Vulnerability Hunting in Access control devices

Vulnerability Hunting in Access control devices

Friday, October 21, 2016
Bobby Kuzma
InfoSeCon 2016

This talk covers the process of reverse engineering a common access control system to hunt for vulnerabilities both on the hardware itself, the communications protocol, and the client software. The talk will go into the methodology, the techniques, and the design of the device, trips to the ER, and information on the exploit techniques.