Exploiting Embedded System presented at SyScan 2006

by Barnaby Jack,

Tags: Security Exploitation

Summary : From Automobiles and cell phones, to routers and your kitchen microwave - Embedded systems
are everywhere. And wherever there is code, there are flaws.In this presentation I will be discussing ARM based on-chip architectures. The same techniques I
will be demonstrating are also applicable to other architectures. I will cover the JTAG and UART
interfaces, and how these interfaces can be used in conjunction with an In-Circuit Emulator for
real-time on-chip debugging. You will learn about the components that make up an embedded system,
how to disable certain implemented features that thwart hacking attempts, and how to interface with
the system to debug the ROM code.We will use everything from Logic Analyzers to External flash programmers to analyze, and of course,
exploit, all manner of embedded systems.I will cover a few popular embedded devices, including a Nortel ip-phone, a cellphone or two, and
a popular home router. Finally I will demonstrate exploitation and hopefully open some eyes to the
threat insecure embedded devices pose.No toasters are safe.