Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

All Your Door Belong To Me - Attacking Physical Access Systems

via YouTube

Overview

Explore the vulnerabilities of physical access control systems in this comprehensive conference talk from the Central Ohio InfoSec Summit 2016. Delve into the components of PACS, including access cards and readers, and understand why these deployments are often insecure. Learn about various attack surfaces and exploits, from long-range access card attacks to reader and control panel vulnerabilities. Discover tools like the Tastic RFID Thief and RavenHID, and understand how to hunt for door controllers and access servers. Gain insights into the challenges of securing physical access systems and the long road ahead for improving their security posture.

Syllabus

Introduction
What Is A Physical Access System?
Why Physical Access Systems?
PACS Components
Access Cards
How credentials are read
The Split Personality of Security
Why PACS deployments are insecure
Attack surfaces and exploits
Access card attacks - Long Range
Design 1 - Tastic RFID Thief
Tastic RFID Thief Output File
Design 2 - RavenHID
Long Range Power
Access card attacks - low tech
Reader attacks - BLEKey
Request to exit device attacks
Access control panel attacks
Hunting Door Controllers
What Can Controllers Tell Us?
Web Interface
Hunting Access Servers
Putting it all together
Long road ahead

Reviews

Start your review of All Your Door Belong To Me - Attacking Physical Access Systems

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.