Hack the Planet presented at BSidesAugusta 2018

by Bryson Bort,

Summary : Howdy Neighbor, a model smart house will be used to visually demonstrate to the audience how multiple interactive smart home products, including webcams, smoke detectors, power meters, HVAC systems, smart ovens and refrigerators, video game consoles, smart TVs, toasters, coffee makers, locks, and light bulbs (etc.), can be hijacked by attackers of various skill level to expose real-world vulnerabilities. This will provide attendees a great way to learn about common oversights made in development, configuration, and setup of IoT devices. More than just showing folks how your Nest smart thermostat can take over your home, we created Howdy Neighbor to actually demonstrate the problem and raise awareness to help train conference-goers. To do that, it had to be realistic. So Howdy Neighbor is a miniature homemade to be from kitchen to garage. It’s a test-bed for reverse engineering and hacking distinct consumer-focused smart devices, and to understand how the (in)security of individual devices can impact the safety of your home, and ultimately your family.I will demonstrate how to build a mass attack campaign to take over thousands of devices at the same time, then how to automatically pivot through the local network to steal PII and financial information.