viernes, 24 de octubre de 2014

Security vulnerabilities in DVB-C networks: Hacking Cable tV network part 2 | Rahul Sasi

DVB-C stands for "Digital Video Broadcasting - Cable" and it is the DVB European consortium standard for the broadcast transmission of digital television over cable. This system transmits an MPEG-2 or MPEG-4 family digital audio/digital video stream, using a QAM modulation with channel coding. The standard was first published by the ETSI in 1994, and subsequently became the most widely used transmission system for digital cable television in Europe. source: http://en.wikipedia.org/wiki/DVB-C We been working with a Cable TV service provide for the past 1 year. With digital cable tv implementations, the transmited MPEG streams are encrypted/scrambled and users needs a setup box to de-scramble/decode the streams. Also service providers can shut down a device remotely if (no payment) or even display a custom text message that will scroll on top of a video. This is made possible by Middleware servers or applications servers that are used to manage the DVM networks. So in our talks we cover the various attacks we can do on DVB-C infrastructure. That will include the following topics. 1) Security Vulnerabilities in DVB-C middleware servers. [Hijacking a TV stream] 2) Implementation bugs in DVB-C network protocol .[Man in the Middle Attacks] 3) Fuzzing setup boxes via MPEG streams. [Shutting down Setup boxes] 4) Demo taking over your Cable TV BroadCasting.

Sobre Rahul Sasi 

Rahul Sasi (fb1h2s) is working as a Security Engineer for Citrix Systems . He has authored multiple security tools, advisories and articles. He has been invited to speak at various security conferences like HITB [KL], BlackHat [US Arsenal], Cocon (2011-2014), Nullcon (2011-2014), HITB (AMS 2012,2013,2014), BlackHat (EU 2012), Ekoparty (Argentina), CanSecwest(Canada 2013), HITCON(taiwan). His work could be found at Garage4Hackers.

Aquí te presenta su conferencia: 



Rahul Sasi saluda a la ekoparty 10! from ekoparty on Vimeo.

No hay comentarios: