Babak Javadi - Basics of Hacking Physical Access Control Systems - DEF CON 27 Wireless Village

  Рет қаралды 62,542

DEFCONConference

DEFCONConference

4 жыл бұрын

Do you fear the PACS-man? Do Physical Access Control Systems seem equal parts simple and confounding? Do you lie awake at night atop your nest of ethernet cables, pondering grand questions of access control? Is Wiegand a phsyical card type, a data format, or a communications protocol? What is an ""encrypted"" credential and is it actually any more secure? How does one tell good access control apart from bad access control? Fear not, fellow hacker. Come discuss your woes with a professional ghost of access control learn how to keep the PACS-man at bay. This 80 minute intensive is designed to serve as a crash course of Physical Access Control Systems. From credentials, to readers, to door controllers and beyond, Babak will share a practical and holistic understanding of what PACS looks like in the field, and intercept, clone, replay, and bypass your way through the system.

Пікірлер: 29
@oriolgonzalez9328
@oriolgonzalez9328 2 жыл бұрын
I thought this guy and his credentials sounded familiar, then I saw the slides and realized "oh, he works with Deviant Ollam!"
@Beateau
@Beateau 4 жыл бұрын
You did that demo at around 32:00 with Modern Rogue if I'm not mistaken. I remember the pretty lights.
@user-iz6pm1yz4k
@user-iz6pm1yz4k 2 ай бұрын
Super instructional, thanks for the awesome presentation
@WickdPerfekT
@WickdPerfekT 2 жыл бұрын
Shame it got cut short
@JoelBergmark
@JoelBergmark 4 жыл бұрын
Awesome presentation, thanks for sharing online (as usual) :)
@lululombard
@lululombard 4 жыл бұрын
Super interesting talk!
@bluegizmo1983
@bluegizmo1983 3 жыл бұрын
I learned stuff
@renakunisaki
@renakunisaki 4 жыл бұрын
So how do the motion/magnet sensors talk to the controller? That same protocol? Could you make an RFID card that sends the "motion detected" signal when read?
@AKAtheA
@AKAtheA 4 жыл бұрын
nope, just a logic 5V signal. Most door controllers will have an "RTE" (request to exit) input for each door, they give absolutely 0 fucks what you connect to it. A button, an actual REX sensor, a remote control for a key chain fob or nothing at all, it's just a 5V level on or off.
@mikehunt3688
@mikehunt3688 3 жыл бұрын
@Drew Sebastian we don't, maybe if you hacked something actually interesting.
@rolfs2165
@rolfs2165 4 жыл бұрын
One thing I'm wondering: Do you _need_ special hardware for the simple replay attacks, or could you just as well do that with any better Android phone these days?
@connorjackson5037
@connorjackson5037 4 жыл бұрын
Samsung phones that support Samsung pay should be able to produce electromagnetic pulses to simulate a credit card swipe. Chances are you could load in some custom bits to make it simulate any mag card, not just a credit card
@marcoallin
@marcoallin 4 жыл бұрын
i had not planned of breaking anywhere , but i have to admit im tempted now
@PeteRoe
@PeteRoe 4 жыл бұрын
"Get him tf off the stage! We just finished re issuing damn HF cards!" "2 minuit warning!!!"
@kkendall99
@kkendall99 4 жыл бұрын
Very professional, "someone" in the audience told me I had 80 minutes, still a good talk and I learned a few things.
@ElectronicMarine
@ElectronicMarine 4 жыл бұрын
thiese things wee alredy saw on other decfon... the lsat part was the most interestting
@towaii
@towaii 2 жыл бұрын
4:00 this seems fail-deadly
@DoctorMcKay1
@DoctorMcKay1 Жыл бұрын
The inside handle still works to exit.
@greensoplenty6809
@greensoplenty6809 4 жыл бұрын
exit sensor work with sliding a paper under the door? on fire maybe? lil smoke should not turn on most fire systems.
@waspgaming9077
@waspgaming9077 4 жыл бұрын
There is a talk about just that from a few years ago (different conference maybe) where they just trigger the exit sensor by spraying "canned air" through the door with the can upside down which is essentially liquid gas (== cold) which will trigger the infrared sensor into believing there is a temperature-change (== person moving) and grant access
@waspgaming9077
@waspgaming9077 4 жыл бұрын
Here you go: kzfaq.info/get/bejne/qNSdlrWF07qyc2w.html .... 45mins of low-tech "bypass anything"
@alockworkorange7296
@alockworkorange7296 3 жыл бұрын
This is about covert entry not overt entry so fire is out. Also paper isnt a differnt temp rext sesor isnt so much a motion sensor its more like a thermal sensor
@greensoplenty6809
@greensoplenty6809 3 жыл бұрын
@@alockworkorange7296 well i was talking about like 1 sheet of toilet paper or a lil sheet of that magicians flash paper. unless the door is connected to a router and you can rig up a button you cant be totally covert, always a chance someones on the other side of the door quietly checking their emails before they exit to lunch er whatever. id say best way would be too accidentally spill a cup of hot coffee while you pretend to swipe a card er whatever for the cameras. they will know someone spilt coffee, long as no one sees you your in.
@Karl_Marksman
@Karl_Marksman 4 жыл бұрын
The method of information delivery that I'm sick of is what?
@TrystyKat
@TrystyKat 4 жыл бұрын
Unwatchable because of the feedback. Please, Babak, point the microphone at your mouth, not the ceiling.
@eklof559
@eklof559 2 жыл бұрын
Sound guy gets it under control at about 25 minutes in. Worth the watch if you skipped this one due to the audio!
Bill Swearingen - HAKC THE POLICE - DEF CON 27 Conference
41:18
DEFCONConference
Рет қаралды 601 М.
$10,000 Every Day You Survive In The Wilderness
26:44
MrBeast
Рет қаралды 58 МЛН
DEF CON 26 - Si, Agent X - Wagging the Tail:Covert Passive Surveillance
47:14
DEF CON 24 - Hardware Hacking Village - Matt DuHarte - Basic Firmware Extraction
45:50
DEF CON Hardware Hacking Village
Рет қаралды 96 М.
Real Hardware Hacking for S$30 or Less - Presented by Joe FitzPatrick
45:01
Infosec In the City
Рет қаралды 15 М.
Copying Keys from Photos, Molds & More
48:30
Wild West Hackin' Fest
Рет қаралды 456 М.
Не обзор DJI Osmo Pocket 3 Creator Combo
1:00
superfirsthero
Рет қаралды 1,2 МЛН
Pratik Cat6 kablo soyma
0:15
Elektrik-Elektronik
Рет қаралды 8 МЛН
Эволюция телефонов!
0:30
ТРЕНДИ ШОРТС
Рет қаралды 6 МЛН
Эффект Карбонаро и бумажный телефон
1:01
История одного вокалиста
Рет қаралды 2,6 МЛН
AMD больше не конкурент для Intel
0:57
ITMania - Сборка ПК
Рет қаралды 519 М.
😱НОУТБУК СОСЕДКИ😱
0:30
OMG DEN
Рет қаралды 2,8 МЛН