SEARCH
TOOLBOX
LANGUAGES
Difference between revisions of "Training 2016 - Hardware hacking training with Hardsploit"

Difference between revisions of "Training 2016 - Hardware hacking training with Hardsploit"

From BruCON 2017

Jump to: navigation, search
(Trainer Biography)
 
(5 intermediate revisions by the same user not shown)
Line 60: Line 60:
 
All students will be provided with :  
 
All students will be provided with :  
 
* Full copy of the course
 
* Full copy of the course
* One Hardsploit tool board for hardware security audit (see [hardsploit.io hardsploit.io])
+
* One Hardsploit tool board for hardware security audit (see [http://hardsploit.io hardsploit.io])
 
* Few more goodies
 
* Few more goodies
  
 
= Hardware/software Requirements =
 
= Hardware/software Requirements =
 
+
* Latest VMware Player, VMware Workstation, VMware Fusion or VirtualBox
 +
* Hard disk : Minimum 15GB of free space
 +
* RAM : 4GB Minimum  6GB recommended
 +
* Minimum dual core CPU (Intel prefered,I3 I5 or I7)
 +
* 64 Bits OS with administrator access : Windows, Linux or Mac os
 +
* 2 free USB port
  
 
=Trainer Biography=
 
=Trainer Biography=
[[File:Yann.Allain.jpg|thumb|125px]]
+
[[File:Julien-Moinard.png|thumb|125px]]
Yann ALLAIN is the founder and current director of the OPALE SECURITY company. He graduated from a computer and electronic engineering school (Polytech-Universite Pierre et Marie Curie). After a time in the electronic industry as an engineer in embedded system conception, he made a career move towards IT. He started as a production manager for a company in the financial sector (Private Banking), and evolved towards IT security when he became part of the ACCOR group. He was in charge of applicative security for the group. He has a 20 years experience, 16 of which dedicated to IT systems and embedded system security. OPALE SECURITY deals with research projects linked, amongst other things to the security of embedded systems.
+
Julien Moinard, is an electronic engineer with a solid background in this field (over 8 years) & Security consultant, associated with many personal and professional experiments in the field of micro controllers. Furthermore, he contributes to the Hardsploit project as a project leader. He is also a senior hardware pentester at OPALE SECURITY. Julien attended as a trainer at Hack In Paris and as a speaker to numerous conferences,Hack In The Box, NullCon,CanSecWest, Chaos Computer Club, BlackHat.
 
 
[[File:Julien.Moinard.jpg|thumb|125px]]
 
Julien MOINARD, is an electronic engineer with a solid background in this field (over 8 years) & Security consultant, associated with many personal and professional experiments in the field of micro controllers. Furthermore, he contributes to the Hardsploit project as a project leader. He is also a senior hardware pentester at OPALE SECURITY. Julien attended as a trainer at Hack In Paris and as a speaker to numerous conferences,Hack In The Box, NullCon,CanSecWest, Chaos Computer Club, BlackHat.
 
  
 
<br>[[Image:300px-twitter-icon.jpg|17px]] [https://twitter.com/opalesecurity @opalesecurity]
 
<br>[[Image:300px-twitter-icon.jpg|17px]] [https://twitter.com/opalesecurity @opalesecurity]
Line 78: Line 80:
 
* [https://www.opale-security.com Opale Security]
 
* [https://www.opale-security.com Opale Security]
 
* [https://hardsploit.io HardSploit IO]
 
* [https://hardsploit.io HardSploit IO]
''Mon. 24 - 26 October 2016 (09:00 - 17:00) (3-day)''
+
''Mon. 24 - 25 October 2016 (09:00 - 17:00) (2-day)''
  
 
[[File:Register.jpg||link=https://registration.brucon.org/training-registration/]]
 
[[File:Register.jpg||link=https://registration.brucon.org/training-registration/]]
  
 
[[Training|Back to Training Overview]]
 
[[Training|Back to Training Overview]]

Latest revision as of 20:08, 20 June 2016

Hardware hacking training with Hardsploit

Tired of watching hardware products getting hacked every day without having your part of fun ? Don't worry it will not be the case anymore! This training teaches you hardware hacking in its most pragmatic aspects by using both theory and practice (hands-on). It follows a simple (but efficient) training methodology based on a "Discover / Analyze / Attack & Protect" guideline that can be applied to any kind of hardware product (Internet of Insecure Things included). Each student will receive a Hardsploit hardware hacking tool, with a value of 250 euros.

Course Description

This course smartly mix methods and tools in order to give you all the necessary knowledge to be able to perform hardware security audits by yourself. The last part but not least our "Capture The Drone" hands-on to complete the training by practicing what you have learned in an attack/defense scenario featuring our favourite small flying things.

Course contents

MODULE 1: Hardware Hacking 101

  • Review of electronic basics, motivations for hardware hacking, brief history of hacking security talks
  • Hardware security vulnerabilities review, offensive & defensive aspects
  • Practical cases for hardware hacking analysis
  • Hands-on : Basic electronic components use & fingerprinting

MODULE 2: How to access to the hardware for hacking / audit purpose

  • Review of methods & tools to perform hardware security audits
  • Create your own audit plan, differences with software pentesting
  • Hands-on : Practice exercises with hardware auditing tools
  • Hands-on : How to acquire electronic signals, tools & demonstration

MODULE 3: How to access the software inside the hardware

  • Embedded system architecture presentation (Microcontroller, FPGA), direct access to the software via I/O interfaces (JTAG / SWD, I2C, SPI, UART, RF (ISM Band), etc.)
  • Hands-on : Firmware dumping through different types of interfaces
  • DEMO : Power analysis attacks - Indirect access to the software or sensitive content via side channel attacks

MODULE 4: Complete hacking lab

  • Full hands-on session to apply practical case on our vulnerable embedded system
  • Hands-on : Identifying electronic components
  • Hands-on : Electronic signals acquisition
  • Hands-on : Bus signals interception and analysis (with Hardsploit)
  • Hands-on : Modifying and dumping firmware via JTAG debug function (and other I/O access) (with Hardsploit)
  • Hands-on : Fuzzing external interface to spot basic vulnerabilities in embedded systems
  • Hands-on : Buffer overflow attacks on embedded system
  • Hands-on : Exploiting vulnerabilities during a hardware security audit

MODULE 5: How to protect your hardware products

  • Secure Design and Development Life Cycle (SDLC)
  • Review of hardware security best practices to limit the risks
  • Hands-on : Limit JTAG access, limit software vulnerabilities at embedded level
  • Review of protections against side channel attack (limit power analysis attacks)

MODULE 6: SDR Hacking

  • SDR hacking methodology (Software Defined Radio)
  • Tools of trade (GNURadio, hardware products, etc.)
  • Hands-on : How to reverse a wireless protocol from scratch ( communication with wireless LED screen, like on the highway)

MODULE 7: CTD Capture The Drone

  • Attack / Defense practical scenario team (Capture the Flag Mode)
  • Each team has a mini-drone.
  • Hands-on : Defend your drone and take down the others by using the tools and methods learned
  • The winning team is the one with the higher flying time

Target audience

  • This course is intended for everyone having an interest in security aspects related to hardware products or embedded devices.
  • Electronic enthusiasts and professionals
  • IT security professionals

All students will be provided with :

  • Full copy of the course
  • One Hardsploit tool board for hardware security audit (see hardsploit.io)
  • Few more goodies

Hardware/software Requirements

  • Latest VMware Player, VMware Workstation, VMware Fusion or VirtualBox
  • Hard disk : Minimum 15GB of free space
  • RAM : 4GB Minimum 6GB recommended
  • Minimum dual core CPU (Intel prefered,I3 I5 or I7)
  • 64 Bits OS with administrator access : Windows, Linux or Mac os
  • 2 free USB port

Trainer Biography

Julien-Moinard.png

Julien Moinard, is an electronic engineer with a solid background in this field (over 8 years) & Security consultant, associated with many personal and professional experiments in the field of micro controllers. Furthermore, he contributes to the Hardsploit project as a project leader. He is also a senior hardware pentester at OPALE SECURITY. Julien attended as a trainer at Hack In Paris and as a speaker to numerous conferences,Hack In The Box, NullCon,CanSecWest, Chaos Computer Club, BlackHat.


300px-twitter-icon.jpg @opalesecurity

Links :

Mon. 24 - 25 October 2016 (09:00 - 17:00) (2-day)

Register.jpg

Back to Training Overview