IoT Ethical Hacking – IoT Device Security Testing

IoT Device Security Testing – (Without source code)

Perform the security assessment on device physical interfaces to identify the security threats such as privilege escalation, IoT device exploitation, encryption keys and priorities the risk at device level to provide with actionable mitigation steps.

Need to know/analyze on Embedded devices software
base64 decoding
Binary analysis and extracting files from the possible blocks
Knowing CPU architecture
Crypto Material – Encryption Keys, Checksum’s and more
Exploit mitigations
Hashing all files for threat hunting in near future.
File type
Enumerating Firmware functionality
Startup scripts or binary files n the systems
IP’s and URL/URI listing
Check for known Vulnerabilities.
Malware analysis – threat hunting
Acknowledge and view printable strings
Identify software components used like libraries or dependent programs
Java string evaluation
Know the unpacker
Users and Passwords in the file system.

Analysis – Static and Dynamic

Dynamic Analysis : Yara + Qemu + Threat feed.

 

  • Automatically look for signatures and record all the function calls whilst executed in emulated environment like Qemu.
  • Automatically look for malicious recorded patterns using Yara as the file executes.
  • Evaluate used binaries to the features specified with the device and list all the extra binaries for static analysis.
  • Gather Strings and scripts along with list of services running and their version and more.
  • Validate strings to any Java found.
  • Dynamically test web interfaces, Api using Burp/Zap.
  • Automatically list all the interface and map Attack Surfaces.
Few Results are shown below

Vulnerable Software Components found after analysis.

Static Analysis :  r2, Gdb,

  • Using reverse engineering tools unlist all the functions and draw a call graph to identify the execution flow for all the extra binaries listed after Dynamic analysis.
  • Manually analyze and validate automatically listed Attack Surface.

IoT Device Network Services Security Testing

Pentest device network service in-depth to find the potential vulnerability in the network service such as reply attacks, lack of payload verification, Unencrypted Services, Various injections and provide with actionable mitigation recommendations.

More in the next post

 

Please follow and like us:

Leave a Reply

Your email address will not be published. Required fields are marked *

4 × 2 =

Comment moderation is enabled. Your comment may take some time to appear.