Fun at Defcon 15
This year, ProCheckUp sent us again to the Defcon security conference in Las Vegas.
Defcon is known as the largest underground hacking event in the world. It takes place every year in Vegas in the month of August. This year's conference reached an impressive number with more than 7000 attendees!
Although the event has many fun activities besides presentations (such as contests and parties) it is mainly focused on hacking in the security sense of the word.
Every year hackers from both sides of the fence meet at this event, all of them sharing their knowledge. Defcon is not about showing off what you can do, but is rather to exchange ideas, show what you have learned to the world and let everyone teach you about things you don't know. It's that simple.
Besides the annual event, Defcon also has monthly events known as the Defcon groups which are based all over the world. Check out the link to see if there is a meeting taking place near you. No matter what your interest is I'm sure you have something to offer at the Defcon groups, so why not give it a try?
One of the presentations I liked the most was "Biometric and token based access control systems" by Zac Franken. He demonstrated how proximity cards systems, although secure from the user-to-reader perspective, are completely insecure from the reader-to-backend perspective due to the insecurities of a protocol called Wiegand.
Zac mentioned that when your card gets read, the handshake is encrypted and protected against replay attacks. However, all the traffic between the reader and the backend travels in the clear and is vulnerable to replay attacks. These are flaws present in Wiegand which affect just about every ACS out there, which makes Zac's findings huge.
He built a hardware tool called Gecko, which is in essence a man-in-the-middle (MITM) device. The idea is that a crook hooks up the device after (or inside) the door reader (the size is very small) and then he can come back with his own counterfeit card which passes commands to Gecko. My favourite command was probably "replay last successful login", which allows you to authenticate as the last valid user. The attack assumes that the crook compromises the card reader or at least the cabling that comes afterwards.
Zac even discussed some of the new features for the next version of Gecko which will allow him to dump card data remotely by implementing a bluetooth interface. This in turn talks to a GSM device, so you can be anywhere in the world when dumping data which you can then use to counterfeit your own Proximity cards.
At time of writing the presentation is available on Youtube, so check it out!
Defcon is known as the largest underground hacking event in the world. It takes place every year in Vegas in the month of August. This year's conference reached an impressive number with more than 7000 attendees!
Although the event has many fun activities besides presentations (such as contests and parties) it is mainly focused on hacking in the security sense of the word.
Every year hackers from both sides of the fence meet at this event, all of them sharing their knowledge. Defcon is not about showing off what you can do, but is rather to exchange ideas, show what you have learned to the world and let everyone teach you about things you don't know. It's that simple.
Besides the annual event, Defcon also has monthly events known as the Defcon groups which are based all over the world. Check out the link to see if there is a meeting taking place near you. No matter what your interest is I'm sure you have something to offer at the Defcon groups, so why not give it a try?
One of the presentations I liked the most was "Biometric and token based access control systems" by Zac Franken. He demonstrated how proximity cards systems, although secure from the user-to-reader perspective, are completely insecure from the reader-to-backend perspective due to the insecurities of a protocol called Wiegand.
Zac mentioned that when your card gets read, the handshake is encrypted and protected against replay attacks. However, all the traffic between the reader and the backend travels in the clear and is vulnerable to replay attacks. These are flaws present in Wiegand which affect just about every ACS out there, which makes Zac's findings huge.
He built a hardware tool called Gecko, which is in essence a man-in-the-middle (MITM) device. The idea is that a crook hooks up the device after (or inside) the door reader (the size is very small) and then he can come back with his own counterfeit card which passes commands to Gecko. My favourite command was probably "replay last successful login", which allows you to authenticate as the last valid user. The attack assumes that the crook compromises the card reader or at least the cabling that comes afterwards.
Zac even discussed some of the new features for the next version of Gecko which will allow him to dump card data remotely by implementing a bluetooth interface. This in turn talks to a GSM device, so you can be anywhere in the world when dumping data which you can then use to counterfeit your own Proximity cards.
At time of writing the presentation is available on Youtube, so check it out!
0 Comments:
Post a Comment
<< Home