Language: English
11-21, 12:30–14:30 (Canada/Eastern), Hackfest - Track 1
The session will introduce audiences to the world of RF analysis, As we introduce each new attack, we will draw parallels to similar wired exploits, and highlight attack primitives that are unique to RF. During the session, we'll walk through wireless sniffing, spoofing, cloning, replay, and DoS attacks. These offensive exercises will give one brief idea of how to analyze the devices' security, and the best practice guidelines will help to design them properly.
Session Outline:-
Part A: Overview, Ideas, and Prospectus of the attack and defense in the field of RF Security (Objective is to ensure everyone has clarity of Radio Hacking and How is it Different?)
- Joys of the Past: History of Attack
- Current State of Industry & Sutra for Mitigation:
- A glimpse of the Future
Part B: The learned theory will be reinforced through the use of practical examples and exercises where they can put the tools and techniques into practice.
- What is a Software Defined Radio (SDR)
- SDR Architecture, DSP, Sampling
- Breadth and Depth of DSP
- Phases of SDR Hacking — This will explain how an RF attack takes place, and how to gather information and plan, including initial profiling of our device… beginning with 3 foundation questions before any hacks, i) What does our device do in normal operation ii) How do they connect? iii) Determining the Frequency.
- Setting up and using RTL-SDR, HackRF
- Decode Digital Data
- Customizing and Retransmitting Radio Signals — Next, this will go over to discuss how RF signals are captured and transmitted with a Hands-on demo with HackRF-One, RTL-SDR, and USRP to demonstrate replay attack on keyfobs, door locks, alarms.
- Capturing Signals and Analyzing a Waterfall Plot
- Reverse Engineering Transmissions
- Analyzing Data Formats and Injecting Wireless Packets
- Hands-on Practice with Tools: GNUradio, GQRX, SDR#
- Case Study and Demos
Harshit Agrawal (@harshitnic) is currently working as a Radio and Telecom Security Researcher. He is enthusiastic about Signal Intelligence, Electronic Warfare, and Telecom Security. He presented his research paper at International conferences like RSAC USA, HITB Cyberweek, ICS Security Singapore, Hack In Paris, HITB Amsterdam, Securityfest Sweden, Nanosec Malaysia, CISO Platform Virtual Summit, Sacon Conference Bangalore, and DakotaCon USA. Previously he was President of the CSI Chapter and Vice President for Entrepreneurship cell at MIT, where he also headed the team of security enthusiasts which gave him a good insight into cyber-security and increased his thirst to explore more in this field. He is a Programmer, Researcher, and Believer! He believes in providing something out of the box!