$ ls writing/series/hbbtv-notes-from-the-lab/
series: HbbTV: notes from the lab.
Part 1 of 4. A primer on HbbTV from a security researcher's bench. Why I think the smart TV mounted on the meeting-room wall is the most under-considered attack surface in any UK office in 2021.
4 parts
Latest · 2021·08·21
- 01 The TV in the corner: what HbbTV actually is Part 1 of 4. A primer on HbbTV from a security researcher's bench. Why I think the smart TV mounted on the meeting-room wall is the most under-considered attack surface in any UK office in 2021. →
- 02 The lab rig: re-broadcasting HbbTV into a test bench Part 2 of 4. What I built on the bench to study HbbTV attacks safely. Hardware, software, the AIT injection step, and the legal bit (do not transmit DVB into open air). →
- 03 From the embedded browser to a shell on a smart TV Part 3 of 4. From the AIT-triggered page load to a shell prompt. CVE-2020-6383, shell.js, SMACK, and the public Samsung Q60T root chain. →
- 04 wlan0: the unlocked back door on every TV Part 4 of 4. Once you have root on the TV, the most useful thing on the device isn't the data on it — it's the second network interface nobody disabled. What this bypasses, why the SIEM is blind to it, and what to do about it. →