[T4] Hardware hacking for beginners

Author: Nicolas Oberli (@baldanos)
Language: French or English
Number of participants: 2 to 10
Price: 800.- CHF
Date: Nov. 1 - 8:00-17:30

Content:

Hardware hacking is a trending topic nowadays. With all new kinds of connected <you name it> and IoT gadgets, security researchers and hackers need different kind of skills to analyze those devices compared to, say, web applications.

This hands-on course aims to give all the basics one needs to know about electronic components and how to interact with them in order to explore how embedded systems work and analyze how they work.

During the course, participants will have to analyze and exploit vulnerabilities on a custom device specially created for this course. All devices and tools used in the course can be kept by attendees at the end of the day.

Table of content:

  1. Intro
  2. Why hardware hacking
  3. Presentation of the target device
  4. Electronics 101
    1. Ohm's law
    2. Basic components
    3. Tool presentation: Multimeter
      1. Presentation, basic usage
    4.     Exercices
  5. Logical systems
    1. Boolean Algebra
    2. Integrated Components
    3. Circuit Design and flaws
    4. Exercices
  6. Presentation of the Hydrabus
    1. Basic usage
  7. Embedded devices
    1. Common components
      1. MCUs
      2. EEPROMS
    2. Communication protocols
      1. Logic signals
      2. PWM
      3. UART
      4. I2C
      5. SPI
    3. Tool presentation: Logic analyzer
      1. Presentation / usage
    4. Exercices
    5. Debugging interfaces
      1. JTAG / SWD
      2. Exercices
  8. Firmware analysis
    1. ARM assembly introduction
    2. Microcontroller inner working
      1. Interrupts
      2. MMIO
      3. Registers
    3. Firmware analysis
    4. Exercices
  9. Side channel attacks
    1. Presentation and demos about different side-channel attacks
  10. Conclusion

Audience type:

This course is made for people with a security background, but with no experience about electronics or embedded devices whatsoever. Attendees are expected to have basic understanding about computer architecture and common types of vulnerabilities.

Requirements:

Participants should bring a laptop capable of running a virtual machine. Everything else is provided on site.

Price:

800.- CHF

Trainer:

Nicolas is a security researcher and currently working as the chief technology officer at Hacking Corp, a swiss IT security company focused on embedded and industrial systems. His main expertise areas include custom architecture reverse engineering and communication protocols. He is also involved in the development of the Hydrabus hardware hacking tool and plays Capture the Flag competitions.