Workshop on Smart lock picking - BLE, NFC, RFID security training, tutorials, hacking, resources

BlackHat EU 2020 Arsenal

Tue, 10 Nov 2020 00:00:00 +0000

The new BLE hardware-less HackMe will be showcased during BlackHat EU 2020 Arsenal session.

HackInTheBox Cyberweek 2020 virtual lab

Mon, 09 Nov 2020 00:00:00 +0000

During upcoming HITB Cyberweek 2020’s 2 hour virtual hands-on lab “introduction to Bluetooth Low Energy security”, a new BLE HackMe will be introduced. It is an educational application which simulates various BLE devices to interact with, running on a standard Windows 10 computer (no special hardware required). In a series of tasks to solve you will get familiar with BLE advertisements, beacons, connections, take control over BLE smart bulb, reverse-engineer the communication protocol, brute force passwords, and hack real smart lock. An Android phone which will connect to the simulated device is recommended for solving the tasks.

HackInParis 2019 workshops

Mon, 10 Jun 2019 00:00:00 +0000

During upcoming HackInParis 2019 I will present a series of introductory workshops about security of NFC Mifare Classic and Bluetooth Low Energy. The workshops are short (45min each session), but packed with practical knowledge and hopefully entertaining - performed on a real access control installation, hotel lock and BLE smart locks. Most hands-on exercises will be possible to complete using just a phone, and easy to follow.

Hardwear.io 2018

Sun, 12 Aug 2018 00:00:00 +0000

Bluetooth Low Energy (Smart, 4) is recently gaining more and more traction as one of the most common and rapidly growing IoT technologies. Unfortunatelly the prevalence of technology does not come with security. Alarming vulnerabilities in BLE smart locks, medical devices and banking tokens are revealed day by day. And yet, the knowledge on how to comprehensively assess them seems very uncommon. In this workshop you will get familiar with the basics of BLE security.

Alligator 2018

Fri, 10 Aug 2018 00:00:00 +0000

In this workshop you will get familiar with the basics of BLE security. We will work on a dedicated, readily available BLE hardware nRF devkit device. In a minutes you will turn into embedded developer and learn how to program your own BLE device yourself, using a free web interface and ready templates. Next, from attacker’s perspective, we will cover among others: sniffing, spoofing, MITM, replay and relay. Having enough time, we will play with a collection of vulneraBLE smart locks, sex toys and other devices.

Brucon workshop

Thu, 31 Aug 2017 00:00:00 +0000

Recently it seems our home/car/bicycle locks have started to follow a new trend: to include a BLE chip inside to make them “smart”. Unlike smart toothbrushes, socks or kettles, locks guard our safety, and their security should be much more of a concern. Vendors promise “military-grade level of security”, “128-bit encryption” and “cryptographic key exchange protocol” using “latest PKI technology”. However, recent disclosures of multiple vulnerabilities in smart locks clearly contradict the assurances on the actual security provided, and raise the question of whether these devices have passed any independent security assessments at all!

HackInTheBox Amsterdam

Mon, 10 Apr 2017 00:00:00 +0000