DEF CON Forum Site Header Art

Announcement

Collapse
No announcement yet.

Ghosting the PACS-man: New Tools and Techniques

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Ghosting the PACS-man: New Tools and Techniques

    Title: Ghosting the PACS-man: New Tools and Techniques

    Description:
    Do you fear the PACS-man? Do you lie awake at night atop your pile of RFID cards of unknown origin, pondering grand questions of access control? Is Wiegand a card or a data format? What is an "encrypted" credential and is it actually any more secure? Fear not, fellow explorer. Come discuss your woes with professional ghosts of access control and learn how to keep the PACS-man at bay. This livestream will provide a holistic context of modern access control and outline common design limitations that can be exploited when systems are not implemented correctly. From credentials, to readers, to door controllers and beyond, Babak Javadi and Iceman from the Red Team Alliance will share a practical understanding of what PACS looks like in the field, and how to intercept, clone, downgrade, replay, and one's way through the system.

    The talk will demonstrate several new tools, exploits, and refined methods for compromising modern PACS, including:

    - DoS Attacks Involving Improper Reconfiguration of Readers
    - New iCLASS Standalone Modes for Proxmark3 RDV4.0
    - Tech Downgrade Attacks: Techniques for compromising systems using high security credentials such as SEOS and DESFire EV1/EV2.
    - Plus More Special Surprises!

    Customers, integrators, and system designers will also learn more about best practices and defensive methods that can be used to defend systems and deter attackers.

    Speaker(s): Iceman, Omikron

    Location: Wireless Vlg

    Discord: https://discord.com/channels/7082082...32595493666826

    Event starts: 2020-08-09 12:00 (12:00 PM) PDT (UTC -07:00)

    Event ends: 2020-08-09 13:00 (01:00 PM) PDT (UTC -07:00)

    For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-08-09T02:03 (UTC).
    Starts
    August 9, 2020 12:00
    Ends
    August 9, 2020 13:00
    Location
    Wireless Vlg
Working...
X