Hacking an Android TV in 2 minutes
TVoodoo: Hacking a Sony Android TV abusing of infrared
Author: Valerio Mulas
Linkedin: https://linkedin.com/in/valerio-mulas
Twitter: https://twitter.com/drakkars
Video: https://www.youtube.com/watch?v=qpdVk7Vv-C8
Abstract
The number of IoT devices connected to the Internet is growing exponentially. In 2015 the number was around 15 billion units and the forecast for 2025 points to an estimated 75 billion.
Currently — in 2019 — the number of IoT devices is estimated to be around 23 billion.
(source: https://www.statista.com/statistics/471264/iot-number-of-connected-devices-worldwide)
A portion of these impressive volumes consists of Android-based Smart TVs, Android TV Boxes, Amazon Echo, Amazon Fire and Amazon Key devices.
This paper announces and describes a new attack vector targeting Android Smart TVs over Infrared communication.
The process of building the attack will show how to simulate a remote control in order to automate a set of malicious steps to take over a Smart TV.
The PoC will also describe some atypical lateral movement scenarios.
