Alfredo Ortega (Senior exploit writer - CORE Security Technologies)

Exploiting Digital Cameras

In this talk we present how to reverse-engineering Canon Powershot digital cameras and take control of most of them to exploit interesting security threats. We present a novel attack method that allows taking control of a digital camera through a compromised memory card. This is a realistic attack scenario, as using the card in unsecured PCs is a common practice among many users. This attack vector leaves users of digital cameras vulnerable to many threats including privacy invasion and those targeting the camera storage.

To implement the attack we abuse testing functionality of the in-factory code. We will show how to analyze the code running in the camera's CPUs and find the parts relevant to the attack. We further show how to debug an emulated copy of the firmware in QEMU.

In contrast with firmware-modding projects like CHDK, our method doesn't require as much user interaction or firmware modification, and our techniques are mostly model-independent.

Finally, we show same proof-of-concept attacks launched from the camera to PCs

Sobre Alfredo Ortega

As a security researcher, Alfredo Ortega has a mass of 69 Kg, can hit several objects applying a max energy of 500 Joules and has a surface resistance of 100-2000 ohms. Can suddenly accelerate to more than 20 km/h without warning and produces spontaneous exploits and rootkits via unknown methods. Do not expose Alfredo Ortega to light. Do not feed.

« volver a Speakers