Hack All The Things: 20 Devices in 45 Minutes

Presented at DEF CON 22 (2014), Aug. 9, 2014, 10 a.m. (60 minutes)

When we heard “Hack All The Things,” we took it as a challenge. So at DEF CON this year we’re doing exactly that, we’re hacking everything. We’ve taken all of our previous experience exploiting embedded devices and used it to bring you a presentation filled with more exploits than ever before™. This presentation will feature exploits for over 20 devices including but not limited to TVs, baby monitors, media streamers, network cameras, home automation devices, and VoIP gateways. Gain root on your devices, run unsigned kernels; it’s your hardware, it’s internet connected, and it’s horribly insecure. We will also be following last year’s tradition of handing out free hardware to assist the community in rooting their devices. This year we will have a select number of eMMC adapters for presentation attendees.


Presenters:

  • Hans Nielsen - Senior Security Consultant at Matasano
    Hans Nielsen (@n0nst1ck) is a security wizard at Matasano Security. When he isn't busy protecting your in-house and external applications from evil, he enjoys writing software, hacking apart consumer electronics, designing prototype boards. Hans is a tinkerer at heart with an ability to quickly reverse and/or design hardware and software through whatever means necessary.
  • Mike Baker - Co-Founder OpenWRT
    Mike Baker (@gtvhacker) (AKA [mbm]) is a firmware developer, better known as the Co-Founder behind OpenWrt. He hacks stuff.
  • Amir Etemadieh / Zenofex - Security researcher at Accuvant LABS   as Amir Etemadieh
    Amir Etemadieh (@zenofex) is a Research Scientist on the R&D team at Accuvant LABS. Amir founded the GTVHacker group which has released public exploits for every device within the Google TV platform as well as multiple other non-Google TV devices including The Roku Media Player and The Google Chromecast. Prior to starting GTVHacker, Amir conducted independent research on a long list of consumer devices and is currently listed on multiple "Security Hall of Fame" pages for successfully completing bug bounties.
  • CJ Heres / CJ_000 - Security Consultant   as CJ Heres
    CJ Heres (@cj_000) is an IT systems manager and security consultant who works with a simple philosophy: using a simple approach, one can solve most complex problems. CJ's recent work has been heavily focused on consumer electronics including Blu-Ray players, thermostats, Smart TVs, media streaming devices such as the Roku and Google TV, DVR's, and everything inbetween. CJ has previously spoken at DEF CON 20 and 21, as well as B-Sides Boston 2013.

Links:

Similar Presentations: