Objectives:

The goal in the context of the project is to gain knowledge and skills about that: What is kids’ toy hacking and what skills are needed to do so.

In the context of the project, in most cases the hacking of children's toys aims to customize a particular toy by improving some features, adding new features, such as remote control or wireless Wi-Fi control, etc.

Recently, many intelligent artificial intelligence toys represent real IoT devices.

Part of them use cloud services over home Wi-Fi networks. Some of them use standard contact protocols and are vulnerable of malicious attacks that can lead to uncontrolled eavesdropping, surveillance or theft of personal data and identity.

There have already been a lot of such reported cases. 

The way such are hacked on complex toys and IoT devices, we looked at in the last days of the course.

At this stage, we will focus on hacking of toys that have removable mechanisms, propulsion wheels, motion control mechanisms, robotic arms, some sensors, etc.

Our focus is on the remote management of such objects or their autonomous work with some built-in intelligence.

To do this, we will need to familiarize ourselves with some technologies and techniques with which we can create such devices.  

The first step towards this is to choose some kind of development environment that has such opportunities. 

One of these environments is Arduino.IDE which works with a very large set of Arduino and Arduino-compatible devices, microcontrollers and specially developed a huge number of mechanisms and sensors for any purpose.

In addition, there are also simulators, that allow virtual co-location and testing of some runs before proceeding to their realization, which is useful for training.

When we talk about hacking children's toys, in which there is a built-in mechanism, the approach is:

• To analyze the way the toy works.
• It is assessed what new functionalities we want to add or what we want to change in it. 
• Analyze of the electronic, electrical and mechanical scheme.
• Assess which mechanisms can be used, which can be modified and what new ones to add.
• Design the new scheme of work.
• Get the necessary components. 
• Realizing the new idea.

In this case, usually it is more economical to rewrite the control software than to download the old one, decompile it, modify and reload it. To do this, we can use a new microcontroller and additional components compatible with it.

• https://thingpulse.com/reverse-engineering-pin-allocations/
• https://dontvacuum.me/talks/DEFCON26/DEFCON26-Having_fun_with_IoT-Xiaomi.pdf
• https://blog.securelayer7.net/how-to-start-iot-device-firmware-reverse-engineering/