Babak Javadi - Basics of Hacking Physical Access Control Systems

Babak Javadi - Basics of Hacking Physical Access Control Systems - DEF CON 27 Wireless Village

Рет қаралды 62,500

4 жыл бұрын

Do you fear the PACS-man? Do Physical Access Control Systems seem equal parts simple and confounding? Do you lie awake at night atop your nest of ethernet cables, pondering grand questions of access control? Is Wiegand a phsyical card type, a data format, or a communications protocol? What is an ""encrypted"" credential and is it actually any more secure? How does one tell good access control apart from bad access control? Fear not, fellow hacker. Come discuss your woes with a professional ghost of access control learn how to keep the PACS-man at bay. This 80 minute intensive is designed to serve as a crash course of Physical Access Control Systems. From credentials, to readers, to door controllers and beyond, Babak will share a practical and holistic understanding of what PACS looks like in the field, and intercept, clone, replay, and bypass your way through the system.

Пікірлер: 29

@oriolgonzalez9328 2 жыл бұрын

I thought this guy and his credentials sounded familiar, then I saw the slides and realized "oh, he works with Deviant Ollam!"

@Beateau 3 жыл бұрын

You did that demo at around 32:00 with Modern Rogue if I'm not mistaken. I remember the pretty lights.

@user-iz6pm1yz4k Ай бұрын

Super instructional, thanks for the awesome presentation

@WickdPerfekT 2 жыл бұрын

Shame it got cut short

@JoelBergmark 4 жыл бұрын

Awesome presentation, thanks for sharing online (as usual) :)

@lululombard 4 жыл бұрын

Super interesting talk!

@renakunisaki 4 жыл бұрын

So how do the motion/magnet sensors talk to the controller? That same protocol? Could you make an RFID card that sends the "motion detected" signal when read?

@AKAtheA 4 жыл бұрын

nope, just a logic 5V signal. Most door controllers will have an "RTE" (request to exit) input for each door, they give absolutely 0 fucks what you connect to it. A button, an actual REX sensor, a remote control for a key chain fob or nothing at all, it's just a 5V level on or off.

@mikehunt3688 3 жыл бұрын

@Drew Sebastian we don't, maybe if you hacked something actually interesting.

@bluegizmo1983 3 жыл бұрын

I learned stuff

@rolfs2165 4 жыл бұрын

One thing I'm wondering: Do you _need_ special hardware for the simple replay attacks, or could you just as well do that with any better Android phone these days?

@connorjackson5037 4 жыл бұрын

Samsung phones that support Samsung pay should be able to produce electromagnetic pulses to simulate a credit card swipe. Chances are you could load in some custom bits to make it simulate any mag card, not just a credit card

@marcoallin 4 жыл бұрын

i had not planned of breaking anywhere , but i have to admit im tempted now

@PeteRoe 4 жыл бұрын

"Get him tf off the stage! We just finished re issuing damn HF cards!" "2 minuit warning!!!"

@kkendall99 4 жыл бұрын

Very professional, "someone" in the audience told me I had 80 minutes, still a good talk and I learned a few things.

@greensoplenty6809 4 жыл бұрын

exit sensor work with sliding a paper under the door? on fire maybe? lil smoke should not turn on most fire systems.

@waspgaming9077 4 жыл бұрын

There is a talk about just that from a few years ago (different conference maybe) where they just trigger the exit sensor by spraying "canned air" through the door with the can upside down which is essentially liquid gas (== cold) which will trigger the infrared sensor into believing there is a temperature-change (== person moving) and grant access

@waspgaming9077 4 жыл бұрын

Here you go: kzfaq.info/get/bejne/qNSdlrWF07qyc2w.html .... 45mins of low-tech "bypass anything"

@alockworkorange7296 3 жыл бұрын

This is about covert entry not overt entry so fire is out. Also paper isnt a differnt temp rext sesor isnt so much a motion sensor its more like a thermal sensor

@greensoplenty6809 3 жыл бұрын

@@alockworkorange7296 well i was talking about like 1 sheet of toilet paper or a lil sheet of that magicians flash paper. unless the door is connected to a router and you can rig up a button you cant be totally covert, always a chance someones on the other side of the door quietly checking their emails before they exit to lunch er whatever. id say best way would be too accidentally spill a cup of hot coffee while you pretend to swipe a card er whatever for the cameras. they will know someone spilt coffee, long as no one sees you your in.