Taking Over The World with Scratch

Talk by Kev Sheldrake

Friday from 1:00 PM - 1:50 PM in Stage C

Scratch is a popular language/IDE for teaching children to code. It is possible to extend the offline version of Scratch 2 with a Python module that communicates with Scratch via a web service. I have extended Scratch to control Midi instruments and Arduino projects, including controlling Lego Power Functions motors, having reverse engineered the infrared protocol they use. In addition, and perhaps most scarily, I have implemented a TCP/IP sockets extension with which I have exploited vulnerabilities in network services and gained remote code execution. It is literally possible to create 0day exploits with Scratch! I will discuss the framework and the format of the extensions, and I will demonstrate my projects, including hacking a target virtual machine, controlling Lego motors and making noises with a Midi instrument.

If you would like to mark this as a favourite please log in.