Link Search Menu Expand Document

Published Theses and Reports

Ethical hacking of a Smart Automatic Feed Dispenser by Julia Lokrantz

You can read the full thesis here.

Excerpt from the abstract:

“…the food-dispenser Trixie TX9 has insufficient encryption of network names and passwords, is susceptible to flooding-attacks, and analysis of the incoming/outgoing data traffic from the device can deduct which state it is currently in. Furthermore, the food dispenser has several open network services, Telnet is one among them, which can be accessed through weak, hardcoded credentials that are published on the internet.”


Where’s My Car? Ethical Hacking of a Smart Garage by Madeleine Berner

You can read the full thesis here.

Excerpt from the abstract:

“This thesis has evaluated the security of one particular smart garage that is being sold worldwide – iSmartgate PRO. Penetration testing was conducted with focus on the web application. A total of eleven vulnerabilities were reported, including a one-click-root attack that combined three of them into providing an unauthenticated remote attacker with a root shell. It was concluded that the product lacked security measures in certain areas.”


IoT Penetration Testing: Security analysis of a car dongle by Aldin Burdzovic and Jonathan Matsson

You can read the full thesis here.

Excerpt from the abstract:

“The findings presented shows that there is a critical vulnerability in the system. The AutoPi can be exploited and full access of the devices can be granted. The paper also discusses what possible harm can be done through the found exploit.”


Security evaluation of smart door locks by Arvid Viderberg

You can read the full thesis here.

Excerpt from the abstract:

“…there are several deficiencies in today’s smart locks, where the most severe has been reported under responsible disclosure to the manufacturer. The locks investigated shows vulnerabilities in state consistency, password policies and password reset mechanism.”


Adagio For The Internet Of Things: IoT penetration testing and security analysis of a smart plug by Raman Salih

You can read the full thesis here.

Excerpt from the abstract:

“These IoT devices that gives the user control could however poseserious security problems if their vulnerabilities were not care fully investigated and analyzed before we blindly integrate them into our everyday life. In this paper, we do a threat model and subsequent penetration testing on a smart plug system made by particular brand by exploiting its singular communication protocol and we successfully launch five attacks: a replay attack, a MCU tampering attack, a firmware attack, a sniffing attack, and a denial-of-service attack. Our results show that we can hijack the device or obtain the authentication credentials from the users by performing these attacks.”


Ethical hacking of Danalock V3: A cyber security analysis of a consumer IoT device by Rafi Aram Yadward Malkhasian

You can read the full thesis here.

Excerpt from the abstract:

“The aim of this report is to conduct a security assessment of Danalock V3 through penetration testing. Using a black hat approach, we gather information about the device to understand its functionality and the provided features for the users.”


Ethical Hacking of a Smart Plug by Rami Achkoudir and Zainab Alsaadi

You can read the full thesis here.

Excerpt from the abstract:

“This thesis aims to contribute to a more sustainable IoT environment by evaluating the security of a smart plug. The DREAD and STRIDE methods were used to assess the potential threats and the threats with the highest potential impact were penetration tested in order to test if there were any security preventions in place. The results from the penetration tests presented no major vulnerabilities which bring us to the conclusion that the Nedis Smart Plug has implemented enough security measures. “


Ethical hacking : security of an online store by Ronas Baran and Christoffer Lindén

You can read the full thesis here.

Excerpt from the abstract:

“In this report the security of a popular online store is examined by performing penetration tests. A threat model was created where the online store’s assets and potential vulnerabilities were identified and ranked. The results of the penetration tests show that the online store has good security against some of the most common risks, this after typical hacking had been carried out on the store’s assets without finding a clear security flaw with a major impact.”


Hacking a Wi-Fi based drone by Gustav Rubbestad and William Söderqvist

You can read the full thesis here.

Excerpt from the abstract:

“… How vulnerable is the Ryze Tello drone against WiFi based attacks? The answer to the research question is that the Ryze Tello drone is relatively safe, with the exception of it not having a default password for the network.”


Race Conditions in Web Applications by Agnes Altin and Veronika Nicolaou

Excerpt from the abstract:

“This bachelor thesis examines how vulnerable web applications are to race conditions and how reliable existing methods are to detect them. The study includes research on the Web, web applications, security risks, race conditions, related work, and methods to detect race vulnerabilities. The research was followed by practical penetration testing of web applications using the software tool Burp Suite Professional with the extension Turbo Intruder.”


Are modern smart cameras vulnerable to yesterday’s vulnerabilities?: A security evaluation of a smart home camera by Jesper Larsson

You can read the full thesis here.

Excerpt from the abstract:

“This thesis has performed a case study of a consumer smart camera popular on the Swedish market. The camera was evaluated through a pentest. The evaluation found that the camera’s cloud centric design allowed it to side step issues present in earlier models. However, it was demonstrated that it is possible to detect potentially sensitive events, e.g. when the camera notice motion, by just inspecting the amount of traffic it sends.”


Clean Code: Investigating Data Integrity and Non-Repudiation in the DevOps Platform GitLab by John Augustsson and Johan Carlsson

You can read the full thesis here.

Excerpt from the abstract:

“… at least two instances where we were able to gain unauthorized access to data within our self-hosted GitLab instance. We also found that a new feature could be used for privilege escalation under certain conditions. We were then able to conclude that open source software and a prolific bug bounty program does not guarantee the security of GitLab, in and of themselves.”


Ethical hacking of Garmin’s sports watch by Josef, Karlsson Malik

You can read the full thesis here.

Excerpt from the abstract:

“It was found that Garmin Venu was generally secure with a few minor security flaws. The Swedish law limited the possible security tests, as this thesis was done without collaboration with Garmin. However, the thesis does provide pointers of needed further investigation for vulnerabilities as well as conclusions that suggest that the smartwatch is secure.”


Detecting plagiarism in penetration testing education by Nikolaos Kakouros, Pontus Johnson, and Robert Lagerström

You can read the full conference paper here.

Abstract:

“Plagiarism in hands-on ethical hacking education is challenging due to student work being delivered almost exclusively virtually via actions on a cyber range. We are developing the Cheat Detection System, a solution that uses system administration and two approaches of log analysis to infer about the cheating behavior of students; one based on canary detection and another based on traces of student actions which we have termed the intrusion deficit approach.”


Snapchat Spectacles 2.0: Shakey or Secure by Oscar Andrén and Anton Heurlin

Excerpt from the abstract:

“The findings of the project suggests that Spectacles 2.0 is reasonably secure and Snapchat has managed to protect against most of the common security flaws within IoT systems. However a DoS attack on Spectacles local WiFi was found which renders the device unusable and drains Spectacles battery rapidly. Snapchat could significantly increase Spectacles security.”


Security Test of iZettle’s Reader 2: A card terminal for safe payments? by Daria Galal and Martin Tillberg

You can read the full thesis here.

Excerpt from the abstract:

“The result of the penetration tests indicated that the security around the device and surrounding systems is strong, but that it can be further supplemented with a couple of actions like certificate pinning and mutual authentication when communicating with TLS, as well as a more tamperproof software regarding the mobile application.”


Ethical Hacking of a Robot Vacuum Cleaner by Christoffer Torgilsman and Eric Bröndum

You can read the full thesis here.

Abstract:

“This study revolves around the safety of IoT devices, more specifically how safe the robot vacuum cleaner Ironpie m6 is. The method is based on threat modeling the device, using the DREAD and STRIDE models. The threats with the highest estimated severity were then penetration tested to see which security measures are implemented to protect against them. Using client side manipulation one vulnerability was found in Trifo’s mobile application ”Trifo home” which could be used to harm customers property.”


IoT Pentesting: Obtaining the Firmware of a Smart Lock by Alexander Borg and Carl Aston Francke

You can read the full thesis here.

Excerpt from the abstract:

“This thesis covers a security assessment of a smart lock, focusing on the firmware of the embedded devices as the main assets. Potential threats against obtaining and abusing the firmware are identified by threat modeling. Based on the identified threats, penetration tests are conducted to demonstrate the security of the firmware. The results show that the firmware could not be obtained and that the product constitutes a good example within consumer IoT for how to manage the firmware of embedded devices.”


The ADS-B protocol and its’weaknesses: Exploring potential attack vectors by Andreas Sjödin and Marcu Gruneau

You can read the full thesis here.

Excerpt from the abstract:

“The ADS-B protocol is currently in use all around the world. The purpose behind the protocol is to give pilots and traffic control a better picture of the situation in the air. Previous research shows that there exists a vulnerability in the protocol since it lacks authentication. The protocol is solely built upon trust between sender and receiver.Our work is inspired by previous studies made in the area, where it has been demonstrated that one can inject fake aircraft by sending fake ADS-B data using the protocol.”


Division of Network and Systems Engineering | KTH