Texas Cyber Summit II

IoT isn't going away, so it's our job to break it down and force it to be rebuilt securely. This workshop will introduce people to the basics of embedded system exploitation and take them from 0 to 0day against a SOHO router.
Briefing Format: Workshop (120 minutes)
Audience Level: Intermediate 
Description: A team of veteran Vulnerability Researchers will guide participants through the beginning stages of attacking an embedded system, including: disassembly of the target; discovery of hardware interfaces; establishing console communication; protocol discovery; attack vector enumeration; fuzzing; reverse engineering and vulnerability discovery; crafting a PoC. Students won't learn everything there is to know in a workshop, but by the time they leave, they should have the tools they need to cut a path through the jungle and start finding hidden treasures. All attendees will need to have a working understanding of the C programming language, as well as knowledge of assembly language in any architecture (x86, ARM, MIPS, PowerPC, etc.), or they will be lost in the sauce. We will provide targets and a custom Kali Linux ISO with tools included that will be needed for the workshop, including that one Ghidra thing everyone keeps talking about. Students will need to provide their own laptop that they can use to spin up the ISO provided, either via virtualization or booted from media.