Many papers have highlighted critical security issues introduced by Smart TVs and the Hybrid Broadcast and Broadband TV protocol enclosed in DVB-T. From privacy issue to full take-over, it has been shown that Smart TVs introduce new attack vectors in home networks. In order to better understand and prevent an outsider compromising the network entering through the TV, a testbed is highly required for both wireless interfaces (DVB-T, Wi-Fi, Bluetooth) and the network interface (RJ45). In this talk, we explain how we used available tools to design and build a quick and dirty testbed for assessing efficiently the security of Smart TVs. As an additional outcome, we will present the vulnerabilities uncovered for an Android-based Smart TV.
The following payloads have been tested against specific targets leading to the discovery of 0 days: