Watch Samy most recent talk on Browser Manipulation    • AppSecCali 2020 Closing Keynote: Brow...  

In this talk I'll introduce radio hacking, and take it a few levels into hacking real world devices like wirelessly controlled gates, garages, and cars. Many vehicles are now controlled from mobile devices over GSM and the web, while even more can be unlocked and ignitions started from wireless keyfobs over RF. All of these are subject to attack with lowcost tools (such as RTLSDR, GNU Radio, HackRF, Arduino, and even a Mattel toy).

We'll investigate how these features work, and of course, how they can be exploited. I'll be going from start to finish on new tools and vulnerabilities in this area, such as keyspace reduction attacks on fixedcodes, advanced "code grabbers" using RF attacks on encrypted and rolling codes, exploiting mobile devices and poor SSL implementations, and how to protect yourself against such issues.

By the end of this talk you’ll understand not only how vehicles and the wirelesslycontrolled physical access protecting them can be exploited and secured, but also learn about various tools for hardware, car and RF research, as well as how to use and build your own inexpensive devices for such investigation!

Samy Kamkar
Samy Kamkar is an independent security researcher, best known for creating The MySpace worm, one of the fastest spreading viruses of all time. His open source software and research highlights the insecurities and privacy implications in every day technologies, from the Evercookie which produces virtually immutable respawning cookies, SkyJack, the drone that wirelessly hijacks other drones, and KeySweeper, a wireless keyboard sniffer camouflaged as a USB wall charger. He continues to release new tools and hardware, for examples most recently the ProxyGambit, OpenSesame and ComboBreaker tools.


Managed by the official OWASP Media Project https://www.owasp.org/index.php/OWASP...