#HITB2017AMS COMMSEC D1 - So You Want To Hack Radios? Matt Knight and Marc Newlin
The Age of the Radio is upon us: wireless protocols are a dime a dozen thanks to the explosion of the Internet of Things. While proprietary wireless solutions may offer performance benefits and cost savings over standards like 802.11 or Bluetooth, their security features are rarely well-exercised due to a lack of access to these interfaces. The adoption of Software Defined Radio (SDR) by the security research community has helped shift this balance, however SDR remains a boutique skillset. Join us as we lift the veil on SDR and show that a PhD is not need to pwn the Internet of Things.
This session offers a tutorial on how to apply Software Defined Radio, with an emphasis on the “Radio” part. Rather than glazing over RF basics, we will frame our entire discussion about reverse engineering wireless systems around digital radio fundamentals.
We begin with an offensively short crash course in digital signal processing and RF communication, covering just enough to be dangerous, before introducing a reverse engineering workflow that can be applied to any wireless system. We will show how to use this workflow to recover and inject packets from/into a variety of devices with proprietary modulations, including a popular home automation system and a wireless keyboard.
Attendees should expect to walk away with practical knowledge of how to apply SDR to examine proprietary wireless protocols. We will release GNU Radio flowgraph templates and shell scripts to get attendees started.
===
Matt Knight (@embeddedsec) is a software engineer and security researcher at Bastille, with a diverse background in hardware, software, and wireless security. In 2016, he exposed the internals of the closed-source LoRa PHY based on blind signal analysis. Matt holds a BE in Electrical Engineering from Dartmouth College.
---
Marc Newlin (@marcnewlin) is a wireless security researcher at Bastille, where he discovered the MouseJack and KeySniffer vulnerabilities. A glutton for challenging side projects, he competed solo in two DARPA challenges, placing third in the DARPA Shredder Challenge, and second in the first tournament of the DARPA Spectrum Challenge.
Видео #HITB2017AMS COMMSEC D1 - So You Want To Hack Radios? Matt Knight and Marc Newlin канала Hack In The Box Security Conference
This session offers a tutorial on how to apply Software Defined Radio, with an emphasis on the “Radio” part. Rather than glazing over RF basics, we will frame our entire discussion about reverse engineering wireless systems around digital radio fundamentals.
We begin with an offensively short crash course in digital signal processing and RF communication, covering just enough to be dangerous, before introducing a reverse engineering workflow that can be applied to any wireless system. We will show how to use this workflow to recover and inject packets from/into a variety of devices with proprietary modulations, including a popular home automation system and a wireless keyboard.
Attendees should expect to walk away with practical knowledge of how to apply SDR to examine proprietary wireless protocols. We will release GNU Radio flowgraph templates and shell scripts to get attendees started.
===
Matt Knight (@embeddedsec) is a software engineer and security researcher at Bastille, with a diverse background in hardware, software, and wireless security. In 2016, he exposed the internals of the closed-source LoRa PHY based on blind signal analysis. Matt holds a BE in Electrical Engineering from Dartmouth College.
---
Marc Newlin (@marcnewlin) is a wireless security researcher at Bastille, where he discovered the MouseJack and KeySniffer vulnerabilities. A glutton for challenging side projects, he competed solo in two DARPA challenges, placing third in the DARPA Shredder Challenge, and second in the first tournament of the DARPA Spectrum Challenge.
Видео #HITB2017AMS COMMSEC D1 - So You Want To Hack Radios? Matt Knight and Marc Newlin канала Hack In The Box Security Conference
Показать
Комментарии отсутствуют
Информация о видео
5 мая 2017 г. 13:35:43
00:59:27
Другие видео канала
BSIDES CPT 2019 - Hacking satellites with Software Defined Radio (SDR) - Gerard de Jong
So You Want to Hack Radios - Marc Newlin and Matt Knight at 44CON 2017
LoRa at Xerocraft: Estimating Telemetry Coverage
Chris Gammell - Gaining RF Knowledge: An Analog Engineer Dives into RF Circuits
#HITBCW2021 Hack In The Studio: Fireside Chat With Cristofaro Mune & Adam Laurie
GRCon16 - Reversing and Implementing the LoRA PHY with SDR, Matt Knight
Hacking 4G and how to get arrested in 10 minutes - Christian Sørseth
How to Make A Mobile Multi Frequency Jammer
Hacking Infrared with Mike Ossmann and the GreatFET One - Hak5 2522
#HITBCW2021 Hack In The Studio: Fireside Chat With Youssef Awad with H.E. Dr. Mohamed Al-Kuwaiti
Getting My Ham Radio License // Becky Stern
RF Shielded Honeycomb Air Vent Installation
Hacking the Wireless World with Software Defined Radio - 2.0
Hacking the TV tuner and making DIY antena to recieve weather images from satellites (NOAA)
$100 Spectrum Analyzer with the SDRPlay
Defcon 21 - All Your RFz Are Belong to Me - Hacking the Wireless World with Software Defined Radio
07: ETR241 - Capturing LoRa from SparkFun Pro RF w RTL-SDR
GRCon17 - Hacking the Wireless World 4.0 - Balint Seeber
Radio Hacking: Reverse Engineering Protocols Part 1 - Hak5 1913