Abusing P2P to Hack 3 Million Cameras: Ain't Nobody Got Time for NAT

Presented at DEF CON 28 (2020) Virtual, Aug. 8, 2020, 2:30 p.m. (30 minutes).

To a hacker, making a bug-ridden IoT device directly accessible to the Internet sounds like an insanely bad idea. But what's *truly* insane is that millions of IoT devices are shipping with features that expose them to the Internet the moment they come online, even in the presence of NAT and firewalls. P2P, or "peer-to-peer", is a convenience feature designed to make the lives of users easier, but has the nasty side effect of making attackers' lives easier as well. Come for the story of how supply chain vulnerabilities in modern IP cameras, baby monitors, and even alarm systems are putting millions at risk for eavesdropping and remote compromise. We'll talk about the hoards of IoT devices that exist outside of Shodan's reach and the botnet-like infrastructure they rely on. Learn how to find P2P networks and how to exploit them to jump firewalls, steal camera passwords over the Internet, and correlate devices to physical addresses. We'll demonstrate how to snoop on someone's video simply by using your own camera - and how someone may be snooping on your video, too.

Presenters:

  • Paul Marrapese - Security Researcher
    Paul Marrapese Paul Marrapese (OSCP) is a security researcher from San Jose, CA. His work has resulted in the discovery of critical vulnerabilities affecting millions of IoT devices around the world, and has been featured on Krebs on Security, Forbes, Wired, ZDNet, and several security podcasts. Paul specializes in offensive security as part of the red team at a large enterprise cloud company. His interests include reverse engineering, music production, photography, and recently software-defined radio. Rumor has it that he makes a mean batch of cold-brew coffee. @PaulMarrapese

Links:

Similar Presentations: