Wild West Hackin' Fest

Imagine that you've purchased your small a cheap IP security camera to feel just a little better with your own physical security. Now imagine that the people who designed that camera know nothing about secure programming, security or programming at all. Imagine that your precious camera can be hijacked into a botnet with only one broken HTTP packet. Now stop imagining. In the end of 2016, my fellow researcher Yoav Orot and I published our research paper about hundreds of thousands of white labeled IP security cameras being vulnerable to a simple attack that allows an attacker to gain complete control of the camera, including code execution as root without any ability to patch. Our research was published in dozens of website and was even covered by security blogger Brian Krebs. We did not publish any technical details yet since we had to wait for the vendor's answer. This talk will dive deeply into the product, our research process and into the vulnerabilities themselves. I will walk through all of the steps in our research (from hardware hacking to firmware dumping and just plain old reversing) and demo the exploits and explain, step by step, where the developers went wrong, what could have been done to avoid this situation and why this problem is so severe. There will be root shells, there will be exploits, there will be tears. Attendees of this talk will leave with some insights about IoT security and embedded device hacking.