Presented at
Black Hat USA 2021,
Aug. 5, 2021, 11:20 a.m.
(40 minutes)
<div><span>IOT devices are widely deployed. Some hotels are now allowing their guests to control their room from their smartphone or other devices.</span></div><div><span><br></span></div><div><span>While traveling in a foreign country, a few nights were booked in a capsule hotel that was using various modern technologies. Capsule hotels are hotels composed of extremely small rooms that are stacked side-by-side.</span></div><div><span><br></span></div><div><span>In this hotel, an iPod touch given at check-in allowed each customer to control their bedroom. It was possible to control the light, change the position of the adjustable bed and control the ventilation fan.</span></div><div><span><br></span></div><div><span>In this presentation, we will share the methodology used to bypass the present security protections and we will show in detail how six different vulnerabilities were combined together and exploited in order to take control of all bedrooms and get revenge on a loud neighbor.</span></div><div><span><br></span></div><div><span>A demo video will be presented.</span></div>
Presenters:
-
Kya Supa
- Security Consultant, LEXFO
Kyasupa is a security consultant at LEXFO. He has been working on exploit development and penetration tests. He has published several security advisories, articles and exploits. He has presented at SSTIC, Hack.lu and HITB.
Links:
Similar Presentations: