Explore techniques for identifying, assessing, and exploiting proprietary RF communications in control systems during this 51-minute conference talk from nullcon Goa 2014. Delve into the connections between cyber and kinetic worlds, focusing on systems like fire alarms, proximity cards, automotive security gates, car alarms, conference rooms, and building automation. Learn about ICS pentesting methodology, the SamuraiSTFU distro, RF pentesting methodology, signal capture tools, ITU-defined ISM bands, recovering SS algorithms, demodulation techniques, and bitstream-to-packet conversion. Gain insights into RF signal transmission and its implications for enterprise security.
Overview
Syllabus
PENTESTING PROPRIETARY RF COMMUNICATIONS
Control Systems and You
ICS Pentesting Methodology
SamuraiSTFU Distro
RF Pentesting Methodology
RF Signal Capture
Tools to Capture Signals
ITU Defined ISM Bands
Recovering the SS Algorithm
Demodulation
Analog Modulation Types
Digital Modulation Types
Recovering the Modulation
From the Chronos Source Code
Task 4: Bitstream to Packet
RF Signal Transmission
Contact Information
Taught by
nullcon
