SlideShare a Scribd company logo

Building Trojan Hardware at Home

E Hacking
E Hacking

Presented by JP Dunning “.ronin” BlackHat Asia 2014; Demonstration of how to build a hardware based trojan at home. Create your own hardware of Trojan Virus. http://www.ehacking.net/2014/09/building-trojan-hardware-at-home.html

Technology
1 of 47
Download to read offline
Building Trojan Hardware at Home JP Dunning “.ronin” BlackHat Asia 2014
What is Hardware? ● PCB (Printed Circuit Board) ● Single use components (resistor, led, crystal, capacitor, etc) ● Specialized chips (RAM, controller, I/O) ● Primary processor chip ● I/O ports ● Firmware
Goals of This Talk ● Discuss hardware and firmware based Trojans ● Remain platform neutral – This is not a vendor specific problem ● Display the relative ease of modifying hardware
What you'll need to play along ● Computer with Linux and Windows ● Cheep used target hardware ● Less that $40 programmer ● Time ● Soldering equipment (sometimes) ● Trojan ● (Minions)
Modify Hardware ● What's in the Box?!?! ● What kind of IO ports are available? – USB, UART, I2C, SPI, PS/2, RJ45, GPIO, draughtboards connectors, etc. ● Get it cheep – Ebay/Craigslist/Taobao anyone?!? ● What is the hardware's purpose ● How does is interact with target
USB + 1 ● Let's hide out attack hardware inside a USB device – Many devices have large open cavities – Looks the same from the outside ● Attack the host device connected to the USB Trojan ● Try to leave device functional
The Glitch Platform ● Create an open hardware testing platform ● Make it Arduino compatible ● Build upon open hardware security projects ● Make projects accessible to non-coders and non-engineers
Glitch Platform made Easy ● Create or edit modules on the Micro SD card using plaint text configuration files – Available configuration options are up to the developer – Provide additional payload files ● Select module with DIP switch ● Plug-and-play ● Project site – theglitch.sourceforge.net
Keystroke Injection ● Emulating computer keyboard ● “Press” keys ● Benefits of leveraging HID Injection ● “Type” accurately ● “Type” quickly ● No Human Required ● Works against computers that can use an external keyboard ● Designed for Windows, Linux, and OS X
HIDIScript ● HID Scripting Language ● Four components ● Plain text ● Parsed Modifiers ● Parsed Keys ● Commands ● Write using HIDIScript Generator ● http://keymeglitch.sourceforge.net
HIDIScript Example [KEY_RIGHT_GUI][KEY_R] [WAIT_1000] notepad [KEY_ENTER] [WAIT_2000] Hello BlackHat Asia 2014! [WAIT_2000] [KEY_ALT][KEY_F4]
Trojan Mouse ● Parts – USB mouse – USB hub – The Glitch
Trojan Mouse Row 1 Row 2 Row 3 Row 4 12 10 8 6 4 2 0 Column 1 Column 2 Column 3 ● Open the mouse – USB Pins solderer or plug in – Remove scroller – Several square centimeters of open space
Trojan Mouse ● Remove the hubs case ● Cut of USB plugs ● Unsolder two cables ● Unsolder USB host connector
Trojan Mouse ● USB (Universal Serial Bus) – Four pins ● Vcc <---> Vcc (Red) ● D- <---> D- (White) ● D+ <---> D+ (Green) ● GND <---> GND (Black) – Standard colors ● Many USB cables use the standard color wires ● Makes it easy to reuse cables
Trojan Mouse ● Split the mouse USB cable
Trojan Mouse
Trojan Mouse
Trojan Mouse
Trojan Mouse
Trojan Keyboard
Trojan Keyboard ● Take apart the keyboard with a standard screwdriver
Trojan Keyboard ● The keyboard has an built in USB hub ● Tap in and replace one of the USB ports ● Avoid soldering by connecting into the connector with wires
Trojan Keyboard ● USB cables take up to much room ● The Glitch has built in solder pads for an alternative USB connection
Trojan Keyboard ● Cut the lines to the USB plug ● Disables plug to avoid other device interference – Could also add another USB hub to keep the port active
Trojan Keyboard
Trojan Card Logger ● Common PoS card reader – Keyboard + Mag Reader
Trojan Card Logger ● Keyboard types card data into the PoS ● Replace the PS2 cable ● Connect to The Glitch pinouts – Vcc, GND, IRQ, DATA ● No soldering
Trojan Card Logger ● Connect The Glitch USB cable to PoS ● Keystrokes converted from PS/2 to USB ● Log data on the Micro SD card
Trojan Desktop/PoS ● Plug into motherboard USB pins inside case
What does the User see? ● USB device drivers installing for all components – A few pop-ups in Windows – Default drivers are fine ● Launch of the attack – The Glitch has a new one time attack option – Will not attack again after each power on
How can we make this stealthier? ● Clone USB ID – The Glitch can clone the USB ID – Computer see double ● Plan the attack – Make it look like an update – Wait a while after the Trojan device is installed
Trojan Network Connection ● Hardware <-> Trojan Router <-> Network ● Method – Remove the Ethernet connector – Connect PCB Ethernet headers to router – Connect second Ethernet cable to Ethernet connector – Connect USB charger to existing USB connectors on the device
Trojan LCD TV & Blu-Ray Player ● Fits in the case ● USB power and ground taps
Modify Firmware ● See whats already out there about moding the device ● Research the chips – ARM, AVR, PIC, Texas Instrument, Broadcom, Intel, etc ● Exposed ports (or chip pin outs) – JTAG, UART, I2C, SPI, GPIO, etc ● Program/Debugger (often low cost) – Bus Pirate, Goodfet, FTDI, PICKIT, etc
Flash Firmware ● Integrated Development Environment – Port code or use custom language ● Look for a development community – Code examples – Custom libraries ● Flashing methods
Programmers
Customize Through Serial ● You may not need to overwrite the firmware ● Connect through a serial console over USB to UART – Issue AT+ commands – Command shell access – Custom commands
Linux YAY!!! ● Many mufti-function hardware platforms run Linux … YAY!!! – BusyBox – 2.4.x or 2.6.x kernel core + compiler ● Porting Linux is free and easy – BSD is preferred … no source code publishing required ● Compiled for custom architecture like ARM
Linux YAY!!! ● Types of devices – Printers – TVs – DVR/DVD/BluRay players – Routers – Watches ● PwnPlug embedded computer ● Almost anything you can ping!
Trojan Router ● Open sources router firmware – OpenWRT – DDWRT ● Replace existing router firmware on hundreds of models – Cisco, TP-Link, D-Link, Siemens, etc ● Configured using local Web, SSH, Telenet ● Access to underlying Linux OS ● Install / configure new applications
Trojan Router 1. Backup router web interface pages 2. Flash with open firmware 3. Integrate original web interface with open firmware 4. Configure hidden Trojan functionality – Enable remote VPN access – Create reverse SSH – Install hacking tools ● MiniPwner project
Trojan Devices Hardware Trojans ● TVs / Monitors ● Game systems ● Printers ● Mice / Keyboards ● PoS / Desktops Firmware Trojans ● Embedded Linux ● Routers ● CC Cameras ● Controllers ● SCADA devices ● 'Internet of Things' Ju$t l00k @R0uƞd U > - <
Countermeasures ● Make purchases from a reputable source ● Monitor peripherals and network for suspicious actions ● Disable debug ports on hardware ● Enforce update authentication
Resources ● http://theglitch.sourceforge.net ● http://hackaday.com ● http://www.instructables.com/ ● http://goodfet.sourceforge.net ● http://dangerousprototypes.com/docs/Bus_Pirate ● http://servicemanuals.pro ● http://minipwner.com ● http://digikey.com ● http://mouser.com
Thanks ● IronGeek, Hak5, Dave Kennedy, Dragorn, Mike Ossmann for their work in this and relating project ● Community support from Kickstarter ● BlackHat
Questions? JP Dunning “.ronin” Projects @r0wnin theglitch.sourceforge.net ronin@shadowcave.org ww.hackfromacave.com

Recommended

Hardware hacking
Hardware hackingHardware hacking
Hardware hackingTavish Naruka
 
Hardware Hacking area: Make Cool Things with Microcontrollers (and learn to s...
Hardware Hacking area: Make Cool Things with Microcontrollers (and learn to s...Hardware Hacking area: Make Cool Things with Microcontrollers (and learn to s...
Hardware Hacking area: Make Cool Things with Microcontrollers (and learn to s...codebits
 
Internet of things - with routers
Internet of things - with routersInternet of things - with routers
Internet of things - with routersTavish Naruka
 
BadUSB, and what you should do about it
BadUSB, and what you should do about itBadUSB, and what you should do about it
BadUSB, and what you should do about itrobertfisk
 
Bus Pirate Workshop Ruxcon Hardware Hacking 2017
Bus Pirate Workshop Ruxcon Hardware Hacking 2017Bus Pirate Workshop Ruxcon Hardware Hacking 2017
Bus Pirate Workshop Ruxcon Hardware Hacking 2017Tim N
 
Making and breaking security in embedded devices
Making and breaking security in embedded devicesMaking and breaking security in embedded devices
Making and breaking security in embedded devicesYashin Mehaboobe
 
Hardware Hacking Primer
Hardware Hacking PrimerHardware Hacking Primer
Hardware Hacking PrimerYashin Mehaboobe
 
Thotcon2013
Thotcon2013Thotcon2013
Thotcon2013Philip Polstra
 

Recommended

Hardware hacking
Hardware hackingHardware hacking
Hardware hackingTavish Naruka
 
Hardware Hacking area: Make Cool Things with Microcontrollers (and learn to s...
Hardware Hacking area: Make Cool Things with Microcontrollers (and learn to s...Hardware Hacking area: Make Cool Things with Microcontrollers (and learn to s...
Hardware Hacking area: Make Cool Things with Microcontrollers (and learn to s...codebits
 
Internet of things - with routers
Internet of things - with routersInternet of things - with routers
Internet of things - with routersTavish Naruka
 
BadUSB, and what you should do about it
BadUSB, and what you should do about itBadUSB, and what you should do about it
BadUSB, and what you should do about itrobertfisk
 
Bus Pirate Workshop Ruxcon Hardware Hacking 2017
Bus Pirate Workshop Ruxcon Hardware Hacking 2017Bus Pirate Workshop Ruxcon Hardware Hacking 2017
Bus Pirate Workshop Ruxcon Hardware Hacking 2017Tim N
 
Making and breaking security in embedded devices
Making and breaking security in embedded devicesMaking and breaking security in embedded devices
Making and breaking security in embedded devicesYashin Mehaboobe
 
Hardware Hacking Primer
Hardware Hacking PrimerHardware Hacking Primer
Hardware Hacking PrimerYashin Mehaboobe
 
Thotcon2013
Thotcon2013Thotcon2013
Thotcon2013Philip Polstra
 
Polstra 44con2012
Polstra 44con2012Polstra 44con2012
Polstra 44con2012Philip Polstra
 
The Deck by Phil Polstra GrrCON2012
The Deck by Phil Polstra GrrCON2012The Deck by Phil Polstra GrrCON2012
The Deck by Phil Polstra GrrCON2012Philip Polstra
 
Cyberhijacking Airplanes Truth or Fiction
Cyberhijacking Airplanes Truth or FictionCyberhijacking Airplanes Truth or Fiction
Cyberhijacking Airplanes Truth or FictionPhilip Polstra
 
Eloi Sanfélix y Javier Moreno - Hardware hacking on your couch [RootedCON 2012]
Eloi Sanfélix y Javier Moreno - Hardware hacking on your couch [RootedCON 2012]Eloi Sanfélix y Javier Moreno - Hardware hacking on your couch [RootedCON 2012]
Eloi Sanfélix y Javier Moreno - Hardware hacking on your couch [RootedCON 2012]RootedCON
 
Intro to linux
Intro to linux Intro to linux
Intro to linux Islam Nabil
 
BeagleBone Black Using Python
BeagleBone Black Using PythonBeagleBone Black Using Python
BeagleBone Black Using PythonSai Viswanath
 
Programming esp8266
Programming esp8266Programming esp8266
Programming esp8266Baoshi Zhu
 
Debian & the BeagleBone Black
Debian & the BeagleBone BlackDebian & the BeagleBone Black
Debian & the BeagleBone BlackRaju Vindane
 
Hardware Reverse Engineering: From Boot to Root
Hardware Reverse Engineering: From Boot to RootHardware Reverse Engineering: From Boot to Root
Hardware Reverse Engineering: From Boot to RootYashin Mehaboobe
 
BeagleBone Workshop
BeagleBone WorkshopBeagleBone Workshop
BeagleBone WorkshopChirag Nagpal
 
OSMC 2016 - Small things for monitoring by Jan-Piet Mens
OSMC 2016 - Small things for monitoring by Jan-Piet MensOSMC 2016 - Small things for monitoring by Jan-Piet Mens
OSMC 2016 - Small things for monitoring by Jan-Piet MensNETWAYS
 
PyTriage: A malware analysis framework
PyTriage: A malware analysis frameworkPyTriage: A malware analysis framework
PyTriage: A malware analysis frameworkYashin Mehaboobe
 
Fedora 12 Introduction
Fedora 12 IntroductionFedora 12 Introduction
Fedora 12 IntroductionRatnadeep Debnath
 
ELC-E 2019 Device tree, past, present, future
ELC-E 2019 Device tree, past, present, futureELC-E 2019 Device tree, past, present, future
ELC-E 2019 Device tree, past, present, futureNeil Armstrong
 
Nodemcu - introduction
Nodemcu - introductionNodemcu - introduction
Nodemcu - introductionMichal Sedlak
 
Linux Conference Australia 2018 : Device Tree, past, present, future
Linux Conference Australia 2018 : Device Tree, past, present, futureLinux Conference Australia 2018 : Device Tree, past, present, future
Linux Conference Australia 2018 : Device Tree, past, present, futureNeil Armstrong
 
Arduino Meetup with Sonar and 433Mhz Radios
Arduino Meetup with Sonar and 433Mhz RadiosArduino Meetup with Sonar and 433Mhz Radios
Arduino Meetup with Sonar and 433Mhz Radiosroadster43
 
Hardware Hacks
Hardware HacksHardware Hacks
Hardware Hacksn|u - The Open Security Community
 
Reverse Engineering: Writing a Linux driver for an unknown device
Reverse Engineering: Writing a Linux driver for an unknown deviceReverse Engineering: Writing a Linux driver for an unknown device
Reverse Engineering: Writing a Linux driver for an unknown deviceLubomir Rintel
 
Android Attacks
Android AttacksAndroid Attacks
Android AttacksMichael Scovetta
 
Sesion no. 5, 2012: Early Christian Catacombs, by Suzie Markland
Sesion no. 5, 2012: Early Christian Catacombs, by Suzie MarklandSesion no. 5, 2012: Early Christian Catacombs, by Suzie Markland
Sesion no. 5, 2012: Early Christian Catacombs, by Suzie MarklandEcomuseum Cavalleria
 
20060617 Rome Slideshare
20060617 Rome Slideshare20060617 Rome Slideshare
20060617 Rome Slidesharedondonma
 

More Related Content

What's hot

The Deck by Phil Polstra GrrCON2012
The Deck by Phil Polstra GrrCON2012The Deck by Phil Polstra GrrCON2012
The Deck by Phil Polstra GrrCON2012Philip Polstra
 
Cyberhijacking Airplanes Truth or Fiction
Cyberhijacking Airplanes Truth or FictionCyberhijacking Airplanes Truth or Fiction
Cyberhijacking Airplanes Truth or FictionPhilip Polstra
 
Eloi Sanfélix y Javier Moreno - Hardware hacking on your couch [RootedCON 2012]
Eloi Sanfélix y Javier Moreno - Hardware hacking on your couch [RootedCON 2012]Eloi Sanfélix y Javier Moreno - Hardware hacking on your couch [RootedCON 2012]
Eloi Sanfélix y Javier Moreno - Hardware hacking on your couch [RootedCON 2012]RootedCON
 
BeagleBone Black Using Python
BeagleBone Black Using PythonBeagleBone Black Using Python
BeagleBone Black Using PythonSai Viswanath
 
Programming esp8266
Programming esp8266Programming esp8266
Programming esp8266Baoshi Zhu
 
Debian & the BeagleBone Black
Debian & the BeagleBone BlackDebian & the BeagleBone Black
Debian & the BeagleBone BlackRaju Vindane
 
Hardware Reverse Engineering: From Boot to Root
Hardware Reverse Engineering: From Boot to RootHardware Reverse Engineering: From Boot to Root
Hardware Reverse Engineering: From Boot to RootYashin Mehaboobe
 
OSMC 2016 - Small things for monitoring by Jan-Piet Mens
OSMC 2016 - Small things for monitoring by Jan-Piet MensOSMC 2016 - Small things for monitoring by Jan-Piet Mens
OSMC 2016 - Small things for monitoring by Jan-Piet MensNETWAYS
 
PyTriage: A malware analysis framework
PyTriage: A malware analysis frameworkPyTriage: A malware analysis framework
PyTriage: A malware analysis frameworkYashin Mehaboobe
 
ELC-E 2019 Device tree, past, present, future
ELC-E 2019 Device tree, past, present, futureELC-E 2019 Device tree, past, present, future
ELC-E 2019 Device tree, past, present, futureNeil Armstrong
 
Nodemcu - introduction
Nodemcu - introductionNodemcu - introduction
Nodemcu - introductionMichal Sedlak
 
Linux Conference Australia 2018 : Device Tree, past, present, future
Linux Conference Australia 2018 : Device Tree, past, present, futureLinux Conference Australia 2018 : Device Tree, past, present, future
Linux Conference Australia 2018 : Device Tree, past, present, futureNeil Armstrong
 
Arduino Meetup with Sonar and 433Mhz Radios
Arduino Meetup with Sonar and 433Mhz RadiosArduino Meetup with Sonar and 433Mhz Radios
Arduino Meetup with Sonar and 433Mhz Radiosroadster43
 
Reverse Engineering: Writing a Linux driver for an unknown device
Reverse Engineering: Writing a Linux driver for an unknown deviceReverse Engineering: Writing a Linux driver for an unknown device
Reverse Engineering: Writing a Linux driver for an unknown deviceLubomir Rintel
 

What's hot (20)

Polstra 44con2012
Polstra 44con2012Polstra 44con2012
Polstra 44con2012
 
The Deck by Phil Polstra GrrCON2012
The Deck by Phil Polstra GrrCON2012The Deck by Phil Polstra GrrCON2012
The Deck by Phil Polstra GrrCON2012
 
Cyberhijacking Airplanes Truth or Fiction
Cyberhijacking Airplanes Truth or FictionCyberhijacking Airplanes Truth or Fiction
Cyberhijacking Airplanes Truth or Fiction
 
Eloi Sanfélix y Javier Moreno - Hardware hacking on your couch [RootedCON 2012]
Eloi Sanfélix y Javier Moreno - Hardware hacking on your couch [RootedCON 2012]Eloi Sanfélix y Javier Moreno - Hardware hacking on your couch [RootedCON 2012]
Eloi Sanfélix y Javier Moreno - Hardware hacking on your couch [RootedCON 2012]
 
Intro to linux
Intro to linux Intro to linux
Intro to linux
 
BeagleBone Black Using Python
BeagleBone Black Using PythonBeagleBone Black Using Python
BeagleBone Black Using Python
 
Programming esp8266
Programming esp8266Programming esp8266
Programming esp8266
 
Debian & the BeagleBone Black
Debian & the BeagleBone BlackDebian & the BeagleBone Black
Debian & the BeagleBone Black
 
Hardware Reverse Engineering: From Boot to Root
Hardware Reverse Engineering: From Boot to RootHardware Reverse Engineering: From Boot to Root
Hardware Reverse Engineering: From Boot to Root
 
BeagleBone Workshop
BeagleBone WorkshopBeagleBone Workshop
BeagleBone Workshop
 
OSMC 2016 - Small things for monitoring by Jan-Piet Mens
OSMC 2016 - Small things for monitoring by Jan-Piet MensOSMC 2016 - Small things for monitoring by Jan-Piet Mens
OSMC 2016 - Small things for monitoring by Jan-Piet Mens
 
PyTriage: A malware analysis framework
PyTriage: A malware analysis frameworkPyTriage: A malware analysis framework
PyTriage: A malware analysis framework
 
Fedora 12 Introduction
Fedora 12 IntroductionFedora 12 Introduction
Fedora 12 Introduction
 
ELC-E 2019 Device tree, past, present, future
ELC-E 2019 Device tree, past, present, futureELC-E 2019 Device tree, past, present, future
ELC-E 2019 Device tree, past, present, future
 
Nodemcu - introduction
Nodemcu - introductionNodemcu - introduction
Nodemcu - introduction
 
Linux Conference Australia 2018 : Device Tree, past, present, future
Linux Conference Australia 2018 : Device Tree, past, present, futureLinux Conference Australia 2018 : Device Tree, past, present, future
Linux Conference Australia 2018 : Device Tree, past, present, future
 
Arduino Meetup with Sonar and 433Mhz Radios
Arduino Meetup with Sonar and 433Mhz RadiosArduino Meetup with Sonar and 433Mhz Radios
Arduino Meetup with Sonar and 433Mhz Radios
 
Hardware Hacks
Hardware HacksHardware Hacks
Hardware Hacks
 
Reverse Engineering: Writing a Linux driver for an unknown device
Reverse Engineering: Writing a Linux driver for an unknown deviceReverse Engineering: Writing a Linux driver for an unknown device
Reverse Engineering: Writing a Linux driver for an unknown device
 
Android Attacks
Android AttacksAndroid Attacks
Android Attacks
 

Viewers also liked

Sesion no. 5, 2012: Early Christian Catacombs, by Suzie Markland
Sesion no. 5, 2012: Early Christian Catacombs, by Suzie MarklandSesion no. 5, 2012: Early Christian Catacombs, by Suzie Markland
Sesion no. 5, 2012: Early Christian Catacombs, by Suzie MarklandEcomuseum Cavalleria
 
20060617 Rome Slideshare
20060617 Rome Slideshare20060617 Rome Slideshare
20060617 Rome Slidesharedondonma
 
Trip To Rome And Greece Powerpoint
Trip To Rome And Greece PowerpointTrip To Rome And Greece Powerpoint
Trip To Rome And Greece PowerpointSarah Hustwit
 
Naama catacombs of rome
Naama catacombs of romeNaama catacombs of rome
Naama catacombs of romecjkavanaugh
 
Session no. 3, 2011: Early Christian Catacombs, by Alesha Klein
Session no. 3, 2011: Early Christian Catacombs, by Alesha KleinSession no. 3, 2011: Early Christian Catacombs, by Alesha Klein
Session no. 3, 2011: Early Christian Catacombs, by Alesha KleinEcomuseum Cavalleria
 
Roman Forum - Rome Italy
Roman Forum - Rome ItalyRoman Forum - Rome Italy
Roman Forum - Rome ItalySteven Cantler
 
Wood work
Wood workWood work
Wood worktajk
 
Commercial Windoor hardware components
Commercial Windoor hardware componentsCommercial Windoor hardware components
Commercial Windoor hardware componentsWindoor hc
 
Rome Design City: from Trajan Column to UX
Rome Design City: from Trajan Column to UXRome Design City: from Trajan Column to UX
Rome Design City: from Trajan Column to UXMino Parisi
 
Aluminium sliding folding doors
Aluminium sliding folding doorsAluminium sliding folding doors
Aluminium sliding folding doorsRashmi Baur
 
sharad mishra,envirotech systems,acoustic doors, acoustic metal doors,acousti...
sharad mishra,envirotech systems,acoustic doors, acoustic metal doors,acousti...sharad mishra,envirotech systems,acoustic doors, acoustic metal doors,acousti...
sharad mishra,envirotech systems,acoustic doors, acoustic metal doors,acousti...mishrasharad
 
CONCEPTOS JURIDICOS FUNDAMENTALES
CONCEPTOS JURIDICOS FUNDAMENTALESCONCEPTOS JURIDICOS FUNDAMENTALES
CONCEPTOS JURIDICOS FUNDAMENTALESkarolina_alban
 
ARCHES AND DOMES
ARCHES AND DOMES ARCHES AND DOMES
ARCHES AND DOMESahmed lieth
 
Rome: Colosseum, Roman Baths and Circus Maximus
Rome: Colosseum, Roman Baths and Circus MaximusRome: Colosseum, Roman Baths and Circus Maximus
Rome: Colosseum, Roman Baths and Circus MaximusAlfonso Poza
 
ANDROID BASED HOME APPLIANCE CONTROL USING APP IN MOBILE
ANDROID BASED HOME APPLIANCE CONTROL USING APP IN MOBILEANDROID BASED HOME APPLIANCE CONTROL USING APP IN MOBILE
ANDROID BASED HOME APPLIANCE CONTROL USING APP IN MOBILEDurgaprasad M
 

Viewers also liked (20)

Sesion no. 5, 2012: Early Christian Catacombs, by Suzie Markland
Sesion no. 5, 2012: Early Christian Catacombs, by Suzie MarklandSesion no. 5, 2012: Early Christian Catacombs, by Suzie Markland
Sesion no. 5, 2012: Early Christian Catacombs, by Suzie Markland
 
20060617 Rome Slideshare
20060617 Rome Slideshare20060617 Rome Slideshare
20060617 Rome Slideshare
 
Trip To Rome And Greece Powerpoint
Trip To Rome And Greece PowerpointTrip To Rome And Greece Powerpoint
Trip To Rome And Greece Powerpoint
 
Naama catacombs of rome
Naama catacombs of romeNaama catacombs of rome
Naama catacombs of rome
 
ROME
ROMEROME
ROME
 
The forum
The forumThe forum
The forum
 
Session no. 3, 2011: Early Christian Catacombs, by Alesha Klein
Session no. 3, 2011: Early Christian Catacombs, by Alesha KleinSession no. 3, 2011: Early Christian Catacombs, by Alesha Klein
Session no. 3, 2011: Early Christian Catacombs, by Alesha Klein
 
Roman Forum - Rome Italy
Roman Forum - Rome ItalyRoman Forum - Rome Italy
Roman Forum - Rome Italy
 
Wood work
Wood workWood work
Wood work
 
Commercial Windoor hardware components
Commercial Windoor hardware componentsCommercial Windoor hardware components
Commercial Windoor hardware components
 
Rome Design City: from Trajan Column to UX
Rome Design City: from Trajan Column to UXRome Design City: from Trajan Column to UX
Rome Design City: from Trajan Column to UX
 
Sliding Door Architecture
Sliding Door ArchitectureSliding Door Architecture
Sliding Door Architecture
 
Aluminium sliding folding doors
Aluminium sliding folding doorsAluminium sliding folding doors
Aluminium sliding folding doors
 
sharad mishra,envirotech systems,acoustic doors, acoustic metal doors,acousti...
sharad mishra,envirotech systems,acoustic doors, acoustic metal doors,acousti...sharad mishra,envirotech systems,acoustic doors, acoustic metal doors,acousti...
sharad mishra,envirotech systems,acoustic doors, acoustic metal doors,acousti...
 
CONCEPTOS JURIDICOS FUNDAMENTALES
CONCEPTOS JURIDICOS FUNDAMENTALESCONCEPTOS JURIDICOS FUNDAMENTALES
CONCEPTOS JURIDICOS FUNDAMENTALES
 
ARCHES AND DOMES
ARCHES AND DOMES ARCHES AND DOMES
ARCHES AND DOMES
 
Arches and domes
Arches and domesArches and domes
Arches and domes
 
Mechanical seals
Mechanical sealsMechanical seals
Mechanical seals
 
Rome: Colosseum, Roman Baths and Circus Maximus
Rome: Colosseum, Roman Baths and Circus MaximusRome: Colosseum, Roman Baths and Circus Maximus
Rome: Colosseum, Roman Baths and Circus Maximus
 
ANDROID BASED HOME APPLIANCE CONTROL USING APP IN MOBILE
ANDROID BASED HOME APPLIANCE CONTROL USING APP IN MOBILEANDROID BASED HOME APPLIANCE CONTROL USING APP IN MOBILE
ANDROID BASED HOME APPLIANCE CONTROL USING APP IN MOBILE
 

Similar to Building Trojan Hardware at Home

2.2. Introduction to Arduino
2.2. Introduction to Arduino2.2. Introduction to Arduino
2.2. Introduction to Arduinodefconmoscow
 
Embedded Linux Systems Basics
Embedded Linux Systems BasicsEmbedded Linux Systems Basics
Embedded Linux Systems BasicsMax Henery
 
Hacking and Forensics on the Go - 44CON 2012
Hacking and Forensics on the Go - 44CON 2012Hacking and Forensics on the Go - 44CON 2012
Hacking and Forensics on the Go - 44CON 201244CON
 
Embedded Erlang, Nerves, and SumoBots
Embedded Erlang, Nerves, and SumoBotsEmbedded Erlang, Nerves, and SumoBots
Embedded Erlang, Nerves, and SumoBotsFrank Hunleth
 
Introduction to Firmware
Introduction to FirmwareIntroduction to Firmware
Introduction to FirmwareCaroline Murphy
 
Introduction to Computer Hardware Assembling
Introduction to Computer Hardware AssemblingIntroduction to Computer Hardware Assembling
Introduction to Computer Hardware AssemblingRanjith Siji
 
Embedded platform choices
Embedded platform choicesEmbedded platform choices
Embedded platform choicesTavish Naruka
 
The eID on Linux in 2015
The eID on Linux in 2015The eID on Linux in 2015
The eID on Linux in 2015Wouter Verhelst
 
BYOD Revisited: Build Your Own Device (Embedded Linux Conference 2014)
BYOD Revisited: Build Your Own Device (Embedded Linux Conference 2014)BYOD Revisited: Build Your Own Device (Embedded Linux Conference 2014)
BYOD Revisited: Build Your Own Device (Embedded Linux Conference 2014)Ron Munitz
 
The internet of $h1t
The internet of $h1tThe internet of $h1t
The internet of $h1tAmit Serper
 
Redteaming HID attacks
Redteaming HID attacksRedteaming HID attacks
Redteaming HID attacksJuan Espin
 
D1 t1 t. yunusov k. nesterov - bootkit via sms
D1 t1 t. yunusov k. nesterov - bootkit via smsD1 t1 t. yunusov k. nesterov - bootkit via sms
D1 t1 t. yunusov k. nesterov - bootkit via smsqqlan
 
The components of a computer
The components of a computerThe components of a computer
The components of a computertrisson255
 
Marrying a Penguin: Logging in and mounting encrypted partitions using a ring...
Marrying a Penguin: Logging in and mounting encrypted partitions using a ring...Marrying a Penguin: Logging in and mounting encrypted partitions using a ring...
Marrying a Penguin: Logging in and mounting encrypted partitions using a ring...benwhorwood
 
Don't Give Credit: Hacking Arcade Machines
Don't Give Credit: Hacking Arcade MachinesDon't Give Credit: Hacking Arcade Machines
Don't Give Credit: Hacking Arcade MachinesMichael Scovetta
 
Root via SMS: 4G access level security assessment, Sergey Gordeychik, Alexand...
Root via SMS: 4G access level security assessment, Sergey Gordeychik, Alexand...Root via SMS: 4G access level security assessment, Sergey Gordeychik, Alexand...
Root via SMS: 4G access level security assessment, Sergey Gordeychik, Alexand...Sergey Gordeychik
 
Tac Presentation October 72014- Raspberry PI
Tac Presentation October 72014- Raspberry PITac Presentation October 72014- Raspberry PI
Tac Presentation October 72014- Raspberry PICliff Samuels Jr.
 

Similar to Building Trojan Hardware at Home (20)

2.2. Introduction to Arduino
2.2. Introduction to Arduino2.2. Introduction to Arduino
2.2. Introduction to Arduino
 
Embedded Linux Systems Basics
Embedded Linux Systems BasicsEmbedded Linux Systems Basics
Embedded Linux Systems Basics
 
Hacking and Forensics on the Go - 44CON 2012
Hacking and Forensics on the Go - 44CON 2012Hacking and Forensics on the Go - 44CON 2012
Hacking and Forensics on the Go - 44CON 2012
 
Embedded Erlang, Nerves, and SumoBots
Embedded Erlang, Nerves, and SumoBotsEmbedded Erlang, Nerves, and SumoBots
Embedded Erlang, Nerves, and SumoBots
 
Introduction to Firmware
Introduction to FirmwareIntroduction to Firmware
Introduction to Firmware
 
Introduction to Computer Hardware Assembling
Introduction to Computer Hardware AssemblingIntroduction to Computer Hardware Assembling
Introduction to Computer Hardware Assembling
 
Let's begin io t with $10
Let's begin io t with $10Let's begin io t with $10
Let's begin io t with $10
 
Embedded platform choices
Embedded platform choicesEmbedded platform choices
Embedded platform choices
 
The eID on Linux in 2015
The eID on Linux in 2015The eID on Linux in 2015
The eID on Linux in 2015
 
Arduino Hands-on Workshop
Arduino Hands-on WorkshopArduino Hands-on Workshop
Arduino Hands-on Workshop
 
BYOD Revisited: Build Your Own Device (Embedded Linux Conference 2014)
BYOD Revisited: Build Your Own Device (Embedded Linux Conference 2014)BYOD Revisited: Build Your Own Device (Embedded Linux Conference 2014)
BYOD Revisited: Build Your Own Device (Embedded Linux Conference 2014)
 
The internet of $h1t
The internet of $h1tThe internet of $h1t
The internet of $h1t
 
Redteaming HID attacks
Redteaming HID attacksRedteaming HID attacks
Redteaming HID attacks
 
D1 t1 t. yunusov k. nesterov - bootkit via sms
D1 t1 t. yunusov k. nesterov - bootkit via smsD1 t1 t. yunusov k. nesterov - bootkit via sms
D1 t1 t. yunusov k. nesterov - bootkit via sms
 
The components of a computer
The components of a computerThe components of a computer
The components of a computer
 
Marrying a Penguin: Logging in and mounting encrypted partitions using a ring...
Marrying a Penguin: Logging in and mounting encrypted partitions using a ring...Marrying a Penguin: Logging in and mounting encrypted partitions using a ring...
Marrying a Penguin: Logging in and mounting encrypted partitions using a ring...
 
Don't Give Credit: Hacking Arcade Machines
Don't Give Credit: Hacking Arcade MachinesDon't Give Credit: Hacking Arcade Machines
Don't Give Credit: Hacking Arcade Machines
 
Root via SMS: 4G access level security assessment, Sergey Gordeychik, Alexand...
Root via SMS: 4G access level security assessment, Sergey Gordeychik, Alexand...Root via SMS: 4G access level security assessment, Sergey Gordeychik, Alexand...
Root via SMS: 4G access level security assessment, Sergey Gordeychik, Alexand...
 
Tac Presentation October 72014- Raspberry PI
Tac Presentation October 72014- Raspberry PITac Presentation October 72014- Raspberry PI
Tac Presentation October 72014- Raspberry PI
 
Arduino
ArduinoArduino
Arduino
 

More from E Hacking

CEH and Security+ Training Outline - EH Academy
CEH and Security+ Training Outline - EH AcademyCEH and Security+ Training Outline - EH Academy
CEH and Security+ Training Outline - EH AcademyE Hacking
 
Threats against the next billion devices
Threats against the next billion devicesThreats against the next billion devices
Threats against the next billion devicesE Hacking
 
High Definition Fuzzing; Exploring HDMI vulnerabilities
High Definition Fuzzing; Exploring HDMI vulnerabilitiesHigh Definition Fuzzing; Exploring HDMI vulnerabilities
High Definition Fuzzing; Exploring HDMI vulnerabilitiesE Hacking
 
New Developments in the BREACH attack
New Developments in the BREACH attackNew Developments in the BREACH attack
New Developments in the BREACH attackE Hacking
 
Exploiting Linux On 32-bit and 64-bit Systems
Exploiting Linux On 32-bit and 64-bit SystemsExploiting Linux On 32-bit and 64-bit Systems
Exploiting Linux On 32-bit and 64-bit SystemsE Hacking
 
Most Important steps to become a hacker
Most Important steps to become a hackerMost Important steps to become a hacker
Most Important steps to become a hackerE Hacking
 
Penetrating the Perimeter - Tales from the Battlefield
Penetrating the Perimeter - Tales from the BattlefieldPenetrating the Perimeter - Tales from the Battlefield
Penetrating the Perimeter - Tales from the BattlefieldE Hacking
 
Website fingerprinting on TOR
Website fingerprinting on TORWebsite fingerprinting on TOR
Website fingerprinting on TORE Hacking
 
Fuzzing the Media Framework in Android
Fuzzing the Media Framework in AndroidFuzzing the Media Framework in Android
Fuzzing the Media Framework in AndroidE Hacking
 
Stalking a City for Fun and Frivolity" Defcon Talk
Stalking a City for Fun and Frivolity" Defcon TalkStalking a City for Fun and Frivolity" Defcon Talk
Stalking a City for Fun and Frivolity" Defcon TalkE Hacking
 
Hacking Wireless World, RFID hacking
Hacking Wireless World, RFID hackingHacking Wireless World, RFID hacking
Hacking Wireless World, RFID hackingE Hacking
 
Abusing Microsoft Kerberos - Sorry you guys don’t get it
Abusing Microsoft Kerberos - Sorry you guys don’t get itAbusing Microsoft Kerberos - Sorry you guys don’t get it
Abusing Microsoft Kerberos - Sorry you guys don’t get itE Hacking
 
Malicious Domain Profiling
Malicious Domain Profiling Malicious Domain Profiling
Malicious Domain Profiling E Hacking
 
Searching Shodan For Fun And Profit
Searching Shodan For Fun And ProfitSearching Shodan For Fun And Profit
Searching Shodan For Fun And ProfitE Hacking
 
The Machines that Betrayed their Masters
The Machines that Betrayed their MastersThe Machines that Betrayed their Masters
The Machines that Betrayed their MastersE Hacking
 
Detecting Bluetooth Surveillance Systems
Detecting Bluetooth Surveillance SystemsDetecting Bluetooth Surveillance Systems
Detecting Bluetooth Surveillance SystemsE Hacking
 
Unmasking or De-Anonymizing You
Unmasking or De-Anonymizing YouUnmasking or De-Anonymizing You
Unmasking or De-Anonymizing YouE Hacking
 
WhatsApp Chat Hacking/Stealing POC
WhatsApp Chat Hacking/Stealing POCWhatsApp Chat Hacking/Stealing POC
WhatsApp Chat Hacking/Stealing POCE Hacking
 
Social Media Monitoring tools as an OSINT platform for intelligence
Social Media Monitoring tools as an OSINT platform for intelligenceSocial Media Monitoring tools as an OSINT platform for intelligence
Social Media Monitoring tools as an OSINT platform for intelligenceE Hacking
 
LDAP Injections & Blind LDAP Injections Paper
LDAP Injections & Blind LDAP Injections PaperLDAP Injections & Blind LDAP Injections Paper
LDAP Injections & Blind LDAP Injections PaperE Hacking
 

More from E Hacking (20)

CEH and Security+ Training Outline - EH Academy
CEH and Security+ Training Outline - EH AcademyCEH and Security+ Training Outline - EH Academy
CEH and Security+ Training Outline - EH Academy
 
Threats against the next billion devices
Threats against the next billion devicesThreats against the next billion devices
Threats against the next billion devices
 
High Definition Fuzzing; Exploring HDMI vulnerabilities
High Definition Fuzzing; Exploring HDMI vulnerabilitiesHigh Definition Fuzzing; Exploring HDMI vulnerabilities
High Definition Fuzzing; Exploring HDMI vulnerabilities
 
New Developments in the BREACH attack
New Developments in the BREACH attackNew Developments in the BREACH attack
New Developments in the BREACH attack
 
Exploiting Linux On 32-bit and 64-bit Systems
Exploiting Linux On 32-bit and 64-bit SystemsExploiting Linux On 32-bit and 64-bit Systems
Exploiting Linux On 32-bit and 64-bit Systems
 
Most Important steps to become a hacker
Most Important steps to become a hackerMost Important steps to become a hacker
Most Important steps to become a hacker
 
Penetrating the Perimeter - Tales from the Battlefield
Penetrating the Perimeter - Tales from the BattlefieldPenetrating the Perimeter - Tales from the Battlefield
Penetrating the Perimeter - Tales from the Battlefield
 
Website fingerprinting on TOR
Website fingerprinting on TORWebsite fingerprinting on TOR
Website fingerprinting on TOR
 
Fuzzing the Media Framework in Android
Fuzzing the Media Framework in AndroidFuzzing the Media Framework in Android
Fuzzing the Media Framework in Android
 
Stalking a City for Fun and Frivolity" Defcon Talk
Stalking a City for Fun and Frivolity" Defcon TalkStalking a City for Fun and Frivolity" Defcon Talk
Stalking a City for Fun and Frivolity" Defcon Talk
 
Hacking Wireless World, RFID hacking
Hacking Wireless World, RFID hackingHacking Wireless World, RFID hacking
Hacking Wireless World, RFID hacking
 
Abusing Microsoft Kerberos - Sorry you guys don’t get it
Abusing Microsoft Kerberos - Sorry you guys don’t get itAbusing Microsoft Kerberos - Sorry you guys don’t get it
Abusing Microsoft Kerberos - Sorry you guys don’t get it
 
Malicious Domain Profiling
Malicious Domain Profiling Malicious Domain Profiling
Malicious Domain Profiling
 
Searching Shodan For Fun And Profit
Searching Shodan For Fun And ProfitSearching Shodan For Fun And Profit
Searching Shodan For Fun And Profit
 
The Machines that Betrayed their Masters
The Machines that Betrayed their MastersThe Machines that Betrayed their Masters
The Machines that Betrayed their Masters
 
Detecting Bluetooth Surveillance Systems
Detecting Bluetooth Surveillance SystemsDetecting Bluetooth Surveillance Systems
Detecting Bluetooth Surveillance Systems
 
Unmasking or De-Anonymizing You
Unmasking or De-Anonymizing YouUnmasking or De-Anonymizing You
Unmasking or De-Anonymizing You
 
WhatsApp Chat Hacking/Stealing POC
WhatsApp Chat Hacking/Stealing POCWhatsApp Chat Hacking/Stealing POC
WhatsApp Chat Hacking/Stealing POC
 
Social Media Monitoring tools as an OSINT platform for intelligence
Social Media Monitoring tools as an OSINT platform for intelligenceSocial Media Monitoring tools as an OSINT platform for intelligence
Social Media Monitoring tools as an OSINT platform for intelligence
 
LDAP Injections & Blind LDAP Injections Paper
LDAP Injections & Blind LDAP Injections PaperLDAP Injections & Blind LDAP Injections Paper
LDAP Injections & Blind LDAP Injections Paper
 

Recently uploaded

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 

Recently uploaded (20)

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 

Building Trojan Hardware at Home

  • 1. Building Trojan Hardware at Home JP Dunning “.ronin” BlackHat Asia 2014
  • 2. What is Hardware? ● PCB (Printed Circuit Board) ● Single use components (resistor, led, crystal, capacitor, etc) ● Specialized chips (RAM, controller, I/O) ● Primary processor chip ● I/O ports ● Firmware
  • 3. Goals of This Talk ● Discuss hardware and firmware based Trojans ● Remain platform neutral – This is not a vendor specific problem ● Display the relative ease of modifying hardware
  • 4. What you'll need to play along ● Computer with Linux and Windows ● Cheep used target hardware ● Less that $40 programmer ● Time ● Soldering equipment (sometimes) ● Trojan ● (Minions)
  • 5. Modify Hardware ● What's in the Box?!?! ● What kind of IO ports are available? – USB, UART, I2C, SPI, PS/2, RJ45, GPIO, draughtboards connectors, etc. ● Get it cheep – Ebay/Craigslist/Taobao anyone?!? ● What is the hardware's purpose ● How does is interact with target
  • 6. USB + 1 ● Let's hide out attack hardware inside a USB device – Many devices have large open cavities – Looks the same from the outside ● Attack the host device connected to the USB Trojan ● Try to leave device functional
  • 7. The Glitch Platform ● Create an open hardware testing platform ● Make it Arduino compatible ● Build upon open hardware security projects ● Make projects accessible to non-coders and non-engineers
  • 8. Glitch Platform made Easy ● Create or edit modules on the Micro SD card using plaint text configuration files – Available configuration options are up to the developer – Provide additional payload files ● Select module with DIP switch ● Plug-and-play ● Project site – theglitch.sourceforge.net
  • 9. Keystroke Injection ● Emulating computer keyboard ● “Press” keys ● Benefits of leveraging HID Injection ● “Type” accurately ● “Type” quickly ● No Human Required ● Works against computers that can use an external keyboard ● Designed for Windows, Linux, and OS X
  • 10. HIDIScript ● HID Scripting Language ● Four components ● Plain text ● Parsed Modifiers ● Parsed Keys ● Commands ● Write using HIDIScript Generator ● http://keymeglitch.sourceforge.net
  • 11. HIDIScript Example [KEY_RIGHT_GUI][KEY_R] [WAIT_1000] notepad [KEY_ENTER] [WAIT_2000] Hello BlackHat Asia 2014! [WAIT_2000] [KEY_ALT][KEY_F4]
  • 12. Trojan Mouse ● Parts – USB mouse – USB hub – The Glitch
  • 13. Trojan Mouse Row 1 Row 2 Row 3 Row 4 12 10 8 6 4 2 0 Column 1 Column 2 Column 3 ● Open the mouse – USB Pins solderer or plug in – Remove scroller – Several square centimeters of open space
  • 14. Trojan Mouse ● Remove the hubs case ● Cut of USB plugs ● Unsolder two cables ● Unsolder USB host connector
  • 15. Trojan Mouse ● USB (Universal Serial Bus) – Four pins ● Vcc <---> Vcc (Red) ● D- <---> D- (White) ● D+ <---> D+ (Green) ● GND <---> GND (Black) – Standard colors ● Many USB cables use the standard color wires ● Makes it easy to reuse cables
  • 16. Trojan Mouse ● Split the mouse USB cable
  • 22. Trojan Keyboard ● Take apart the keyboard with a standard screwdriver
  • 23. Trojan Keyboard ● The keyboard has an built in USB hub ● Tap in and replace one of the USB ports ● Avoid soldering by connecting into the connector with wires
  • 24. Trojan Keyboard ● USB cables take up to much room ● The Glitch has built in solder pads for an alternative USB connection
  • 25. Trojan Keyboard ● Cut the lines to the USB plug ● Disables plug to avoid other device interference – Could also add another USB hub to keep the port active
  • 27. Trojan Card Logger ● Common PoS card reader – Keyboard + Mag Reader
  • 28. Trojan Card Logger ● Keyboard types card data into the PoS ● Replace the PS2 cable ● Connect to The Glitch pinouts – Vcc, GND, IRQ, DATA ● No soldering
  • 29. Trojan Card Logger ● Connect The Glitch USB cable to PoS ● Keystrokes converted from PS/2 to USB ● Log data on the Micro SD card
  • 30. Trojan Desktop/PoS ● Plug into motherboard USB pins inside case
  • 31. What does the User see? ● USB device drivers installing for all components – A few pop-ups in Windows – Default drivers are fine ● Launch of the attack – The Glitch has a new one time attack option – Will not attack again after each power on
  • 32. How can we make this stealthier? ● Clone USB ID – The Glitch can clone the USB ID – Computer see double ● Plan the attack – Make it look like an update – Wait a while after the Trojan device is installed
  • 33. Trojan Network Connection ● Hardware <-> Trojan Router <-> Network ● Method – Remove the Ethernet connector – Connect PCB Ethernet headers to router – Connect second Ethernet cable to Ethernet connector – Connect USB charger to existing USB connectors on the device
  • 34. Trojan LCD TV & Blu-Ray Player ● Fits in the case ● USB power and ground taps
  • 35. Modify Firmware ● See whats already out there about moding the device ● Research the chips – ARM, AVR, PIC, Texas Instrument, Broadcom, Intel, etc ● Exposed ports (or chip pin outs) – JTAG, UART, I2C, SPI, GPIO, etc ● Program/Debugger (often low cost) – Bus Pirate, Goodfet, FTDI, PICKIT, etc
  • 36. Flash Firmware ● Integrated Development Environment – Port code or use custom language ● Look for a development community – Code examples – Custom libraries ● Flashing methods
  • 38. Customize Through Serial ● You may not need to overwrite the firmware ● Connect through a serial console over USB to UART – Issue AT+ commands – Command shell access – Custom commands
  • 39. Linux YAY!!! ● Many mufti-function hardware platforms run Linux … YAY!!! – BusyBox – 2.4.x or 2.6.x kernel core + compiler ● Porting Linux is free and easy – BSD is preferred … no source code publishing required ● Compiled for custom architecture like ARM
  • 40. Linux YAY!!! ● Types of devices – Printers – TVs – DVR/DVD/BluRay players – Routers – Watches ● PwnPlug embedded computer ● Almost anything you can ping!
  • 41. Trojan Router ● Open sources router firmware – OpenWRT – DDWRT ● Replace existing router firmware on hundreds of models – Cisco, TP-Link, D-Link, Siemens, etc ● Configured using local Web, SSH, Telenet ● Access to underlying Linux OS ● Install / configure new applications
  • 42. Trojan Router 1. Backup router web interface pages 2. Flash with open firmware 3. Integrate original web interface with open firmware 4. Configure hidden Trojan functionality – Enable remote VPN access – Create reverse SSH – Install hacking tools ● MiniPwner project
  • 43. Trojan Devices Hardware Trojans ● TVs / Monitors ● Game systems ● Printers ● Mice / Keyboards ● PoS / Desktops Firmware Trojans ● Embedded Linux ● Routers ● CC Cameras ● Controllers ● SCADA devices ● 'Internet of Things' Ju$t l00k @R0uƞd U > - <
  • 44. Countermeasures ● Make purchases from a reputable source ● Monitor peripherals and network for suspicious actions ● Disable debug ports on hardware ● Enforce update authentication
  • 45. Resources ● http://theglitch.sourceforge.net ● http://hackaday.com ● http://www.instructables.com/ ● http://goodfet.sourceforge.net ● http://dangerousprototypes.com/docs/Bus_Pirate ● http://servicemanuals.pro ● http://minipwner.com ● http://digikey.com ● http://mouser.com
  • 46. Thanks ● IronGeek, Hak5, Dave Kennedy, Dragorn, Mike Ossmann for their work in this and relating project ● Community support from Kickstarter ● BlackHat
  • 47. Questions? JP Dunning “.ronin” Projects @r0wnin theglitch.sourceforge.net ronin@shadowcave.org ww.hackfromacave.com