Andrew Tierney is presenting: Quick & Dirty: Getting Inside Boxes
Most infrastructure testers go straight for existing public vulnerabilities or find issues in software to exploit. But what about the hardware sitting right under your nose? Routers, firewalls, booking systems, CCTV, access control, HVAC, car chargers and lighting controllers — they’re all there on site, waiting to spill the beans.
In this talk, we’ll use quick and dirty techniques that find vulnerabilities in hardware fast. We’re not talking full-blown lab teardowns — just fast, pragmatic hacks that turn “mystery boxes” into stepping-stones for deeper access.
You’ll see how a quick poke can reveal hidden backdoor accounts, how dump of flash memory hands you high-value passwords, and how a downloaded firmware with hardcoded VPN keys left an entire fleet of ships wide open.
If you’ve ever walked past a dusty box in a server room and thought, “I wonder what’s inside?” — this talk will show you why sometimes it pays to get your hands dirty.
