0

The access to this course is restricted to Hakin9 Premium or IT Pack Premium Subscription

DURATION: 18 hours

CPE POINTS: On completion you get a certificate granting you 18 CPE points. 

Course available on demand

The Internet of Things is one of “the” most upcoming trends. Every month, there are hundreds of thousands of smart devices being connected to the internet and potentially being exposed to malicious attackers because there are a number of privacy and security concerns in those smart devices. There are roughly 8 billion devices connected to the internet as of now and by early 2020, it's estimated that there will be 25 to 35 billion IoT devices worldwide, however, little additional attention is being paid to the device's security. Exploitation: IoT Device Security is a unique course that offers security professionals the ability to assess the security of these smart devices. In this course, we will discuss security and privacy issues in IoT devices on two different layers, like firmware, hardware, Bluetooth and protocols, and what happens if organizations leave the IoT device vulnerable. The course will also demonstrate the actual hacking into IoT devices and highlight the top vulnerabilities that exist in IoT devices. The course will include hands-on opportunities to perform exploitation techniques on real-world IoT devices rather than just watching the videos.


Note: since this class was published in 2019, some IoT technology has advanced and tools had new versions released. These materials have not been updated, however the concepts and techniques presented remain largely relevant.  

  • Pentest of IoT Devices
  • Firmware static and dynamic analysis
  • Breaking Firmware encryption standard
  • BLE exploitation tools hcitool and gatttool
  • Sniffing BLE Packets using BLE sniffer/ubertooth
  • Hardware exploitation technique UART, JTAG, I2C and JTAG
  • Analyzing the security of the IoT communication protocol
  • Extract and analyze device firmware
  • Identify the attack surfaces
  • Perform attacks on the IoT device
  • ARM Binary exploitation
  • Reversing ARM applications
  • Analyzing BLE packets on the Wireshark
  • Cracking Encryption
  • Binwalk
  • Flawfinder
  • Firmware analysis Toolkit
  • QEMU
  • Radare2
  • IDA Pro
  • Blackroot OS
  • Hcitool & bluez
  • Gatttool
  • Wireshark
  • Ubertooth
  • BLE dongle 4.0
  • Crackle
  • Exploit: IoT protocol framework
  • nmap
  • GNU Binutils
  • ARM Lab VM

Course general information: 

Course format:

  • Self-paced
  • Pre-recorded
  • Accessible even after you finish the course
  • No preset deadlines
  • Materials are video, labs, and text
  • All videos captioned

What will you need?

  • BLE dongle 4.0
  • PC with a preferred operating system(Ubuntu 16.04, VMware Workstation)
  • Ubertooth/ BLE sniffer
  • Raspberry Pi optional

What should you know before you join?

  • Basic knowledge of the electronics (like, what is the electronics device and how it works)
  • Familiar with Ubuntu OS
  • Hacking skills
  • Basic knowledge about IoT (just Google it and learn about the IoT architecture, connectivity, protocols - that’s enough)

Your instructor: Vaibhav Bedi

  • Experience in various fields such as Biomedical, Embedded system, Additive and Smart Manufacturing and Internet of Things.
  • Experience in the security domain.
  • Delivered lectures to more than 500 students in communities like OWASP, Null Bangalore and Test Tribe.
  • Love spending most of my free time in making, breaking and securing IoT Devices.
  • Excel at operating and working with hardware

Course Syllabus

Module 1: Analyzing and Exploiting Firmware

Nowadays, hardware and operating system (OS) security have become more robust, so hackers and researchers look for exploits in other areas such as firmware. Many IoT devices become vulnerable to cyber attacks because their firmware isn’t updated. One of the instances where we might have heard of firmware security is during the time of Mirai Botnet being widespread. Mirai Botnet infects devices by getting access to the device using default credentials. So in this module, we will purely focus our efforts on firmware reverse engineering to analyze its contents for manipulation during its runtime.

  • Basic understanding of the firmware
  • How to get the firmware image
  • Extracting Firmware
  • Analysis Firmware
  • Source Code Review
  • Firmware Encryption
  • Sensitive credentials
  • Firmware Analysis Toolkit
  • Firmware emulation with QEMU
  • Reverse Engineering using Radare2
  • Binwalk
  • Flawfinder
  • Firmware Analysis Toolkit
  • QEMU
  • Radare2

Assignment: We will provide you with the firmware image and you have to identify the vulnerability and submit a detailed report on that.

Workload: 4:00 hours

Module 2: Bluetooth Hacking and Exploitation

BLE has proven to be one of the most prominent technologies in the Internet of Things (IoT) space. Bluetooth Low Energy (BLE) is a low power wireless technology used for connecting devices with each other. With the rapid growth of IoT accelerating development in Bluetooth technology, constant efforts are being taken by the Bluetooth Special Interest Group (SIG) to increase the transfer speed with a maximum focus on beacons, healthcare entertainment, and fitness. Bluetooth Low Energy is built into many of the gadgets that we use today. From smartphones, smart televisions, advanced technologies such as medical equipment, to a basic device such as our coffee machines, all use BLE. This module covers some of the important topics related to Bluetooth exploitation listed below.

  • Basic understanding of the Bluetooth
  • Bluetooth Layers/characteristic
  • Bluetooth Security
  • Tools for exploiting BLE
  • Sniffing BLE packets
  • Packet analyzing in the Wireshark
  • Crack BLE packets Encryption
  • Latest BLE Attack
  • Bluez Bluetooth stack tool
  • Wireshark
  • Ubertooth
  • BLE dongle 4.0
  • Crackle

Assignment: You have to find any BLE based IoT device near you, like a fitness band, tap lock, doorbell, etc., and apply all the tools discussed in this module to identify the vulnerability and submit the detail report on that.

Workload: 4:30 hours

Module 3: Exploitation IoT protocol and Hardware security

Security and protocols are the leading concerns for the Internet of Things. Billions of devices will be communicating wirelessly and it is a real huge challenge to our security and privacy. IoT requires efficient and effective security solutions that satisfy IoT requirements - low power, small memory, and limited computational capabilities. In this module, we will discuss the IoT protocol Security exploitation and how to interact with any hardware device.

  • IoT Exploitation Framework
  • Introduction to Hardware Security
  • Analyze Hardware Device
  • Exploiting UART Communication
  • Digging deep into SPI and I2C
  • JTAG Debugging and Exploitation
  • Exploit: IoT protocol framework
  • Baudrate
  • Spiflash

Assignment: you have to solve the multiple choice question test. 

Workload:  3:00 hours

Module 4: Reversing and exploiting ARM Binaries

“There’s an Intel on every desktop, but an ARM in every pocket”. ARM processors are becoming ubiquitous in mobile devices today with RISC processors making a comeback for their applications in low power computing environments. ARM has emerged as the leading architecture in the Internet of Things (IoT) world. IoT devices being utilized in a critical infrastructure capacity are becoming more prevalent, such as embedded mobile cores, running ARM chipsets. This module introduces the ARM architecture and teaches students how to reverse ARM binaries and bypass exploit mitigations present on ARM-based IoT devices. This module covers some of the important topics related to ARM binary listed below.

  • Introduction to ARM Assembly
  • ARM Data types and Instruction Sets
  • Conditional Execution and Branching
  • Reversing simple ARM Binaries
  • ARM Reverse Shell
  • ARM stack-based overflow exploit
  • Heap exploitation
  • Emulate Raspberry Pi with QEMU
  • Debugging with GDB
  • GNU Binutils
  • ARM Lab VM

Assignment: you have to solve the multiple choice question test and we will provide you with the binary image and you have to identify the vulnerability on that and submit the report.

Workload: 5:00 hours

Final Exam

Multiple choice questions related to firmware, ARM binaries, Bluetooth exploitation, Hardware security.  

QUESTIONS? 

If you have any questions, please contact our eLearning Manager at [email protected].

Course Reviews

4

4
1 ratings
  • 5 stars0
  • 4 stars1
  • 3 stars0
  • 2 stars0
  • 1 stars0
  1. zarcoffMarch 11, 2021 at 11:16 amReply

    Good Introduction

    4

    Exploiting IoT Devices course is a good intoduction into the world of expliting IoT devices.

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.
Please review your information and consent to the processing of your personal data.(Required)
What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?
Please review your information and consent to the processing of your personal data.(Required)

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.