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime Ripard
Kernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime RipardAnne Nicolas
 
[ENG] IPv6 shipworm + My little Windows domain pwnie
[ENG] IPv6 shipworm + My little Windows domain pwnie[ENG] IPv6 shipworm + My little Windows domain pwnie
[ENG] IPv6 shipworm + My little Windows domain pwnieZoltan Balazs
 
A Science Project: Building a sound card based on the Covox Speech Thing
A Science Project: Building a sound card based on the Covox Speech ThingA Science Project: Building a sound card based on the Covox Speech Thing
A Science Project: Building a sound card based on the Covox Speech Thingyeokm1
 
Am I being spied on: Low-tech ways of detecting high-tech surveillance (DEFCO...
Am I being spied on: Low-tech ways of detecting high-tech surveillance (DEFCO...Am I being spied on: Low-tech ways of detecting high-tech surveillance (DEFCO...
Am I being spied on: Low-tech ways of detecting high-tech surveillance (DEFCO...Philip Polstra
 
Closing
ClosingClosing
ClosingMediaEval2012
 
The Watershed-based Social Events Detection Method with Support from External...
The Watershed-based Social Events Detection Method with Support from External...The Watershed-based Social Events Detection Method with Support from External...
The Watershed-based Social Events Detection Method with Support from External...MediaEval2012
 

More Related Content

What's hot

Introduction To The Beagleboard
Introduction To The BeagleboardIntroduction To The Beagleboard
Introduction To The BeagleboardNeHal VeRma
 
Introduction to beagle board
Introduction to beagle boardIntroduction to beagle board
Introduction to beagle boardAmit Karpe
 
Taking the BeagleBone Cookbook recipes beyond BeagleBone Black
Taking the BeagleBone Cookbook recipes beyond BeagleBone BlackTaking the BeagleBone Cookbook recipes beyond BeagleBone Black
Taking the BeagleBone Cookbook recipes beyond BeagleBone BlackDrew Fustini
 
PCB Business Card
PCB Business CardPCB Business Card
PCB Business Cardyeokm1
 
Internet of things - with routers
Internet of things - with routersInternet of things - with routers
Internet of things - with routersTavish Naruka
 
Hands On Embedded Linux with BeagleBone Black
Hands On Embedded Linux with BeagleBone BlackHands On Embedded Linux with BeagleBone Black
Hands On Embedded Linux with BeagleBone BlackDaniele Costarella
 
Redteaming HID attacks
Redteaming HID attacksRedteaming HID attacks
Redteaming HID attacksJuan Espin
 
Bus Pirate Workshop Ruxcon Hardware Hacking 2017
Bus Pirate Workshop Ruxcon Hardware Hacking 2017Bus Pirate Workshop Ruxcon Hardware Hacking 2017
Bus Pirate Workshop Ruxcon Hardware Hacking 2017Tim N
 
Controlling USB Flash Drive Controllers: Expose of Hidden Features
Controlling USB Flash Drive Controllers: Expose of Hidden FeaturesControlling USB Flash Drive Controllers: Expose of Hidden Features
Controlling USB Flash Drive Controllers: Expose of Hidden Featuresxabean
 
Kernel Recipes 2017 - HDMI CEC: Status Report - Hans Verkuil
Kernel Recipes 2017 - HDMI CEC: Status Report - Hans VerkuilKernel Recipes 2017 - HDMI CEC: Status Report - Hans Verkuil
Kernel Recipes 2017 - HDMI CEC: Status Report - Hans VerkuilAnne Nicolas
 
Windows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardwareWindows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardwareyeokm1
 
Reflections on Trusting Trust
Reflections on Trusting TrustReflections on Trusting Trust
Reflections on Trusting Trustyeokm1
 
BeagleBone black
BeagleBone blackBeagleBone black
BeagleBone blackRaja Vedula
 
Useful USB Gadgets on Linux
Useful USB Gadgets on LinuxUseful USB Gadgets on Linux
Useful USB Gadgets on LinuxGary Bisson
 
Kernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime Ripard
Kernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime RipardKernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime Ripard
Kernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime RipardAnne Nicolas
 
[ENG] IPv6 shipworm + My little Windows domain pwnie
[ENG] IPv6 shipworm + My little Windows domain pwnie[ENG] IPv6 shipworm + My little Windows domain pwnie
[ENG] IPv6 shipworm + My little Windows domain pwnieZoltan Balazs
 
A Science Project: Building a sound card based on the Covox Speech Thing
A Science Project: Building a sound card based on the Covox Speech ThingA Science Project: Building a sound card based on the Covox Speech Thing
A Science Project: Building a sound card based on the Covox Speech Thingyeokm1
 

What's hot (19)

Introduction To The Beagleboard
Introduction To The BeagleboardIntroduction To The Beagleboard
Introduction To The Beagleboard
 
Beagle board101 esc-boston-2009b
Beagle board101 esc-boston-2009bBeagle board101 esc-boston-2009b
Beagle board101 esc-boston-2009b
 
Hardware hacking
Hardware hackingHardware hacking
Hardware hacking
 
Introduction to beagle board
Introduction to beagle boardIntroduction to beagle board
Introduction to beagle board
 
Taking the BeagleBone Cookbook recipes beyond BeagleBone Black
Taking the BeagleBone Cookbook recipes beyond BeagleBone BlackTaking the BeagleBone Cookbook recipes beyond BeagleBone Black
Taking the BeagleBone Cookbook recipes beyond BeagleBone Black
 
PCB Business Card
PCB Business CardPCB Business Card
PCB Business Card
 
Internet of things - with routers
Internet of things - with routersInternet of things - with routers
Internet of things - with routers
 
Hands On Embedded Linux with BeagleBone Black
Hands On Embedded Linux with BeagleBone BlackHands On Embedded Linux with BeagleBone Black
Hands On Embedded Linux with BeagleBone Black
 
Redteaming HID attacks
Redteaming HID attacksRedteaming HID attacks
Redteaming HID attacks
 
Bus Pirate Workshop Ruxcon Hardware Hacking 2017
Bus Pirate Workshop Ruxcon Hardware Hacking 2017Bus Pirate Workshop Ruxcon Hardware Hacking 2017
Bus Pirate Workshop Ruxcon Hardware Hacking 2017
 
Controlling USB Flash Drive Controllers: Expose of Hidden Features
Controlling USB Flash Drive Controllers: Expose of Hidden FeaturesControlling USB Flash Drive Controllers: Expose of Hidden Features
Controlling USB Flash Drive Controllers: Expose of Hidden Features
 
Kernel Recipes 2017 - HDMI CEC: Status Report - Hans Verkuil
Kernel Recipes 2017 - HDMI CEC: Status Report - Hans VerkuilKernel Recipes 2017 - HDMI CEC: Status Report - Hans Verkuil
Kernel Recipes 2017 - HDMI CEC: Status Report - Hans Verkuil
 
Windows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardwareWindows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardware
 
Reflections on Trusting Trust
Reflections on Trusting TrustReflections on Trusting Trust
Reflections on Trusting Trust
 
BeagleBone black
BeagleBone blackBeagleBone black
BeagleBone black
 
Useful USB Gadgets on Linux
Useful USB Gadgets on LinuxUseful USB Gadgets on Linux
Useful USB Gadgets on Linux
 
Kernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime Ripard
Kernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime RipardKernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime Ripard
Kernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime Ripard
 
[ENG] IPv6 shipworm + My little Windows domain pwnie
[ENG] IPv6 shipworm + My little Windows domain pwnie[ENG] IPv6 shipworm + My little Windows domain pwnie
[ENG] IPv6 shipworm + My little Windows domain pwnie
 
A Science Project: Building a sound card based on the Covox Speech Thing
A Science Project: Building a sound card based on the Covox Speech ThingA Science Project: Building a sound card based on the Covox Speech Thing
A Science Project: Building a sound card based on the Covox Speech Thing
 

Viewers also liked

Am I being spied on: Low-tech ways of detecting high-tech surveillance (DEFCO...
Am I being spied on: Low-tech ways of detecting high-tech surveillance (DEFCO...Am I being spied on: Low-tech ways of detecting high-tech surveillance (DEFCO...
Am I being spied on: Low-tech ways of detecting high-tech surveillance (DEFCO...Philip Polstra
 
The Watershed-based Social Events Detection Method with Support from External...
The Watershed-based Social Events Detection Method with Support from External...The Watershed-based Social Events Detection Method with Support from External...
The Watershed-based Social Events Detection Method with Support from External...MediaEval2012
 
Violent Scenes Detection with Large, Brute-forced Acoustic and Visual Feature...
Violent Scenes Detection with Large, Brute-forced Acoustic and Visual Feature...Violent Scenes Detection with Large, Brute-forced Acoustic and Visual Feature...
Violent Scenes Detection with Large, Brute-forced Acoustic and Visual Feature...MediaEval2012
 
MediaEval 2012 Opening
MediaEval 2012 OpeningMediaEval 2012 Opening
MediaEval 2012 OpeningMediaEval2012
 
Overview of MediaEval 2012 Visual Privacy Task
Overview of MediaEval 2012 Visual Privacy TaskOverview of MediaEval 2012 Visual Privacy Task
Overview of MediaEval 2012 Visual Privacy TaskMediaEval2012
 
Event Detection via LDA for the MediaEval2012 SED Task
Event Detection via LDA for the MediaEval2012 SED TaskEvent Detection via LDA for the MediaEval2012 SED Task
Event Detection via LDA for the MediaEval2012 SED TaskMediaEval2012
 
The JHU-HLTCOE Spoken Web Search System for MediaEval 2012
The JHU-HLTCOE Spoken Web Search System for MediaEval 2012The JHU-HLTCOE Spoken Web Search System for MediaEval 2012
The JHU-HLTCOE Spoken Web Search System for MediaEval 2012MediaEval2012
 
Violence Detection in Video by Large Scale Multi-Scale Local Binary Pattern D...
Violence Detection in Video by Large Scale Multi-Scale Local Binary Pattern D...Violence Detection in Video by Large Scale Multi-Scale Local Binary Pattern D...
Violence Detection in Video by Large Scale Multi-Scale Local Binary Pattern D...MediaEval2012
 
John Richards: My Life Lessons As An Entrepreneur
John Richards: My Life Lessons As An EntrepreneurJohn Richards: My Life Lessons As An Entrepreneur
John Richards: My Life Lessons As An EntrepreneurGrow America
 
תחרות אלוף הידע
תחרות אלוף הידעתחרות אלוף הידע
תחרות אלוף הידעsabal1
 
CERTH @ MediaEval 2012 Social Event Detection Task
CERTH @ MediaEval 2012 Social Event Detection TaskCERTH @ MediaEval 2012 Social Event Detection Task
CERTH @ MediaEval 2012 Social Event Detection TaskMediaEval2012
 
LIG at MediaEval 2012 affect task: use of a generic method
LIG at MediaEval 2012 affect task: use of a generic methodLIG at MediaEval 2012 affect task: use of a generic method
LIG at MediaEval 2012 affect task: use of a generic methodMediaEval2012
 
When Ideas and Opportunities Collide
When Ideas and Opportunities CollideWhen Ideas and Opportunities Collide
When Ideas and Opportunities CollideGrow America
 
MediaEval 2012 Visual Privacy Task: Privacy and Intelligibility through Pixel...
MediaEval 2012 Visual Privacy Task: Privacy and Intelligibility through Pixel...MediaEval 2012 Visual Privacy Task: Privacy and Intelligibility through Pixel...
MediaEval 2012 Visual Privacy Task: Privacy and Intelligibility through Pixel...MediaEval2012
 
Idea or opportunity?
Idea or opportunity?Idea or opportunity?
Idea or opportunity?Grow America
 
Simha_23_REFFIT_Biochar_ICT_Published Version
Simha_23_REFFIT_Biochar_ICT_Published VersionSimha_23_REFFIT_Biochar_ICT_Published Version
Simha_23_REFFIT_Biochar_ICT_Published VersionPrithvi Simha
 
Search and Hyperlinking Task at MediaEval 2012
Search and Hyperlinking Task at MediaEval 2012Search and Hyperlinking Task at MediaEval 2012
Search and Hyperlinking Task at MediaEval 2012MediaEval2012
 

Viewers also liked (19)

Am I being spied on: Low-tech ways of detecting high-tech surveillance (DEFCO...
Am I being spied on: Low-tech ways of detecting high-tech surveillance (DEFCO...Am I being spied on: Low-tech ways of detecting high-tech surveillance (DEFCO...
Am I being spied on: Low-tech ways of detecting high-tech surveillance (DEFCO...
 
Closing
ClosingClosing
Closing
 
The Watershed-based Social Events Detection Method with Support from External...
The Watershed-based Social Events Detection Method with Support from External...The Watershed-based Social Events Detection Method with Support from External...
The Watershed-based Social Events Detection Method with Support from External...
 
Violent Scenes Detection with Large, Brute-forced Acoustic and Visual Feature...
Violent Scenes Detection with Large, Brute-forced Acoustic and Visual Feature...Violent Scenes Detection with Large, Brute-forced Acoustic and Visual Feature...
Violent Scenes Detection with Large, Brute-forced Acoustic and Visual Feature...
 
MediaEval 2012 Opening
MediaEval 2012 OpeningMediaEval 2012 Opening
MediaEval 2012 Opening
 
Live pitch event
Live pitch eventLive pitch event
Live pitch event
 
Overview of MediaEval 2012 Visual Privacy Task
Overview of MediaEval 2012 Visual Privacy TaskOverview of MediaEval 2012 Visual Privacy Task
Overview of MediaEval 2012 Visual Privacy Task
 
Event Detection via LDA for the MediaEval2012 SED Task
Event Detection via LDA for the MediaEval2012 SED TaskEvent Detection via LDA for the MediaEval2012 SED Task
Event Detection via LDA for the MediaEval2012 SED Task
 
The JHU-HLTCOE Spoken Web Search System for MediaEval 2012
The JHU-HLTCOE Spoken Web Search System for MediaEval 2012The JHU-HLTCOE Spoken Web Search System for MediaEval 2012
The JHU-HLTCOE Spoken Web Search System for MediaEval 2012
 
Violence Detection in Video by Large Scale Multi-Scale Local Binary Pattern D...
Violence Detection in Video by Large Scale Multi-Scale Local Binary Pattern D...Violence Detection in Video by Large Scale Multi-Scale Local Binary Pattern D...
Violence Detection in Video by Large Scale Multi-Scale Local Binary Pattern D...
 
John Richards: My Life Lessons As An Entrepreneur
John Richards: My Life Lessons As An EntrepreneurJohn Richards: My Life Lessons As An Entrepreneur
John Richards: My Life Lessons As An Entrepreneur
 
תחרות אלוף הידע
תחרות אלוף הידעתחרות אלוף הידע
תחרות אלוף הידע
 
CERTH @ MediaEval 2012 Social Event Detection Task
CERTH @ MediaEval 2012 Social Event Detection TaskCERTH @ MediaEval 2012 Social Event Detection Task
CERTH @ MediaEval 2012 Social Event Detection Task
 
LIG at MediaEval 2012 affect task: use of a generic method
LIG at MediaEval 2012 affect task: use of a generic methodLIG at MediaEval 2012 affect task: use of a generic method
LIG at MediaEval 2012 affect task: use of a generic method
 
When Ideas and Opportunities Collide
When Ideas and Opportunities CollideWhen Ideas and Opportunities Collide
When Ideas and Opportunities Collide
 
MediaEval 2012 Visual Privacy Task: Privacy and Intelligibility through Pixel...
MediaEval 2012 Visual Privacy Task: Privacy and Intelligibility through Pixel...MediaEval 2012 Visual Privacy Task: Privacy and Intelligibility through Pixel...
MediaEval 2012 Visual Privacy Task: Privacy and Intelligibility through Pixel...
 
Idea or opportunity?
Idea or opportunity?Idea or opportunity?
Idea or opportunity?
 
Simha_23_REFFIT_Biochar_ICT_Published Version
Simha_23_REFFIT_Biochar_ICT_Published VersionSimha_23_REFFIT_Biochar_ICT_Published Version
Simha_23_REFFIT_Biochar_ICT_Published Version
 
Search and Hyperlinking Task at MediaEval 2012
Search and Hyperlinking Task at MediaEval 2012Search and Hyperlinking Task at MediaEval 2012
Search and Hyperlinking Task at MediaEval 2012
 

Similar to Hacking and Forensics on the Go with Low-Power Devices

Embedded Linux Systems Basics
Embedded Linux Systems BasicsEmbedded Linux Systems Basics
Embedded Linux Systems BasicsMax Henery
 
Strategies for developing and deploying your embedded applications and images
Strategies for developing and deploying your embedded applications and imagesStrategies for developing and deploying your embedded applications and images
Strategies for developing and deploying your embedded applications and imagesMender.io
 
Introduction to linux
Introduction to linuxIntroduction to linux
Introduction to linuxplarsen67
 
Android for Embedded Linux Developers
Android for Embedded Linux DevelopersAndroid for Embedded Linux Developers
Android for Embedded Linux DevelopersOpersys inc.
 
Asiabsdcon2013
Asiabsdcon2013Asiabsdcon2013
Asiabsdcon2013krispcbsd
 
Cobbler, Func and Puppet: Tools for Large Scale Environments
Cobbler, Func and Puppet: Tools for Large Scale EnvironmentsCobbler, Func and Puppet: Tools for Large Scale Environments
Cobbler, Func and Puppet: Tools for Large Scale EnvironmentsMichael Zhang
 
The internet of $h1t
The internet of $h1tThe internet of $h1t
The internet of $h1tAmit Serper
 
Building Embedded Linux Full Tutorial for ARM
Building Embedded Linux Full Tutorial for ARMBuilding Embedded Linux Full Tutorial for ARM
Building Embedded Linux Full Tutorial for ARMSherif Mousa
 
Embedded Linux primer
Embedded Linux primerEmbedded Linux primer
Embedded Linux primerDrew Fustini
 
Intro To Gentoo Embedded Cclug
Intro To Gentoo Embedded CclugIntro To Gentoo Embedded Cclug
Intro To Gentoo Embedded CclugSteve Arnold
 
Perfect Linux Desktop - OpenSuSE 12.2
Perfect Linux Desktop - OpenSuSE 12.2Perfect Linux Desktop - OpenSuSE 12.2
Perfect Linux Desktop - OpenSuSE 12.2Davor Guttierrez
 

Similar to Hacking and Forensics on the Go with Low-Power Devices (20)

Embedded Linux Systems Basics
Embedded Linux Systems BasicsEmbedded Linux Systems Basics
Embedded Linux Systems Basics
 
MIPS-X
MIPS-XMIPS-X
MIPS-X
 
Strategies for developing and deploying your embedded applications and images
Strategies for developing and deploying your embedded applications and imagesStrategies for developing and deploying your embedded applications and images
Strategies for developing and deploying your embedded applications and images
 
Introduction to linux
Introduction to linuxIntroduction to linux
Introduction to linux
 
Texas 2013
Texas 2013Texas 2013
Texas 2013
 
Self 2013
Self 2013Self 2013
Self 2013
 
BSDCan2013
BSDCan2013BSDCan2013
BSDCan2013
 
Android for Embedded Linux Developers
Android for Embedded Linux DevelopersAndroid for Embedded Linux Developers
Android for Embedded Linux Developers
 
Asiabsdcon2013
Asiabsdcon2013Asiabsdcon2013
Asiabsdcon2013
 
Ilf2013
Ilf2013Ilf2013
Ilf2013
 
Scale2013
Scale2013Scale2013
Scale2013
 
Cobbler, Func and Puppet: Tools for Large Scale Environments
Cobbler, Func and Puppet: Tools for Large Scale EnvironmentsCobbler, Func and Puppet: Tools for Large Scale Environments
Cobbler, Func and Puppet: Tools for Large Scale Environments
 
Cobbler, Func and Puppet: Tools for Large Scale Environments
Cobbler, Func and Puppet: Tools for Large Scale EnvironmentsCobbler, Func and Puppet: Tools for Large Scale Environments
Cobbler, Func and Puppet: Tools for Large Scale Environments
 
The internet of $h1t
The internet of $h1tThe internet of $h1t
The internet of $h1t
 
Building Embedded Linux Full Tutorial for ARM
Building Embedded Linux Full Tutorial for ARMBuilding Embedded Linux Full Tutorial for ARM
Building Embedded Linux Full Tutorial for ARM
 
Embedded Linux primer
Embedded Linux primerEmbedded Linux primer
Embedded Linux primer
 
Intro To Gentoo Embedded Cclug
Intro To Gentoo Embedded CclugIntro To Gentoo Embedded Cclug
Intro To Gentoo Embedded Cclug
 
Perfect Linux Desktop - OpenSuSE 12.2
Perfect Linux Desktop - OpenSuSE 12.2Perfect Linux Desktop - OpenSuSE 12.2
Perfect Linux Desktop - OpenSuSE 12.2
 
Security Onion
Security OnionSecurity Onion
Security Onion
 
eurobsd2013
eurobsd2013eurobsd2013
eurobsd2013
 

Recently uploaded

Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 

Recently uploaded (20)

Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 

Hacking and Forensics on the Go with Low-Power Devices

  • 1. Hacking and Forensics on the Go Philip A. Polstra, Sr. @ppolstra DrPhil@polstra.org http://ppolstra.blogspot.com
  • 2. What is this talk about? ● Hacking and/or forensics with small, low- power devices ● ARM-based Beagleboard & Beaglebone running full suite of security/forensics tools ● Porting tools to a new platform ● USB forensics (now at high speed!!)
  • 3. Why You Should Care ● A full set of tools that can fit in a child's lunch box ● A full-featured Linux install for flexibility ● Low-power devices can run for days or weeks on battery power ● Small devices can be planted for later retrieval ● Did I mention high-speed USB?
  • 4. Who is this handsome man with the sexy accent anyway? ● If you were at last year's 44Con & you don't know, you partied much too hard Thursday night ● For the rest of you: – Professor at a medium size (1800 student) private university in Dubuque, Iowa – Programming from age 8 – Hacking hardware from age 12 – Also known to fly and build airplanes
  • 5. Roadmap ● Choosing a platform ● Selecting a base OS ● Building a base system ● The easy part – leveraging repositories ● The slightly harder part – building tools ● Building your own accessories ● Demonstrations ● Future directions
  • 6. Choosing a Platform ● Small ● Low-power ● Affordable ● Mature ● Networking built in ● Good USB support ● Convenient input and output
  • 7. And the Winning Platform is... ● Beagleboard – 3.25” square – <10 Watts – £125 (or buy in USA for only $149) – Based on Cortex A8 – 100 Mbs Ethernet built in – 4 high-speed USB plus USB-on-the-go – DVI-D, S-video, and LCD output – RS-232, webcam, audio, and microSD
  • 9. Selecting a Base OS ● Angstrom comes in the box – Optimized for hardware – Nice package management – Poor repository support for our purposes ● Ubuntu is available – Backtrack is based on Ubuntu – Ubuntu is very popular – Good repository and community support
  • 10. Building a Base Device ● Upgrade to 16GB microSD (8GB would work, but go big) ● Download an image for microSD card – Canonical image or – Robert C. Nelson demo images – I used Nelson's because they are tweaked for Beagleboard and updated frequently ● Good instructions available at http://elinux.org/BeagleBoardUbuntu
  • 11. The Easy Part – Using Repositories ● Many of the tools we want are available in the standard Ubuntu repositories ● Some are also available as .deb files – Packages written in interpreted languages (Java, Python, PERL, Ruby) usually work out of the box – C-based packages depend on libraries that may or may not be available/installed
  • 12. The Harder Part – Building Your Own Tools ● Native or cross-compile? ● Native – Straightforward – Can be slow on 1GHz ARM with 512 MB RAM ● Cross-compile – A bit more complicated – Take advantage of multi-core desktop with plenty of RAM
  • 13. Native Compilation ● “Sudo apt-get install build-essential” is about all you need to be on your way ● Something to keep in mind if you SSH in and use DHCP: Ethernet is via USB chipset and MAC address varies from one boot to next which leads to different address being assigned
  • 14. Cross-Compile Method 1 ● Download a toolchain “wget http://angstrom- distribution.org/toolchains/angstrom-<ver>-armv7a...” ● Untar toolchain “tar -xf angstrom-<ver>-armv7a-linux-gnueabi- toolchain.tar.bz2 -C” ● Setup build environment “. /usr/local/angstrom/arm/environment- setup” ● Download source ● Configure with “./configure --host=arm-angstrom-linux-gnueabi – prefix=/home/...” ● Build with “make && sudo make install” ● Copy binaries to BB-xM ● Could have problems if there is a kernel mismatch between setup and what is installed to BB-xM
  • 15. Cross-Compile Method 2 ● Install a toolchain as in Method 1 ● Install Eclipse ● Install C/C++ Development Tools in Eclipse ● Download software ● Use makefile to create Eclipse project ● Create a Build Configuration in Eclipse ● Compile ● Move binaries to BB-xM
  • 16. Create a Project from the Makefile ● Can have a makefile based project – Simple – Requires slight modification of makefile ● Can use makefile to create Eclipse project – Slightly more involved – Dependencies and special compile flags can be divined from makefile – More flexible if you want to make modifications
  • 17. Create a Build Configuration ● Right-click project in Project Explorer select Build Configurations-Manage ● Click New to create new configuration ● Set the paths to point to cross-compilation tools for installed toolchain – Set compiler, linker, and assembler commands – Set include and library paths – Good tutorial on http://lvr.com
  • 18. Cross-Compile Method 3 ● Same as Method 2, but with the addition of remote debugging ● Has advantage of easy transfer of binaries ● In Eclipse under Mobile Development add – C/C++ DSF GDB Debugger Integration – C/C++ Remote Launch – Remote System Explorer End-User Runtime – Remote System Explorer User Actions
  • 19. Cross-Compile Method 3 (contd.) ● Create /etc/hosts entry for BB-xM IP ● On BB-xM install SSH & GDBServer – “sudo apt-get install ssh” – “sudo apt-get install gdbserver” ● Manually SSH to BB-xM to make sure it works and to set up key cache ● In Eclipse create a connection ● Create .gdbinit file ● Create debug configuration
  • 20. Create a Connection ● Open Remote System Explorer view ● Select Connection->New->Linux ● Use BB-xM IP with options ssh.files, processes.shell.Linux, ssh.shells, and ssh.terminals ● After creating connection enter IP, user, and password under properties
  • 21. Create .gdbinit ● Change to the directory with your source code ● “touch .gdbinit” ● Go forth and have fun
  • 22. Create Debug Configuration ● Run->Debug Configurations->C/C++ Remote Configurations ● Main tab – set configuration ● Set remove absolute path ● Commands to execute before “chmod 777” ● Set path to GDB debugger ● Set the GDB port to an appropriate value
  • 23. Building Your Own Hardware Accessories
  • 24. Demo 1 - Hardware
  • 25. Demo 1 - Hardware
  • 26. Demo 1 – Chris John Riley
  • 29. Demo 2 – Wifi Cracking
  • 32. Demo 3 – Password Cracking
  • 33. Demo 4 – WPS Cracking
  • 35. Demo 5 – Pwn Win7 Like Its a Mac
  • 37. tm Demo 6 – Clickiddies
  • 38. WTF – I thought you said there would be forensics in this talk!
  • 39. USB Forensics – Now at High Speed!! ● Use a magical USB hub – Everything connected to magic hub automatically mounted read only – Everything not connected to the magic hub is mounted normally (probably with a prompt, etc.) ● Initially wanted to dive in and hack USB drivers – But there is a better way! ...
  • 40. Enter Udev Rules ● Udev rules allow you to handle what happens when devices are connected, disconnected, etc. ● Every block device connected downstream of magic hub (parent with appropriate VID/PID) is automatically mounted read only ● Suitable for hard disks and ANYTHING that can be mounted via USB
  • 41. Udev Rules Reali(z|s)ed ● In /etc/udev/rules.d/10-protectedmt.rules ACTION=="add", SUBSYSTEM=="block", KERNEL=="sd?[1-9]", ATTRS{idVendor}=="1a40", ATTRS{idProduct}=="0101", ENV{PHIL_MOUNT}="1", ENV{PHIL_DEV}="%k", RUN+="/etc/udev/scripts/test.sh %k" ACTION=="remove", SUBSYSTEM=="block", KERNEL=="sd?[1-9]", ATTRS{idVendor}=="1a40", ATTRS{idProduct}=="0101", ENV{PHIL_UNMOUNT}="1", RUN+="/etc/udev/scripts/test3.sh %k" ENV{PHIL_MOUNT}=="1", ENV{UDISKS_PRESENTATION_HIDE}="1", ENV{UDISKS_AUTOMOUNT_HINT}="never", RUN+="/etc/udev/scripts/test2.sh" ENV{PHIL_MOUNT}!="1", ENV{UDISKS_PRESENTATION_HIDE}="0", ENV{UDISKS_AUTOMOUNT_HINT}="always" ENV{PHIL_UNMOUNT}=="1", RUN+="/etc/udev/scripts/test4.sh"
  • 42. Udev Rules Scripts ● /etc/udev/scripts/test.sh #!/bin/bash echo "#!/bin/bash" > /etc/udev/scripts/test2.sh echo "mkdir /media/$1" >> /etc/udev/scripts/test2.sh echo "chmod 777 /media/$1" >> /etc/udev/scripts/test2.sh echo "/bin/mount /dev/$1 -o ro,noatime /media/$1" >> /etc/udev/scripts/test2.sh chmod +x /etc/udev/scripts/test2.sh
  • 43. Udev Rules Scripts (contd.) ● /etc/udev/scripts/test3.sh #!/bin/bash echo "#!/bin/bash" > /etc/udev/scripts/test4.sh echo "/bin/umount /dev/$1" >> /etc/udev/scripts/test4.sh echo "rmdir /media/$1" >> /etc/udev/scripts/test4.sh chmod +x /etc/udev/scripts/test4.sh
  • 44. Future Directions ● Continue to add useful packages as need arises ● Optimize some packages for BB-xM ● Other output devices ● Port to BeagleBone ● Custom printed case ● Associate with a standard pentest distro ● Port to another platform