Download - Owasp top 10
OWASP Top 10
IoT
(Internet of Things)
G4H/owasp/null meet
Who Am I..?
Veerababu
Maintainer at
@Veeru_rockstar
Agenda..!
.. IoT Introduction
.. IoT Owasp Top 10
.. Q&A
.. References
IoT Intro ..!
IoT is simply the network of interconnected things/devices which are
embedded with sensors, software, network connectivity and necessary
electronics that enables them to collect and exchange data making
them responsive.
IoT Component..!
1. Hardware
2.software
3. Communication Infrastructure
1.IoT mobile application,
2.cloud APIs,
3.communication and protocols,
4.embedded hardware and firmware.
Main IoT Security Testing
Just Theory
No Practical
...1 – Insecure Web Interface
...2 – Insufficient Authentication/Authorization
...3 – Insecure Network Services
...4 – Lack of Transport Encryption
...5 – Privacy Concerns
...6 – Insecure Cloud Interface
...7 – Insecure Mobile Interface
...8 – Insufficient Security Configurability
...9 – Insecure Software/Firmware
...10 – Poor Physical Security
OWASP Top 10 IoT:
I1.Insecure Web Interface:
What are they ..?
1. web login pages
2. cctv dvr login pages
still working on this..!
I1.Insecure Web Interface
..Weak credentials
..Weak passwords
..Capture plaintext credentials
..Internal and external vulnerability
There is no security ..!
I2. Insufficient Authentication/Authorization:
I2.Insufficient Authentication/Authorization
..Weak passwords
..Weak password recovery
..Poorly protected credentials
..Internal and external vulnerability
still using default password "admin" and "1234"
Web interface accepting denial of login attempts
I3.Insecure Network Services:
I3.Insecure Network Services:
.. Attack vulnerable network services
.. Attack device itself
.. Bounce attacks off of the device
.. Buffer overflow attacks for Denial of Service
.. Sniffers and fuzzers and Scanners
Internet Using Devices
Telnet -- 23
FTP -- 21
Finger -- 79
TFTP -- 69
SMB -- 445
Common Ports for Devices :
Port scanning with nmap:
VNC related exploits and payloads:
Port Number :
8000
Port Number : 1072
I4 .Lack of Transport Encryption:
I4 . Lack of Transport Encryption:
.. Easy view of unencrypted data passing between or over networks
.. Traditional crypto vulnerabilities associated with SSL and TSL i.e. Man In the Middle attacks etc.
.. Compromised Transport Layer means everything above it is vulnerable
An Example:
I5 Privacy Concerns :
I5 Privacy Concerns:
.. Insufficient authentication
.. Lack of transport encryption and storage of data in encrypted format
.. Insecure network services
.. Collection of unnecessary personal data
Common error..?
What are possible to attacks..?
I6.Insecure Cloud Interface:
I6 Insecure Cloud Interface:
.. Insufficient authentication
.. Lack of transport encryption and storage of data in encrypted format
.. Attack likely from the Internet
.. Easy to guess credentials
.. Using password reset mechanism to see if account exist
.. Identify is SSL is in use
.. Account enumeration
Cloud login page .. i didn't test anything..?
I7.Insecure Mobile Interface:
I7.Insecure Mobile Interface:
.. account lockout mechanism
.. Insufficient authentication
.. Lack of transport encryption and storage of data in encrypted format
.. Attack likely from the Internet
.. Easy to guess credentials
.. Using password reset mechanism to see if account exists
.. Identify is SSL is in use
.. Account enumeration
Common Pattern Locks
I8.Insufficient Security Configurability:
I8.Insufficient Security Configurability:
.. Lack of granular ability to configure authorizations.
.. Weak passwords and credentials.
I9.Insecure Software/Firmware:
I9.Insecure Software/Firmware:
.. Insecure firmware software encrypted updates
.. Malicious updating
Publisher Not trusted..?
Firmware Update .. Is It Safe..?
I10. Poor Physical Security:
I10. Poor Physical Security
USB, SD cards, other storage devices that give access to the Operating System
++ ?=
An Example..
References ..!!
1. https://www.owasp.org/index.php/Top_IoT_Vulnerabilities
2. http://www.securityfocus.com/bid/70574
3. http://internetofthingswiki.com/internet-of-things-definition/
4. http://iotpentest.com/
5. http://iotsecuritylab.com/
