Picking Electronic Locks Using TCP Sequence Prediction

DEF CON 17

Presented by: Dominic Spill
Date: Saturday August 01, 2009
Time: 15:30 - 15:50
Location: Track 1
Track: Track 1

As networked building access systems become more and more popular, the security of using RFID, magstripe, and biometrics as authentication mediums is constantly under scrutiny. But what about the security of the access system itself? Is it possible to unlock a door by sending a spoofed command to it over the network, bypassing the need for an authentication medium entirely? (SPOILER ALERT: Yeah, it is.)

Ricky Lawshae

<strong>Ricky Lawshae</strong> works as a network technician for Texas State University in beautiful San Marcos, Texas. He has been the technical lead on their electronic building access system for more than three years. Coupled with his life-long passion for hobby-hacking, he has managed to gain a unique perspective on the building access industry as a whole. He is a relative newcomer to the scene, but has no shortage of enthusiasm, and is always willing to talk to anyone about hacking, door access, comic books, or whatever else the beer makes him say. Ricky currently holds both an OSCP and a GPEN certification.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats