Applied Physical Attacks and Hardware Implants 2-Day Applied Physical Attacks and Hardware Implants
- 04 December 2019 - 05 December 2019
- Hosted by
- Seaport Conference Center
459 Seaport Ct, Redwood City, CA 94063
View on Google Maps
- Joe FitzPatrick
Hardware-based Evil Maid, Interdiction, and other attacks sound fancy and exotic. They might make headlines, but many of the techniques are accessible to hobbyists.. They may not be as small as a grain of rice, but in this two-day course you’ll combine hardware hacking with rapid prototyping to build real custom hardware implants.
In the span of two days, you will design, build, and program:
- A hardware man-in-the-middle device
- A wireless ‘tap’ for a wired hardware protocol
- A standalone hardware protocol payload delivery device
- A malicious device embedded inside another device
This class builds upon the previous Applied Physical Attacks classes, combining the hardware hacking basics and the rapid prototyping skills into one end product. Combining this course with Applied Physical Attacks on Embedded Systems, Applied Physical Attacks and Rapid Prototyping, or both should help you fill in any background you need.
This course is specifically geared towards attendees who have some hardware hacking under their belt plus familiarity with rapid prototyping techniques.
- 10% lecture
- 80% Lab
- 10% discussion
This course is still in development. The format will be less linear than my other classes.
We’ll start off by introducing four cases. Individually or in groups, you will be guided through the process of:
- Identifying the target and measure it mechanically and electrically
- Designing the circuit to interface with the protocol
- Laying out and milling a PCB to help them interface
- Designing and printing an enclosure/jig for the implant
- Coding the microcontroller to perform the malicious action
- Testing and demonstrate the result.
There should be sufficient time to complete 2 of the test cases within the class time, possibly more depending on prior background. In the unlikely even that all the prototyping equipment fails, reference designs will be available.
The case studies are still in development but will likely be:
- UART MITM to filter traffic
- JTAG-based implant that plays back a stored payload
- Remotely-triggered I/O override
- Malicious USB Cables (if feasible with the limited manufacturing precision available on-site)
This two-day course assumes some experience:
- Completion of an introductory hardware hacking course (Joe Grand’s Hardware Hacking Basics, Applied Physical Attacks on Embedded and IoT Systems) or similar knowledge
- Soldering experience is beneficial - we’ll be able to help, but won’t have time to teach how to solder
- Practice poking around a few hardware devices on your own
- Completion of the Applied Physical Attacks and Rapid prototyping or similar experience:
- PCB layout using KiCad or Eagle.
- Electrically interfacing to various busses
- Coding microcontrollers in C
Registration$2200 (until November 1st)
$2900 (after November 1st)
Cancellation requests by paid registrants must be made at least 45 days before the event and may be subject to an administration fee. In the event of course cancellation by the trainer, students may choose to attend an alternate course (space pending) or receive a full refund.
Pay by Credit Card
Purchase Both Classes
This course picks up where Applied Physical Attacks and Rapid Protoyping leaves off. Get a discounted rate by registering for both classes together.
Pay by Check/Wire or
Request a Group Discount
Group discounts are available for 3 or more registrations.
Can't make it? Our trainings are also available at a location of your choice.