ANDREA BARISANI & DANIELE BIANCO (Inverse Path)

PRESENTATION TITLE: Practical Exploitation of Embedded Systems

PRESENTATION ABSTRACT: 

For the 10th anniversary of HITB we keep it old school with an in-depth exploration of the reverse engineering and exploitation of embedded systems.

We will cover hardware by showing how to identify and probe debugging and I/O ports on undocumented circuit board layouts. We will cover software by exploring the analysis, reverse engineer and binary patching techniques for obscure real time OSes and firmware images with real world examples.

We are also going to address the post compromise art of debugging and patching running live kernels with custom backdoors or interception code. At least one Apple laptop embedded subsystem will be harmed during the course of the presentation.

ABOUT ANDREA BARISANI

Andrea Barisani is an internationally known security researcher. Since owning his first Commodore-64 he has never stopped studying new technologies, developing unconventional attack vectors and exploring what makes things tick…and break.

His experiences focus on large-scale infrastructure administration and defense, forensic analysis, penetration testing and software development, with more than 10 years of professional experience in security consulting.

Being an active member of the international Open Source and security community he contributed to several projects, books and open standards. He is now the founder and coordinator of the oCERT effort, the Open Source Computer Security Incident Response Team. He has been a speaker and trainer at BlackHat, CanSecWest, DEFCON, Hack In The Box, PacSec conferences among many others, speaking about TEMPEST attacks, SatNav hacking, 0-days, OS hardening and many other topics.

ABOUT DANIELE BIANCO

He began his professional career during his early years at university as system administrator and IT consultant for several scientific organizations. His interest for centralized management and software integration in Open Source environments has focused his work on design and development of suitable R&D infrastructure. One of his hobbies has always been playing with hardware and electronic devices.

At the time being he is the resident Hardware Hacker for international consultancy Inverse Path where his research work focuses on embedded systems security, electronic devices protection and tamperproofing techniques. He presented at many IT security events and his works have been quoted by numerous popular media.