All the 4G Modules Could be Hacked!

Channel:
United States All Hacking Cons
Subscribers:
6,000
Published on ● Video Link: https://www.youtube.com/watch?v=S2PDLDgTC7k


Duration: 49:29
10 views
0

Shupeng Gao | Senior Security Researcher, Baidu Security Lab
Haikuo Xie | Senior Security Researcher, Baidu Security Lab
Zheng Huang | Leader of Baidu Security Lab X-Team, Baidu Security Lab
Zhang Ye | Security Researcher, Baidu Security Lab
Location: South Seas CDF
Date: Wednesday, August 7 | 1:30pm-2:20pm
Format: 50-Minute Briefings
Tracks: Internet of Things, Hardware/Embedded

Nowadays more and more 4G modules are built into IoT devices around the world, such as vending machines, car entertainment systems, laptops, advertising screens, urban cameras etc. But no one has conducted comprehensive security research on the 4G modules. We carried out this initiative and tested all the major brand 4G modules in the market (more than 15 different types). The results show all of them have similar vulnerabilities, including remote access with weak passwords, command injection of AT Command/listening services, OTA upgrade spoofing, command injection by SMS, and web vulnerability. Through these vulnerabilities we were able to get to the shell of these devices. In addition to using wifi to exploit these vulnerabilities, we created a new way to attack through fake base station system, triggered by accessing the intranet of cellular network, and successfully run remote command execution without any requisites. In this talk, we will first give an overview on the hardware structure of these modules. Then we will present the specific methods we use in vulnerability probe. In the final section we will demonstrate how to use these vulnerabilities to attack car entertainment systems of various brands and get remote control of cars.

Black Hat - USA - 2019 Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security



Other Videos By All Hacking Cons


2022-01-07A Decade After Bleichenbacher '06, RSA Signature Forgery Still Works
2022-01-07HTTP Desync Attacks: Smashing into the Cell Next Door
2022-01-07Dragonblood: Attacking the Dragonfly Handshake of WPA3
2022-01-07Cybersecurity Risk Assessment for Safety-Critical Systems
2022-01-07Adventures in the Underland The CQForensic Toolkit as a Unique Weapon Against Hackers
2022-01-07Everybody be Cool, This is a Robbery!
2022-01-07Biometric Authentication Under Threat Liveness Detection Hacking
2022-01-07Hunting for Bugs, Catching Dragons
2022-01-07Exploiting Qualcomm WLAN and Modem Over The Air
2022-01-07I'm Unique, Just Like You: Human Side-Channels and Their Implications for Security and Privacy
2022-01-07All the 4G Modules Could be Hacked!
2022-01-07Exploiting the Hyper V IDE Emulator to Escape the Virtual Machine
2022-01-07Infighting Among Russian Security Services in the Cyber Sphere
2022-01-07All Your Apple are Belong to Us: Unique Identification and Cross-Device Tracking of Apple Devices
2022-01-07Exploring the New World : Remote Exploitation of SQLite and Curl
2022-01-07Firmware Cartography: Charting the Course for Modern Server Compromise
2022-01-07API-Induced SSRF: How Apple Pay Scattered Vulnerabilities Across the Web
2022-01-07Fantastic Red-Team Attacks and How to Find Them
2022-01-07Arm IDA and Cross Check Reversing the Boeing 787's Core Network
2022-01-07Finding a Needle in an Encrypted Haystack: Detect the Most Prevalent Attacks on Active Directory
2022-01-07Flying a False Flag: Advanced C2, Trust Conflicts, and Domain Takeover


Tags:
data
hacker
security
computer
cyber
internet
technology
hacking
attack
digital
virus
information
hack
online
password
code
concept
protection
malware
secure
identity
software
access
safety
theft
system
firewall
privacy
program
spyware
hacked
conference
learn
2022
cybersecurity
owned
break in
securing
exploit
recon
social engineering
4g modules
4g hacked
4g hacking
modules
command injection
OTA upgrade spoofing
injection by SMS
Shupeng Gao
Haikuo Xie
Zheng Huang
Zhang Ye