RomHack 2023 - Luca Bongiorni - HandPwning: “Your Hand is your Passport. Verify me. Now let me in!”
HTML-код
- Опубликовано: 1 окт 2024
- Luca Bongiorni (Cyberantani)
HandPwning: “Your Hand is your Passport. Verify me. Now let me in!”
slides: romhack.io/wp-...
Biometrics applied to PACS (Physical Access Control Systems) has been an hot-topic for a few years now. The handpunch PACS are based on the hand-geometry recognition. In this presentation we will have a look how this tech works and, in particular, we will focus our attention on reviewing some of existing handpunch devices: from a physical security POV until reversing the communication protocol. Moreover, during the presentation will be demonstrated how to remotely push a new super-admin user into it (i.e. persistent backdoor), how to dump existing users credentials. Eventually, thanks the cooperation with Shodan’s creator, it has been confirmed that more than 1800 of these vulnerable devices were found exposed on the Internet.
[ attack | biometrics ]
romhack.io/rom...
![RomHack 2023 - Kim Zetter - Sun Stroke: How the SolarWinds hackers pulled off their ingenious [...]](http://i.ytimg.com/vi/yNGt_xxbUGc/mqdefault.jpg)
![RomHack 2023 - Kim Zetter - Sun Stroke: How the SolarWinds hackers pulled off their ingenious [...]](/img/tr.png)
![RomHack 2023 - Orange Tsai - A 3-Year Tale of Hacking a Pwn2Own Target: The Attacks, Vendor [...]](http://i.ytimg.com/vi/HlOzSLcFdnY/mqdefault.jpg)
