Overview
Syllabus
Introduction
What Is A Physical Access System?
Why Physical Access Systems?
PACS Components
Access Cards
How credentials are read
The Split Personality of Security
Why PACS deployments are insecure
Attack surfaces and exploits
Access card attacks - Long Range
Design 1 - Tastic RFID Thief
Tastic RFID Thief Output File
Design 2 - RavenHID
Long Range Power
Access card attacks - low tech
Reader attacks - BLEKey
Request to exit device attacks
Access control panel attacks
Hunting Door Controllers
What Can Controllers Tell Us?
Web Interface
Hunting Access Servers
Putting it all together
Long road ahead