Beginner’s Guide to Pentesting IoT Architecture/Network and Setting Up IoT Pentesting Lab – Part 1

In this post, I will explain how to pentest an IoT Network/Architecture. Also, I will explain how to set up an IoT Pentesting lab for getting started with IoT Pentesting. Since the post is too long, to make it digestible, it will be split into two parts.

Let’ start….

Before setting up an IoT lab or learning how to pentest an IoT Network, let’s understand how a typical IoT network looks like, what components are involved and how various components share and exchange data with each other. Once the basics are clear and you have a better understanding of various components involved and the communication flow between the components, it will become easy to setup IoT pentesting lab and pentest an IoT Network.

Let’s have a look at sample IoT architecture as shown below –

As shown in the above diagram, there are four components involved. They are –

1. IoT Device – Can be seen in the diagram termed as DEVICES. The device can be anything, for example, a Smart fan.
2. Mobile – Mobile has a mobile application installed on it. The mobile application is needed for controlling the IoT device and sending commands to the cloud.
3. Cloud/Web Dashboard – Cloud service for remotely accessing the IoT device.
4. IoT gateway – It can be anything. In our case, it’s simply a router which provides internet connection to IoT device and Mobile.

Thus, a typical IoT network involves four components. There can be, but chances of coming across these four components are high.

Now let’s try to understand the communication flow. For the sake of understanding let’s assume that the IoT device is Fan. Also, I am assuming all the components (Mobile, IoT device henceforth Fan, cloud service) are configured and connected with each other for sharing and exchanging the data.

(Read more...)