Hardware Hacking Village

Bored with tcpdump? IDA got you down? Forget your neglected VMs, come hack hardware! Bring your RTL-SDR dongles, buspirates and '80s phone phreaking kit - let's hack together!


Friday 13th April

Setec Astronomy - Fun with Signals
10.00am - 11.30am
by Ando (Dwaine Anderson) & Matt (Matt Goonan)
With virtually every bit of tech trying to cut the wires to go "wireless" it is a great era to start hacking the RF spectrum. Software Defined Radio (SDR) gear has revolutionised and empowered researchers to view parts of the spectrum not previously accessible without spending a heap of dough. What we hope to show you is that things are even cheaper than you ever thought to start prodding and probing "things" that leverage the RF spectrum. Sub $30AUD can provide the ability to test devices or create havoc at your local Pub! We aim to show participants who may be thinking of deploying these systems that physical security is not obtained through obscurity - that garage door under your facility is probably not as secure as you think… Bring your own SDR and join the craziness.

Badge Workshop
1.00pm - 1.30pm
by ec0 & csirac2

A walkthrough of the CERT Australia BSides 2017 Incident Response challenge
1.45pm - 2.30pm
by Andrew Clark

This presentation will provide a technical walkthrough of the incident response challenge that CERT Australia hosted during BSides Canberra 2017. The challenge required participants to undertake the analysis of memory and network artefacts in order to investigate the fictitious compromise of a water utility company. The challenge is designed to test participants in a range of technical areas, including browser-based malware delivery via a waterhole website, control systems specific network protocols and how they can be abused, command and control communications, and volatile memory analysis to name a few. During the presentation a demonstration of the analysis tasks associated with this challenge will be given.
How to get into Bluetooth Low Energy hacking
2.30pm - 3.00pm
by Kevin Alcock
This workshop is for those that are interested in the world of IoT hacking but don’t know where to start. This will contain a run down of some of the hardware and software that Kevin uses when attacking devices.

Exploring the Zigbee attack surface
4.00pm - 5.00pm
by Faz
Whilst Zigbee as a technology stack has been around for some time, our understanding of threats and risks associated with it have been lacking. As new technologies and use cases evolve, so have the opportunities for attack and exploitation. The purpose of this talk is to provide an overview of historical issues in Zigbee and wireless security, my own discovery & research, anticipated areas of risk (aka things I cant hack) and what can be practically done (aka things I've 'explored' in a safer environment). By the end of this talk, audience members will have an appreciation for the issues in the Zigbee protocol, and how to plan and prepare from a security standpoint.

Saturday 14th April

A low cost guide to satellite listening
10am - 10.30am
by Pamela O'Shea

So many satellites are moving and sitting over our heads, and the numbers are ever increasing. Using low cost software defined radio (SDR) and low cost DIY antennas you can make from materials at your local hardware store or garage, a world of fun can be explored. This is a beginner's guide on how to get up and running. Exploring which projects to tackle first, from weather satellites, data over Inmarsat and Iridium, to listening to amateur radio and cube satellites. Learn about some hardware you can make or scout for online and use at home. A quick tour of the frequency bands requiring some bigger hardware will also be discussed.

Badge Workshop
1.00pm - 1.30pm
by ec0 & csirac2

Shining a light on the Internet of Terrible
2.30pm - 3.00pm
by Dan Wallis

Let’s hack some “smart” light bulbs and see how they stand up at an information security conference. Hopefully the live demos work!