There is a crisis in remotely controllable devices, and the hacker community demonstrated for the first time how they hacked Wi-Fi power sockets to gain control
With the increasing popularity of the application of Internet of Things (IoT) devices, security issues should also be taken seriously. UCCU Hacker community member ES pointed out at the HITCON #14 conference that many developers did not take security into consideration because such devices are prerequisite for online use. ES cited the recently studied MXQ Wi-Fi Smart Plug Internet of Things In terms of sockets, it is even discovered that by monitoring the wireless network communication of the device, the SSID and key of the wireless router can be learned, which becomes a channel to penetrate the internal network.
Internet of Things (IoT) devices continue to appear in our lives. However, the security of such devices is often not included in the development of related security mechanisms, so there may also be potential threats. At the HITCON #14 conference, ES, a member of the UCCU Harker community, published his experience in cracking the MXQ Wi-Fi Smart Plug power socket that can be remotely controlled. This is the first time we have seen an analysis of this type of IoT device.
The appearance of the MXQ Wi-Fi Smart Plug device is just like our common power socket adapter, which can be connected to the plug of the home appliance. The user can remotely control the power supply of this socket through the App provided by the manufacturer, and then control and The connected home appliances are turned on or off.
ES said that he would choose IoT sockets for research. The main reason is that after the Mirai corpse cyber attack, few people care about the security of IoT devices. In addition, there are known IoT devices of this type. Therefore, he wants to use this as a starting point to learn about the internal architecture of more types of IoT devices and possible attacks.
Although these Internet of Things devices have improved the convenience of our lives, such as toasters and ovens, after adding related networking functions, users can remotely control them, start heating food outside, and eat them when they get home. However, if these devices are hacked, after those who have the right to take control, they can control the devices arbitrarily and cause disasters, such as the aforementioned IoT appliances, which may cause fires after being heated continuously. If it is changed to an IoT car, the situation may directly affect the lives of passengers in the car.
ES pointed out that because IoT devices must be connected to the Internet in order to operate normally, they usually use the wireless network connection at home or in the enterprise. However, the wireless network connection may be dangerous. Basically, if you want to penetrate IoT devices, you may start from the device side, the gateway side, and the server side. Among them, the communication between the device and the gateway has become one of the more easily penetrated pipelines.
He used his own research experience with the MXQ Wi-Fi Smart Plug IoT socket to describe how to find a channel to penetrate the IoT device and then gain control. After successfully connecting to the device and issuing commands, ES can obtain the device information and network status, and can also issue a reboot or forcibly update the firmware, so as to insert the problematic content and make the device inoperable, etc. In addition, ES also found that the App of the brand used plaintext to transmit the account secrets when connecting without encryption. Therefore, by eavesdropping on the wireless connection of this socket, you can even get the SSID and key of the wireless base station. And then gain control of other wireless networking equipment. He also said that if such devices are to enhance their security, they often need to replace some of their hardware components to achieve. Therefore, security must be included in the planning at the beginning of the development of the device.
The MXQ Wi-Fi Smart Plug used by ES for research is an IoT socket. In the video provided by the original factory , the connection to a remote electric light is shown as a display. The user can remotely control the turning on and off of the electric light through this Internet of Things device through the App on the mobile phone. However, ES pointed out that this kind of device has hidden dangers, such as transmitting the account and password in plain text through unencrypted traffic, and even after monitoring the wireless connection of the socket, it can obtain the SSID and key of the wireless base station, and then obtain other Control of wireless networking equipment.