Black Hat | Badge of Shame: Breaking into Secure Facilities with OSDP @BlackHatOfficialYT | Uploaded 8 months ago | Updated 7 hours ago
...In this presentation, we'll demonstrate over a dozen vulnerabilities, concerning problems, and general "WTF"s in the OSDP protocol that let it be subverted, coerced, and totally bypassed. This ranges from deeply in-the-weeds clever cryptographic attacks to boneheaded mistakes that undermine the whole thing. We will also demonstrate a practical pentesting tool that can be inserted behind an RFID badge reader to exploit these vulnerabilities....
By: Dan Petro , David Vargas
Full Abstract and Presentation Materials: blackhat.com/us-23/briefings/schedule/#badge-of-shame-breaking-into-secure-facilities-with-osdp-32762
...In this presentation, we'll demonstrate over a dozen vulnerabilities, concerning problems, and general "WTF"s in the OSDP protocol that let it be subverted, coerced, and totally bypassed. This ranges from deeply in-the-weeds clever cryptographic attacks to boneheaded mistakes that undermine the whole thing. We will also demonstrate a practical pentesting tool that can be inserted behind an RFID badge reader to exploit these vulnerabilities....
By: Dan Petro , David Vargas
Full Abstract and Presentation Materials: blackhat.com/us-23/briefings/schedule/#badge-of-shame-breaking-into-secure-facilities-with-osdp-32762