Download pdf
With a surge in the production of Internet of Things (IoT) devices, embedded development tools are becoming common and the software they run is often run in escalated modes. However, some of the embedded development tools on the market contain serious vulnerabilities that put users at risk. This talk will demonstrate this via the exploitation of a common embedded debugger.

Learning Objectives:
1: Understand the risk introduced by untested development tools.
2: Find out the current state of development tools related to embedded development.
3: Learn how to best proceed when tools cannot be trusted.

General understanding of the concepts behind IoT device development (the design of both hardware and software, familiarity with the concept of a debugger, etc.); general understanding of basic binary exploitation (e.g. stack-overflow, memory corruption, etc.).