Tweet
Title: Kicking Devices and Taking CVEs : The Zoomer’s Guide to Hacking Shit
Description:
Do you ever play iSpy with the smart devices around you and wonder how easy it is to hack shit and get CVEs? In the Zoomer era, smart devices are extremely accessible, generally cheap and not very security focused. In this talk, Sarda (a fellow Zoomer) will walk the audience through the basic methodology, tooling, exploitation, and disclosure process used when hacking an IoT device. This talk will include a “livish” demo of the exploitation of 5 CVEs, including remote code execution and telnet access, discovered while researching the Tenda AC1900 router—which can be chained to provide persistent root shell access to the device
Speaker(s): Sanjana Sarda
Location: IoT Vlg / IOT Vlg
Discord: https://discord.com/channels/7082082...34565604655114
Event starts: 2020-08-08 12:30 (12:30 PM) PDT (UTC -07:00)
Event ends: 2020-08-08 13:15 (01:15 PM) PDT (UTC -07:00)
For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-08-08T03:05 (UTC).
Description:
Do you ever play iSpy with the smart devices around you and wonder how easy it is to hack shit and get CVEs? In the Zoomer era, smart devices are extremely accessible, generally cheap and not very security focused. In this talk, Sarda (a fellow Zoomer) will walk the audience through the basic methodology, tooling, exploitation, and disclosure process used when hacking an IoT device. This talk will include a “livish” demo of the exploitation of 5 CVEs, including remote code execution and telnet access, discovered while researching the Tenda AC1900 router—which can be chained to provide persistent root shell access to the device
Speaker(s): Sanjana Sarda
Location: IoT Vlg / IOT Vlg
Discord: https://discord.com/channels/7082082...34565604655114
Event starts: 2020-08-08 12:30 (12:30 PM) PDT (UTC -07:00)
Event ends: 2020-08-08 13:15 (01:15 PM) PDT (UTC -07:00)
For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-08-08T03:05 (UTC).