Yesterday I presented my findings on the security implications of the ZigBee protocol at ToorCon 11. I had a great audience and the presentation went smoothly where we looked at the basis of ZigBee technology and why ZigBee is important for embedded developers and interesting to attackers.
I also introduced a new project I’ve been working on dubbed KillerBee. KillerBee is a Python-based framework with several tools designed to exploit deficiencies in the design and implementation of ZigBee and IEEE 802.15.4 networks. The hardware I’m using with KillerBee is the AVR RZUSB stick, available from electronics resellers such as DigiKey and Mouser for $40/USD.
I’m still working on KillerBee, and it’s not quite ready for prime time yet. I’m planning on doing a full release at ShmooCon, so if you are interested in doing some hands-on ZigBee hacking at Shmoo, pick up a few RZUSB sticks and come find me at the InGuardians booth. I had a bunch of CD’s printed up and distributed at ToorCon for an early preview of KillerBee, sample packet captures, specification documentation and more. If you want to get a copy of that, please drop me a note.