In addition to the sharing of dry goods, this year ISC Hackpwn crack show began with familiar smart hardware devices. While seeing the technology of white hat hackers, it also caused everyone to hold a cold sweat.
AI research experts are all working hard to make robots more like humans, and even beyond humans, but at this Hackpwn crack contest, white-hat hackers have easily broken smart home robots.
According to the scene, the operation process of robot voice communication is that the user sends a voice message to the robot, and the robot converts the text into a text. After processing and processing by the cloud platform, feedback is given to the robot and the robot feeds back to the user. It seems that there are no obvious loopholes. However, it is not without flaws. The hackers can crack the robot directly from the process of voice transmission feedback, complete the overriding operation, modify the quiz semantics of the robot, and the original robot is hello, the owner, after hearing the user say hello. However, after the modification, the robot's answer became the content defined by the hacker: “Welcome to the National Convention Center.†The audience was happy. Â
Breaking the lock and smart driving is the longest one in the audience. By breaking the key encryption protocol, the U nicorn Team succeeded in cracking the car's key in just twenty seconds and was able to control the car.
Next, hackers demonstrated the cracking of smart driving. According to the on-site introduction, the sensor of the car is the soul of Tesla's realization of automatic driving. It is used to sense obstacles and road indications, sensors, front moments, speed, etc., and to plan routes and speeds through induction. Using an external sensor to sense sensors in the autopilot system can easily make the autopilot system malfunction.
On August 3, Microsoft released a new system version of Windows10 RS1 globally and upgraded its security hardening measures. Also less than two weeks. Three members of the 360Vulcan Team team successfully cracked the Surface Pro defense and achieved remote control. After taking control, the White Hat hacker called Scene Pro's camera module and successfully used his computer to start the camera on the Surface Pro and obtained all the image information. Â
According to the on-site introduction, the team completed the control of Surface Pro by attacking the vulnerability in the Edge browser that comes with the Windows system. Because Edge runs in a sandbox, the permissions are low. Therefore, using sandboxes to escape through sandboxes is the easiest way to crack.
The security of smart door locks has been exposed many times, but Lei Feng network (search "Lei Feng Net" public concern) said that the scene is still the first time to see the crack. According to the on-site introduction, the white hat hacker discovered that at the time of setting the password for the analysis of the smart lock, the atp found that when the password is set, a data packet is generated and the data packet is encrypted. After analyzing the algorithm, the white hat hacker wrote a script to decrypt the server through the script. And wrote a crack app code for cracking on the scene.
In the live demonstration, the first step was to use the door lock to scan the app address and obtain information such as the management user, mobile phone number, management password, and unlock password. It's easy to open the door lock. Â
The last crack show on site was a doll machine crack demonstration. The white hat hacker succeeded in cracking the doll machine by scanning the QR code to obtain data order information. The live demonstration was just over. The two doll machines in the venue were already full of people.