We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

IoT VILLAGE - I'm the One Who Doesn't Knock: Unlocking Doors from the Network

4
 Cite
 Share
 Download
 Purchase
No logo availableDEF CON
 Tomaschik, David

Formal Metadata

Title
IoT VILLAGE - I'm the One Who Doesn't Knock: Unlocking Doors from the Network
Title of Series
Number of Parts
322
Author
License
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
In 2017, I discovered that a popular IP-based door access control system (badge reader and door lock controller) used poorly-implemented cryptography. Through binary analysis and live testing against a functional device, I was able to construct an exploit that would unlock the door without talking to the central authority database or logging the door open event. I'll walk the audience through the steps that made me realize there was a problem, through the binary analysis, and then finally into building a working exploit.