Watch a DEF CON 32 conference talk exploring vulnerabilities in electronic smart locks commonly used in offices, factories, hospitals, labs, and gyms. Dive into physical security concerns surrounding electronic lockers and cabinets, particularly in shared office spaces and co-working environments where employees store devices and sensitive information. Learn about stealthy attack methods beyond brute force, focusing on vulnerabilities found in products from industry leaders Digilock and Schulte-Schlagbaum AG (SAG). Examine practical physical and side-channel attacks targeting PIN and RFID-based locks, while understanding the risks of PIN reuse across different devices. Discover what went wrong in these devices' development, potential fixes, and comparisons with other vendors in the electronic lock market. Through demonstrations and analysis, gain insights into often overlooked physical security components in organizational threat models and the importance of proper security measures for electronic storage solutions.
Open Sesame - Vulnerabilities in Electronic Smart Lockers and Cabinets
Overview
Syllabus
Intro
Goals
Motivation
Attack ideas
Digilock ecosystem
MCUs
Security
Example
Taught by
DEFCONConference
Related Courses
-
Side Channel Security – Caches and Physical Attacks
-
Breaking into Secure Facilities with OSDP - Vulnerabilities and Exploitation Techniques
-
Open Sesame: Stack Smashing Your Way into Opening Doors
-
How I Used to Rob Banks
-
All Your Door Belong To Me - Attacking Physical Access Systems
-
Compromising Electronic Loggers and Creating Truck-to-Truck Worm - Security Vulnerabilities in ELD Systems
