Hacking Network APIs workshop

• Cost: Free for everybody.
• You do not need to bring anything. This is basically a demo-heavy extended conference talk.
• Some basic computer networking knowledge is helpful, but not required
• There is time budgeted for Q&A during and after. The demos takes 1.5 hours if no questions are asked.
• It is a 3-part series. They build on each other, but you can join in the middle and not be too far behind.

Abstract

A foundational component of communication between devices is the TCP/IP network stack. Web browsing, streaming video, secure control, and innumerable other applications are built upon this technology. This three-part demonstration will use open source tools to focus on the data transfer components UDP and TCP while targeting an IoT device. Part One is reverse engineering the network commands to better understand them and then mimic it (a common attack strategy). Network protocols will be discussed during this process. Armed with our new knowledge and skills, Part Two will take them a step further to discover and analyze malware present on the IoT device. Part Three will cover fundamentals of network latency versus network throughput by forced network degradation. This presentation is light on slides and heavy on demos.

Day / Time / Location

Day 2, Saturday, 16-August-2025, 12:30pm - 2:30pm
Tobin 221 (Workshop B)

Dan's presentation Things You Wish You Knew About Software Testing, Tobin 201/202 10am also on Saturday, Day 2, is completely unrelated to this Workshop. However, he would be thrilled if you attended both. Much of that talk were inspired by hard lessons learned from developing the tools in this workshop.

Full Description

This is a 3-part demo series.

Part 1: Reverse Engineering

A Raspberry Pi in a closed network will be running custom TCP and UDP services (for our example, a music player) with a black box client app used for control. The device’s commands will be captured and then replayed to verify the tool was successfully reverse-engineered. Once this is accomplished, the demo will lead to part 2.

Part 2: Discovering Malware

Inviting an IoT device to your home network is a risk. How risky? Fortunately, this demo is on a closed network. The techniques learned in Part 1 will be augmented by capturing and analyzing the malware communication happening with our IoT music player.

Part 3: Latency Vs Throughput

There will be demonstrations regarding latency and throughput by forced degradation of the network. Latency and throughput are the 2 most important metrics for network performance, and they are often confused. Hopefully, there will be no more confusion after these demos.

Q&A

Bring your questions! Otherwise, we did not actually need the room for 2 hours.

Registration -- NOT required

NOTE: You do NOT need to register to take this workshop
-- please show up early to ensure a seat at Tobin 221 (Workshop B).

Presenter(s)

Dan Nagle

• https://dannagle.com/
• https://github.com/dannagle
• https://www.linkedin.com/in/dannagle/

Materials

Any materials needed to participate in this workshop will be available at-cost.
Observers are welcome at no cost.
To do the hands-on portion for this workshop:
Materials Cost: None

There are no materials needed to attend. However, you may walk away with a free Packet Sender sticker for your laptop (while supplies last).

Required Software / What to bring

You do not need to bring anything.

Links

Some helpful links worth reviewing.

• https://packetsender.com
• https://wireshark.org
• https://raspberrypi.org
• https://videolan.org
• https://ubuntu.com
• https://iwl.com/products/kmax
• https://github.com/dannagle/PacketSender
• https://github.com/dannagle/PiPlayer
• https://en.wikipedia.org/wiki/User_Datagram_Protocol
• https://en.wikipedia.org/wiki/Transmission_Control_Protocol
• https://en.wikipedia.org/wiki/Transmission_Control_Protocol
• https://en.wikipedia.org/wiki/Transport_Layer_Security
• https://en.wikipedia.org/wiki/OSI_model
• https://en.wikipedia.org/wiki/IPv6