Wireless communication has become a ubiquitous part of our day-to-day lives. Some wireless protocols have been well documented and studied, and some have remained guarded secrets in the attempt to keep them secure. Like many closed source systems, security through obscurity is not a security best practice.
The 802.15.4 protocol is the physical layer and media access control for the Zigbee protocol. Zigbee is not a new technology but rather has been slowly making its way into our homes and businesses for over a decade. There has never been an inexpensive, open solution that could monitor the Zigbee protocol until recently.
Through the use of the Arduino hardware, open source software, and a Zigbee radio SoC, it is possible to create a low cost tool to easily monitor and interact with devices that use the Zigbee protocol. The Arduino/Zigbee hardware is known as Freakduino and has been developed by Christopher Wang (Akiba). In addition the Zigbee protocol stack has been implemented as an open source library to which modifications and enhancements can be made.
In this presentation we explore the Zigbee protocol and use of the open source hardware. We will be using the Ubuntu operating system to interface with the open source hardware using Python and the Arduino IDE. In addition we will look at driver modifications to sniff wireless traffic, replay captured messages and fuzz the Zigbee protocol.
Mike Warner is an Associate Security Engineer at iSEC Partners, an information security firm specializing in application, network, and mobile security. At iSEC, Mike specializes in web, mobile, Windows, and Apple technologies. He is a seven year veteran in the fields of software development and security engineering.