Description: ZigBee is a low-power, low-data rate wireless protocol based on IEEE 802.15.4. It connects lightweight embedded technology like HVAC, smart energy, security, and process automation systems, and is an attractive target as it touches the kinetic framework more than other wireless technologies. Techniques for sniffing ZigBee packets have been presented, as have theoretical vulnerabilities in other types of wireless sensor networks, but this talk uses injection and intelligent packet generation to move towards real proof-of-concept attacks on 802.15.4/ZigBee networks. We will look at which proposed wireless sensor network attacks actually work on ZigBee, and provide proof of concept implementations of theoretical attacks. Specifically, we will present a tool that autonomously discovers and profiles networks in real time, gathering as much information over time about a network and its devices, their relationships, and traffic flows among other things; information gathered during this process will then be used to craft and inject arbitrary frames with minimal user interaction in order to attack the network with precision and pinpoint weaknesses.
Tags: securitytube , shmoocon , shmoo con , hacking , hackers , information security , convention , computer security , shmoo 11 , shmoocon 11 , shmoocon-2011 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.