Shining a light on a black box: Reverse engineering proprietary protocols in Embedded devices

Presented at ToorCon San Diego 20 (2018), Sept. 16, 2018, 3:30 p.m. (20 minutes)

IoT devices often present unique and unexpected challenges for hackers to overcome. In this talk, we provide an in-depth walk-through of how we broke custom solutions and built exploits to remotely control the targeted device as a root user. The challenge involves reverse engineering a proprietary protocol used to issue commands and receive data to and from the targeted Network Attached Storage NAS device.


  • Rick Ramgattie
    Rick Ramgattie is a Security Analyst at Independent Security Evaluators (ISE), where he conducts high-end, custom security assessments of computer hardware, software products, and manages a team of security researchers. Rick recognizes that it isn't all that easy to get into the information security community. In a self-taught manner he strived to learn what he could. Now, as someone who appreciates the art of reverse engineering, he has taken part in hands-on security assessments of complex systems, IoT devices, and many different native and mobile applications. Rick enjoys reverse engineering, occasional CTFs, and reading.


Similar Presentations: