Andrew Hunt - Raspberry MoCA - A recipe for compromise
00:00 Share

Slides here: https://defcon.org/images/defcon-22/dc-22-presentations/Hunt/DEFCON-22-Andrew-Hunt-Raspberry-MoCA-a-recipe-for-compromise-UPDATED.pdf

Additional materials are available for download here: https://defcon.org/images/defcon-22/dc-22-presentations/Hunt/DEFCON-22-Andrew-Hunt-MoCA-Overview-and-Security-Posture-WP.pdf and https://defcon.org/images/defcon-22/dc-22-presentations/Hunt/DEFCON-22-Andrew-Hunt-Raspberry-MoCA-an-Automated-Penetration-Platform-WP.pdf

Raspberry MoCA - A recipe for compromise Andrew Hunt SENIOR INFORMATION SECURITY ENGINEER, BECHTEL

Media over Coax Alliance (MoCA) is a protocol specification to enable assured high-bandwidth connections for the high demands of voice, video, and high-speed data connections – the ‘triple play.’ Verizon, Cox, Comcast, and many other service providers have adopted MoCA as the de facto networking technology used to provide in-home broadband services. This is accomplished by encapsulating Ethernet protocols over coaxial cabling common to interior television wiring. In this presentation, the vulnerabilities presented by the use of MoCA encapsulation in conjunction with common recommended coaxial wiring standards are realized with the development of Raspberry MoCA, an embedded device that provides a drop-in, automated exploitation kit which can be installed outside the target structure in less than five minutes, providing remote access and complete control over the connecting LAN.

Andrew Hunt is an Senior Information Security Engineer at Bechtel with more than fourteen years of experience working in the defense, health care, and energy industries. He is a certified incident responder, forensics practitioner, and malware reverse engineer. His research includes “Visualizing the Hosting Patterns of Modern Cybercriminals” and “Multimedia over Coaxial Alliance (MoCA): Operation and Security Posture,” as well as projects in non-attributable open-source data collection, Android malware and forensics, deployable sensor data collection over unreliable communications links, and large-scale CND data analytics. Andrew contributed to the Passive DNS Tool Project and established training programs in memory forensics and log data analysis. He is a regular presenter, with speaking engagements at George Mason University, Brigham Young University-Hawaii, Shakacon, ISSA Hawaii, and ISSA National Capital Region. Andrew devotes his spare time to travelling with his family, introducing his children to new cultures and experiences.