A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Hardware Slashing, Smashing, and Reconstructing for Root access - Deral Heiland Derbycon 2018 (Hacking Illustrated Series InfoSec Tutorial Videos)

Hardware Slashing, Smashing, and Reconstructing for Root access
Deral Heiland
Derbycon 2018

This presentation I will be focusing on what is typically referred to as destructive methods for data acquisition from embedded devices. Focusing on the process of removing embedded Multimedia Media Controller (eMMC) devices from circuit boards to gain access to their contents. But we will take it a step further by covering how to restore the device back to operation including methods and technics on altering the devices firmware prior to rebuilding, to allow for full root level access to functional system after recovery. Topics covered will include, Device removal, eMMC firmware extraction and modification methods. Hot air and infrared reflow methods, BGA re-balling manually and with re-ball kit.

Deral Heiland CISSP, serves as a Research Lead (IoT) for Rapid7. Deral has over 20 years of experience in the Information Technology field, and over the last 10+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also has conducted security research on numerous technical subjects, releasing white papers, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, Hack In Paris.

@percent_x

Back to Derbycon 2018 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast