MIPS-X, the next IoT frontier
Attend in-person
Build Track
Date
25 NOV
Attend online
HITB VIRTUAL STREAM
Time
11:00

+overview

IoT vulnerability research usually involves both static and dynamic analysis of the target device. To aid in this task, researchers typically perform some sort of emulation to enumerate the filesystem as well as run the respective binaries. Luckily, there are tools like QEMU and/or Buildroot to guide our path on the way, but this does not mean the way is smooth.

Our main goal was to create a framework and documentation suitable for MIPS (LE/BE) device research, which can be used in a Dockerized environment to set up as many emulated IoT devices as desired. The goal was to create the least amount of pain and effort to set up the emulation infrastructure. This means, you will have a target MIPS architecture virtual machine running natively with all the binaries, full network stack, debugging tools, and other useful tools. Let the pwning begin!

+speaker

Patrick Ross
Co-Founder, Village Idiot Labs

Patrick (0xn00b), a DEF CON 26 Black Badge holder, is the co-founder of Village Idiot Labs which helps run IoT Village across the globe. Patrick has created a fully immersible/virtual web-based lab environment that people can learn how to hack IoT without the need for their own tools, equipment or even prior knowledge.

Zoltan Balazs
Head of Vulnerability Research Lab, CUJO AI

Zoltan (@zh4ck) is the Head of Vulnerability Research Lab at CUJO AI, a company focusing on smart home security. Before joining CUJO AI he worked as a CTO for an AV Tester company, as an IT Security expert in the financial industry, and as a senior IT security consultant. He is also the developer of the Hardware Firewall Bypass Kernel Driver (HWFWBypass), the Encrypted Browser Exploit Delivery tool (#IRONSQUIRREL) and the Sandbox tester tool to test Malware Analysis Sandboxes.

He found and disclosed a vulnerability in IP cameras, and this vulnerability was exploited by the Persirai botnet, running on ˜600 000 cameras.

+oTHER PRESENTATIONS IN THIS TRACK

24 NOV
Paid
24 NOV
Reversing GO Binaries with Ghidra
Albert Zsigovits
5465
Dorka Palotay
5464
24 NOV,
13:00
Build Track
24 NOV
Paid
24 NOV
Build Talk 2 - TBA
Hugo Teso
8211
24 NOV,
14:00
Booth B, West
24 NOV
Paid
24 NOV
Build Talk 3 - TBA
TBA
24 NOV,
15:00
Booth B, West
25 NOV
Paid
25 NOV
Build Talk 4 - TBA
John Matherly
5491
25 NOV,
11:00
Booth B, West
25 NOV
Paid
25 NOV
Build Talk 5 - TBA
TBA
25 NOV,
13:00
Booth B, West
25 NOV
Paid
25 NOV
Build Talk 6 - TBA
TBA
25 NOV,
14:00
Booth B, West
25 NOV
Paid
25 NOV
Build Talk 7 - TBA
TBA
25 NOV,
15:00
Booth B, West