Open hardware for "physical" password attacks

Speaker(s) : Antoine Cervoise

  • Language : Anglais
  • Level : Confirmed
  • Nature : Conference
  • Date : Tuesday 7 July 2015
  • Schedule : 09h20
  • Duration : 40 minutes
  • Place : 202

Video : https://rmll.ubicast.tv/permalink/v1253b3dbceeftgfss1n

This talk is about hardware attacks against physical passwords like an UEFI password. At first, I showcase open hardware, open hardware in security and cracking passwords. Then, I highlight the different targets for hardware attacks against physical passwords (Android, MFP, Windows tablets, BIOS/UEFI...) by showing the hardware and software used. Each target introduces new difficulty and hardware / software update. The aim is to give simple hardware frameworks without soldering - frameworks will hold different functions for each target.

As these attacks are hardware and as each equipment has its own specificities, documentation is very important for the good usage of the tool and will be presented during the conference.

At last, a PoC (or a fail) on the attack of Android Face Unlock will be shown.

Antoine Cervoise
Antoine is an IT security engineer, skilled in infosec incident handling, pentest and audit. He enjoys I.T., electronics and D.I.Y. beers by night... and he’s fond of cigars!

Slides
Slides (PDF - 6.5 Mb)