IoT Hacking - Polycom Conference Phone - First Steps

Matt Brown
Matt Brown
6,274
0
Published 2024-04-12
In this video we discuss the first steps I take when approaching an IoT device pentest and demonstrate on a Polycom conference phone.

IoT Hackers Hangout Community Discord Invite:
discord.com/invite/vgAcxYdJ7A

πŸ› οΈ Stuff I Use πŸ› οΈ

πŸͺ› Tools:
XGecu Universal Programmer: amzn.to/4dIhNWy
Multimeter: amzn.to/4b9cUUG
Power Supply: amzn.to/3QBNSpb
Oscilloscope: amzn.to/3UzoAZM
Logic Analyzer: amzn.to/4a9IfFu
USB UART Adapter: amzn.to/4dSbmjB
iFixit Toolkit: amzn.to/44tTjMB

🫠 Soldering & Hot Air Rework Tools:
Soldering Station: amzn.to/4dygJEv
Microsoldering Pencil: amzn.to/4dxPHwY
Microsoldering Tips: amzn.to/3QyKhrT
Rework Station: amzn.to/3JOPV5x
Air Extraction: amzn.to/3QB28yx

πŸ”¬ Microscope Setup:
Microscope: amzn.to/4abMMao
Microscope 0.7X Lens: amzn.to/3wrV1S8
Microscope LED Ring Light: amzn.to/4btqiTm
Microscope Camera: amzn.to/3QXSXsb

About Me:
My name is Matt Brown and I'm an Hardware Security Researcher and Bug Bounty Hunter. This channel is a place where I share my knowledge and experience finding vulnerabilities in IoT systems.

- Soli Deo Gloria

πŸ’» Social:
twitter: twitter.com/nmatt0
linkedin: www.linkedin.com/in/mattbrwn/
github: github.com/nmatt0/

#hacking #iot #cybersecurity #privacy #wireshark
All Comments (21)
  • @TheChillieboo
    this is sick! i love your delivery, not just telling us the method but the logic behind it aswell, very cool
  • @foobar8894
    An interesting find because it seems this unnamed company did make some effort to protect their ethernet ports against random devices. But they may just have handed you the keys.
  • @ChakaHamilton
    I love that you are Ethically Hacking and didn't out sensitive information about the company. Thoroughly enjoyed this video.
  • @Plowing
    was just checkin your channel the other day to see if you had uploaded. Glad to see you back man!
  • @Log4Jake
    Very very nice video, this is a great video to demonstrate to people who don't understand what IOT and hardaware hacking are!
  • @andrewmurray5255
    excellent content! Subed for the next installment + more hacking and pentesting. πŸ‘ŒπŸ‘Œ
  • @jkruges
    Yesss, always get excited for your videos
  • @Decimation001
    If the firmware is Linux, you could try to experiment with the /etc/hosts file. For example, you could map the update domain to your own and have fun with that. Or just rewrite the entire webserver
  • @Hacsev
    Really glad you are doing this. Grandstream phone next maybe?
  • @user-hk6pu8nt1s
    So what your saying is, info from a company could still be on these voip devices which is dier if an i.t. specialist forgot to factory reset can be useful to an attacker? These voip devices are always sent to third party recycling contractors who come in and pick up these busniess voip hardware.
  • @TradieTrev
    Stupid question Matt, could you setup your own 802.1x server with that address on the config but craft the packets to accept and authenticate all? Also does it have any serial pins where they uploaded the firmware from the factory.
  • @user-nf3jr3wl9v
    Hi Matt, can you share how you got into embedded systems and security. I am really interested and not sure where to start. Should I learn a certain programming language and how can I get some devices?