Access Granted: Uncovering RFID Readers Vulnerabilities and Breaking the Shield

In this talk, I will discuss ways to attack the reader itself to bypass the security mechanisms of physical access control systems. We will see:

- how to intercept the communication between the reader and the controller that are using the Wiegand protocol, along with the demo of this attack;

- how the reader can be weaponized to perform downgrade attack, allowing for the creation of a malicious clone of a card that would otherwise be difficult to forge;

- how the OSDP protocol works and what are the security implications of using it;

- what are the other ways to bypass the access control security mechanisms.

We will also share some experience and stories from Red Team engagements to demonstrate how to use this knowledge in real life – ideally without getting caught ;)

This session will be held by Julia. Julia performs penetration tests and physical intrusion simulations for a wide range of IT Projects as an IT Security Specialist at SecuRing. Her main area of interest revolves around Red Teaming, specifically access control systems, RFID hacking, social engineering, infrastructure security assessments and other related topics.

In her free time she enjoys finding different hobbies such as e.g. freediving, caving, climbing - skills learned through some of these can be surprisingly helpful during physical intrusion simulation tests  ;)

Julia's passion for sharing knowledge has given her the opportunity to speak at security conferences across Europe. She was chosen as the top speaker at CONFidence 2023 (Cracow, Poland) and received the title of the best speaker of the conference at SEC-T 2023 (Stockholm, Sweden). She also presented at No Hat (Bergamo, Italy), Insomni’Hack (Lausanne, Switzerland), BSides Kraków and UYBHYS (Brest, France).

If you use RFID to secure your values - you should not miss this session! 

Meld deg på HackCon#20 her.