IoT Hacking – Introduction to Brainwashing Embedded Systems

Learning the secret incantations to make embedded systems carry out your will is not as hard as one might think. In the world of IoT, the hardened system is rare and most times a firmware image is more than enough to find and exploit weakness. Embedded devices are flooding corporate and home networks with limited insight into product security.

These sessions teach attendees how to evaluate IoT devices regularly deployed on enterprise networks. Learning the techniques utilized by attackers will help enterprise admins vet devices intended for deployment while also helping companies that develop these devices identify how attackers operate.

Participants will be provided with a virtual machine pre-loaded with IoT analysis tools and configured to emulate several embedded devices.  Students will learn how to analyze and exploit these devices through a series of hands-on lab exercises designed to demonstrate some of the key concepts involved in IoT hacking.  Upon completion of each lab, students will be given the opportunity to test their exploits against live devices. These techniques have been successfully employed by the author to identify over 100 CVEs on embedded/IoT devices as well as to win the 0-day and CTF tracks in the DEF CON 22 SOHOpelessly Broken router hacking competition.

For the first time ever, we’re offering this introductory course for IoT Hacking – Brainwashing Embedded Systems. If you’ve already completed the IoT Hacking – Brainwashing Embedded Systems courses at SecTor 2016 or 2017, we recommend you look into the new Advanced IoT Hacking course offered at SecTor 2018.

Trainers: Tyler Reguly and Lane Thames (Tripwire)
Max participants: 40
Cost: $499 (Full Conference Attendee)
/ $599 (Expo Attendee)


This session is recommended for:

  • Enterprise Security Admins
  • Software Developers
  • Pen Testers
  • Information Security Students

Attendees should have a basic understanding of networking concepts including the HTTP protocol and be comfortable using a Linux shell. Classroom exercises will introduce and make use of some moderately complex concepts in BASH scripting.

Technical Requirements:

Attendees will receive an OVA formatted virtual machine image prior to the class and are expected to have the virtual machine (VM) installed before the class begins. The VM requires:

  • 64-bit AMD or Intel processor with hardware virtualization enabled in the BIOS or UEFI as needed
  • Minimum of 4GB (8GB preferred) RAM to allocate for the virtual machine
  • 20+ GB of available disk space

Please refer to VMWare KB article 1003944 for additional information on 64-bit virtualization support.

Attendees will find their day divided into three sections:


In this section, attendees will learn how to crack open firmware and look inside, where a wide range of vulnerabilities and configuration issues can be identified.


IoT products often take big shortcuts when authenticating users. Understanding the common authentication and authorization schemes employed in IoT is crucial for a successful security audit. This section explores this topic and introduces students to a flawed authentication process which has been identified in products from multiple vendors. Attendees will learn how to identify and exploit this common mistake.


Gaining access to the shell opens the door to a number of interesting investigative techniques. Attendees will learn what to look for and how to quickly identify the interesting pieces of information.

Agenda: Monday Oct 1, 2018

10:00 – 10:30 Introductions and setup
10:30 – 10:45 Working with Firmware (Lab 1 Intro)
10:45 – 10:55 Break
10:55 – 11:25 Firmware Based Reconnaissance (Lab 1)
11:25 – 11:35 Lab 1 Recap
11:35 – 12:20 Lunch
12:20 – 12:30 IoT Authentication (Lab 2 Intro)
12:30 – 14:15 Authentication Bypass (Lab 2)
14:15 – 14:25 Lab 2 Recap
14:25 – 14:35 Break
14:35 – 14:45 Shell Injection Primer (Lab 3 Intro)
14:45 – 16:45 Rooting a Smart Home (Lab 3)
16:45 – 16:55 Lab 3 Recap
16:55 – 17:00 Closing Remarks

Meet Your Trainers

Tyler Reguly

Tyler RegulyTyler Reguly is the Manager of Security Research and Development with Tripwire. At Tripwire, Reguly is a key member of VERT, Vulnerability and Exposure Research Team, where he focuses on web application security and vulnerability detection. He has also lent his expertise on various projects, including reverse engineering and web application security. He has been involved in industry initiatives, such as CVSS-SIG and WASSEC and has spoken at various security events, including RSA, SecTor, and OWASP Toronto. Additionally, he has contributed to the Computer Systems Technology curriculum at Fanshawe College in London, Ontario, by developing and teaching a number of security-related courses. He is also frequently quoted in industry trade press and is a prolific blogger.


Dr. Lane Thames

Dr Lane ThamesLane Thames is a senior security researcher with Tripwire’s Vulnerability and Exposure Research Team (VERT). As a member of VERT, Lane develops software that detects applications, devices, and operating systems along with vulnerability detection and management software. He also spends time looking for new vulnerabilities, contributing to the Tripwire State of Security blog, and understanding emerging cybersecurity threats. Lane received his PhD in Electrical and Computer Engineering from the Georgia Institute of Technology and has spent over 15 years working in information technology and software/hardware development.