Pentesting over Powerlines

Presented at DerbyCon 1.0 (2011), Oct. 1, 2011, 10 a.m. (50 minutes).

When performing penetration tests on the internal network in conjunction with physical pentests your always concerned about being located. Let’s remove that barrier and perform your penitents over power lines and never be detected. In this presentation we’ll cover how you can perform full penetration tests over the power lines and hack into home automation systems. Home automation has been gaining momentum not only in small homes but in large companies and organizations. There’s a huge variety of solutions out there both open-source and “proprietary” that provide these solutions to your homes and businesses. Home automation gives us several things for example, full-fledge 85mbps networks, security systems, lights, windows, HVAC, doors, and cameras and they are all generally done through the power lines or through short-wave wireless communications. So let’s break it…. During this presentation we’ll be going over the non-existence of security over these devices, show proof of concept demonstrations on hacking these devices, and while we’re at it, demonstrate how to disable all security mechanisms that use the different protocols like X10.


Presenters:

  • Rob Simon
    Rob Simon is a security engineer for a Fortune 1000 international company. Rob is an OSCP and enjoys reverse engineering, penetration testing, and application security. Rob works with Dave Kennedy (ReL1K) as an application security penetration tester and has a passion for home automation systems.

Similar Presentations: