HDMI Hacking Displays Made Interesting

Picture this scene, which incidentally happens thousands of times every day all around the world: Someone walks into a meeting room, sees a video cable and plugs it into their laptop. The other end of the cable is out of sight – it just disappears through a hole in the table. What is it connected to? Presumably the video projector bolted to the ceiling, but can it be trusted to just display their PowerPoint presentation?

In this paper I will explain the circumstances in which display devices send data to their connected host and show that this data could potentially contain threats (which could compromise a laptop for example). I will describe video protocol data-structures, data-sequences and practical challenges. I will also explain how to build a hardware-based fuzzer, provide some example firmware fuzzing code, and describe some interesting findings from the fuzzing which has been undertaken so far.

This paper discusses the security of video drivers which interpret and process data supplied to them by external displays, projectors and KVM switches. It covers all the main video standards, including VGA, DVI, HDMI and DisplayPort.

This is a relatively new area of research and there is more research that could be performed in this area, so by summarising and sharing these resources, it is hoped that this will enable others to more quickly discover and investigate potential threats.