Questions tagged [arduino]

10 questions
22
votes
6 answers

When connecting an Arduino Uno to the internet (ethernet) what are some attacks it's susceptible to and how can I secure against them?

I am connecting an Arduino Uno to the internet via ethernet (using the ethernet shield v2) and querying NTP time. Making requests to a NTP server is the only internet related thing it does. You can use the ethernet shield as an SD card to host data,…
JohnnyAppleseed
  • 331
  • 2
  • 5
4
votes
1 answer

Sending data securely from a microcontroller to a server

I wish to transfer data securely from an arduino (a microcontroller) to a server. The obvious solution is probably to use TLS, but arduino does not have the capability to run it. I did not find any other lightweight implementations either that…
Jaaisto
  • 43
  • 3
2
votes
1 answer

Dealing with USB Arduinos

It is probably common enough knowledge now that you should not plug into your computer any device that an attacker has had physical access to. Especially USB devices. Thanks to the many tutorials on how to make your own RubberDucky/BadUSB, it is…
user942937
  • 983
  • 8
  • 14
1
vote
0 answers

Is Arduino Mega Hackable Over The Air

I am collecting data (by reading input registers) from a machine by RS-485 protocol and Arduino Mega 2560 hardware. I am also sending this data from Arduino Mega to a NodeMCU which is connected to the internet over WiFi. I made 100% sure that no…
1
vote
1 answer

Detecting USB-based(Arduino Leonardo) attacks

Can a USB-based atack, e.g., BadUSB, RubberyDucky be detected by observing the output from dmesg? I bought a brand new DFRobot Beetle, which is essentialy a miniaturized Leonardo. A few seconds after plugging it in, the USB keyboard I'm using stops…
user942937
  • 983
  • 8
  • 14
1
vote
0 answers

Using TLS Certificates in IoT Devices

I am not sure whether this is the exact forum to ask this question. If not please transfer it to another. Domain As we know the IoT is growing rapidly and millions of devices are invading our homes to our cars everyday. Most of these devices do…
user3496510
  • 1,257
  • 2
  • 12
  • 26
0
votes
1 answer

Arduino-based attacks

Besides BadUSB, are there any known or possible attacks involving Arduino devices? Is it possible for Arduinos not using the ATMega 32u4 chip be used to infect PCs? Is it possible for an attacker who has been in possesion of an Arduino board to…
user942937
  • 983
  • 8
  • 14
0
votes
0 answers

Is setting a custom bluetooth pin secure enough?

I am working on a project that might be using bluetooth. It is a display board for a school near me, and it will be controlled via a smartphone. Would setting a custom pin/passkey for the bluetooth chip be enough security to keep away people looking…
BarrowWight
  • 244
  • 1
  • 7
0
votes
0 answers

Arduino/ATMega calling HTTPS REST services

Background I am working on an IoT project where we are using ATMega Micro Controllers as end devices. These devices need to communicate with REST services and post some sensitive data. The REST services are implemented using WebAPI 2 and transport…
user3496510
  • 1,257
  • 2
  • 12
  • 26
-1
votes
2 answers

Hide reverse shell window launched with HID attack

GOAL: the attacker insert into a victim's laptop an USB which act as a keyboard. The payload opens a terminal, executes a reverse shell and hides the terminal. PROBLEM: the tests I did locally (ubuntu 19.04, and digispark as usb) are the…
Maicake
  • 497
  • 1
  • 3
  • 13