www.hackerschool.

in
www.hackerschool.in
IoT (Internet of Things)
Internet of Things is the concept of connecting any device to the Internet
and to other connected devices, which collect and share data about the way they
are designated. The ‘thing’ in IoT could be a person with a heart monitor or an
automobile with built-in-sensors, i.e., objects can collect and transfer data over a
network without manual assistance or intervention. The technology, i.e., embedded
in the objects help them to interact with other devices and sensors.
The information collected by different devices can be used to detect patterns,
make recommendations, and detect possible problems before they occur. The data
collected by connected devices enable smart decision making based on real-time
information, which helps users to save time and money.
The IoT devices are often divided into consumer, enterprise, and
infrastructure spaces based on the functions. The examples of IoT devices are
● Smart Thermostat. ● Smart Pet Feeder.
● Switch Smart Plug. ● Smart Health Monitor
● Smart Bulbs. ● Car Tracking Adapter
● Smart Lock. ● IoT Tracking and Monitoring
● Smart Security System. ● Smart Cement
● SmartThings Hub ● Cisco’s Connected Factory

www.hackerschool.in
IoT Vulnerabilities
● Insecure Web Interface: It can result in data loss, lack of accountability,
denial of access and can lead to complete device takeover.
● Insufficient Authentication/Authorization: It can result in complete
compromise of the device and user accounts.
● Insecure Network Services: It can result in the facilitation of attacks on
other devices.
● Lack of Transport Encryption/Integrity Verification: It can result in data
expose, and could open doors to compromise the device or user accounts.
● Privacy Concerns: Collecting personal data and storing it without applying
any protection can lead to the identity theft.
● Insecure Cloud Interface: It could cause a threat to user data which can be
used to take control of the device.
● Insecure Mobile Interface: It can be easy to discover by simply reviewing
the connection to the wireless networks and by using the password reset
mechanism to identify valid accounts which can lead to account
enumeration.
● Insufficient security configurability: It could lead to compromise of the
device whether intentional or accidental.
● Insecure Software/Firmware: Capturing update files via unencrypted
connections, the update file itself is not encrypted, or they can perform their
malicious update via DNS hijacking. The attack could come from the local
network or the internet.
● Poor Physical Security: Using vectors such as USB ports, SD cards or other
storage means to access the Operating System and potentially any data
stored on the device.

www.hackerschool.in
OT (Operational Technology):
Operational Technology is a combination of software and hardware designed
to detect or cause changes in industrial operations. OT systems are used in various
industries like Manufacturing, Mining, Healthcare, Defence, Transportation to
ensure the safety of physical devices and their operations in the network. Any
system that analyses and processes operational data which includes devices like
switches, lights, sensors, robots, surveillance cameras can be part of OT. Older
versions of software and hardware make OT systems vulnerable for cyber-attacks.
Attackers can take full control of vulnerable OT systems to steal critical business
or operational data. It is also possible to shut down the plant or block the
production by performing DoS attacks.

IoT Device Hacking

The objective is to compromise smart devices like automobiles, printers,
door locks, washing machines, etc., to gain unauthorized access to network
resources and IoT devices. By hacking IoT devices, a hacker can gain following
benefits:
● Create a botnet of the compromised IoT devices to launch DDoS attacks.
● Sell compromised data in black markets.
● Carry out malicious activities on compromised IoT devices.
● Install ransomware to block access to an IoT device and demand for ransom.
● Compromised IoT device could be used to steal the identity of a victim and
carry out credit card related frauds.
● Compromised smart cameras could be used to snoop on families.

Attacks on IoT devices

● DDoS attack.
● The attack on HVAC systems.
● Rolling code attack.
● Blue borne attack.
● Jamming attack.
● Remote access using the backdoor.
● Remote access using telnet
● Man in the middle attack.

www.hackerschool.in
Countermeasures
● Default configurations should be changed during the initial setup.
● Password recovery mechanisms must be robust.
● Ensure that user credentials are properly protected.
● Implement two-factor authentications to guard against unauthorized access.
● Make sure that only the necessary ports are exposed and available.
● Ensure that services are not vulnerable to DoS or buffer overflow attacks.
● Use secure protocols such as SSL and TLS while transiting data over the
network.
● Make sure that cloud-based web interface is not susceptible for XSS, SQL
Injection or CSRF attacks
● Services should have the ability to separate regular users from users with
administrative privileges.
● All smart devices must be updated on a regular base.

References:
• https://teamutche.wordpress.com/2018/12/01/iot-internet-of-things/
• https://heimdalsecurity.com/blog/internet-of-things-security/
• https://blog.f-secure.com/

www.hackerschool.in
 INDEX
S. No. Practical Name Page No.
1 Hacking misconfigured IoT device 1

THIS DOCUMENT INCLUDES ADDITIONAL PRCTICALS WHICH MAY OR MAY NOT BE COVERED DURING
CLASSROOM TRAINING. FOR MORE DETAILS APPROACH LAB COORDINATORS
 Practical 1: Hacking misconfigured IoT devices
Description: in this practical you will learn how to exploit IoT devices that are
misconfigured or using default credentials and exposed to the outside network.

Step 1: Scan network to identify IoT devices

1|Page
www.hackerschool.in
Step 2: We can also search for IoT devices (pi-hole enabled) on the internet. Visit
https://www.shodon.io/ to get a list of vulnerable IoT devices.

Step 3: Open the target IP address in the browser (on Kali Linux). If it displays an
interface similar to below image, there is a possibility to gain control over that device.

2|Page
www.hackerschool.in
Step 4: We can navigate to the /admin directory to access the admin panel.

● Login with default credentials, to gain unauthorized access which allows us to

perform several operations remotely.

Step 5: By taking advantage of the forgot password option, we can even reset the
password for that device.

3|Page
www.hackerschool.in
Step 6: As shown in the above image, we can execute a simple command on the
terminal to reset the password. To gain terminal access of target device, perform Nmap
scan to identify the open ports.

4|Page
www.hackerschool.in
Step 7: From the above scan results, we observed that the target is running ssh on port
22 (open port). Now, let us search for default passwords for ssh service. If target
configured default settings, we can log into ssh service remotely.

5|Page
www.hackerschool.in
Step 8: Execute the following command and provide default login credentials to gain
terminal access (target device). If it asks for adding the ECDSA key of the target system
to our system, type yes and click enter. Later we will get a prompt for password.

Step 9: Now let us execute the below command to reset the pi-hole password.

6|Page
www.hackerschool.in
Step 10: We can use the new password to login to the pi-hole web interface.

7|Page
www.hackerschool.in
Step 11: Now, we can observe that we have more control over the target IoT device.

● In this way, we can compromise the security misconfiguration of an IoT system to

take complete control over the IoT device as well as the associated devices.

8|Page
www.hackerschool.in