DEF CON 26 IoT VILLAGE - David Tomaschik - Im the One Who Doesnt Knock Unlocking Doors from Network

SwOy0zRW5Dk/default.jpg

In 2017, I discovered that a popular IP-based door access control system (badge reader and door lock controller) used poorly-implemented cryptography. Through binary analysis and live testing against a functional device, I was able to construct an exploit that would unlock the door without talking to the central authority database or logging the door open event. I'll walk the audience through the steps that made me realize there was a problem, through the binary analysis, and then finally into building a working exploit.

SwOy0zRW5Dk/default.jpg
DEF CON 26 IoT VILLAGE - David Tomaschik - Im the One Who Doesnt Knock Unlocking Doors from Network DEF CON 26 IoT VILLAGE - David Tomaschik - Im the One Who Doesnt Knock Unlocking Doors from Network Reviewed by Anonymous on November 21, 2018 Rating: 5