Vegas, Baby!

I’m Vegas-bound for my Black Hat briefing, full of all the wonderful security SNAFU’s we’ve come to expect from embedded devices. If you want to see some surveillance cameras getting hacked, stop by my talk, or find me in the DEFCON wireless village if you just want to drink beers and talk shop!

Bookmark the permalink.

3 Responses to Vegas, Baby!

  1. Tom says:

    I wasn’t lucky enough to be in the audience but your slides make it look like I sorely missed out!

    I’d quite like to have a go at using Qemu etc to do this sort of embedded systems analysis. If you could tolerate a really stupid question: Once you’ve downloaded the firmware.bin file how are you managing to get the bin file onto a virtual machine? Are you using Binwalk to get the files? If so how are you converting them into a img file?

    • Craig says:

      Yes, I usually use binwalk to extract the file system. For Qemu I typically don’t build a whole image, but rather emulate individual binaries/services of interest. I’ve written a bit about this topic here on the blog, particularly here.

  2. Caston Young says:

    Hey I am doing a Tech Report on the digital security of security cameras, and I just saw your Black Hat presentation online. I have a couple questions: first don’t you have to go through a router before getting into someone’s camera? I would assume that even a completely insecure camera would still be protected if the router it is connected to uses the latest encryption and what not. Yet it sounds like you never had to bother with that.

    Second of all, what are all of the other cameras that use Lightpd? Does the Lorex use it?

Leave a Reply

Your email address will not be published. Required fields are marked *