Flipping Out About PACS - Applied Modern Hacking Tools and Techniques [3-Day]

Flipping Out About PACS - Applied Modern Hacking Tools and Techniques [3-Day]

Regular price $5,235.00 Sale

The people have spoken and the Alliance has listened: This is the Access Control and Flipper workshop you've been waiting for.

This training encompasses everything in our 2-Day RFID Physical Access Control System Hacking training but also includes new a third day focused on research with the Flipper Zero, a new generation of tools, and practical field techniques.

Participation will include hands-on practical experience with tools, exploits, and refined methods for compromising modern Physical Access Control Systems.

Course Curriculum for Days 1 and 2

  • Fundamentals of Modern PACS Designs
  • Sensor Manipulation and Bypass Methods
  • Historical and Modern Security Tokens Including,
    • Magnetic Stripe
    •  125KHz RFID Technologies including Prox, Indal, ioProx, EM, and others
    •  13.56MHz and NFC RFID Technologies including iCLASS, Legic Prime, MIFARE, DESFire, ISO1443A, ISO1443B, ISO15693, and others.
  •  Understanding and Use of "Magic" RFID Credentials in Cloning Operations
  •  Biometric Authentication
  •  Practical Instruction, Understanding, and Use of the Proxmark3 RFID Research and Attack Tool
  • Reader Weaponization and Extended-Range RFID Cloning
  • Tech Downgrade Attacks: Techniques for Identifying Vulnerable System Configurations of SEOS and DESFire EV1/EV2
  • Principal Methods of Operation of Door Controllers, Control Panels, and their Associated Weaknesses
  • Deploying Denial of Service Attacks
  • Wiegand Protocol Sniffing, Interception, and Replay

Students will be well-prepared for real-world red team scenarios and learn how to exploit access control technology with the latest attack methods.

Workshop Curriculum for Day 3 (Specific Items May Be Adjusted)

  • Fundamental Hardware Hacking Concepts
  • Flipper Zero: The Modern Swiss Army Knife
  • NARD SAM: If you can't crack the combo, just take the whole safe!
  • Modern Downgrade Attacks: Making Rube Goldberg Proud
  • Saleae Logic: Data Tap of Omens - Sight Beyond Sight
  • Target Hardware (TBD): Welcome To Your Playground
  • iButtons: Insecurity You Can Choke On
  • RF and SDR: Radio Catch and Release for Fun
  • Intro to Hardware Reverse Engineering
  • Group Activity: Identifying Components
  • Group Activity: Beginning Exploration
  • Student Activities and Solo Challenges

The Standard Hardware Kit Includes:

  • The RFID Door Simulator: Colloquially known as the "Building in a Box", this unique piece of equipment is a self-contained unit intended to simulate authentication operations performed by a paired RFID credential reader and an upstream door controller. It features a unique multi-technology RFID credential reader, an integrated door controller, an OLED display, and a power supply. Enrolled students will practice interacting with a wide array of credential technologies and get hands-on experience with the tools, techniques, and procedures necessary for executing multiple kinds of attacks against PACS environments in the field.
  • Proxmark3 RDV 4.01 Retail Package
  • Professional PACS Credential Demo Pack: A comprehensive collection of specially configured PACS credentials representing the top technologies used worldwide.
  • Penetration Tester's Blank Credential Pack: A comprehensive and practical selection of special-purpose credentials that can be reprogrammed to emulate a wide variety of credentials, including 125KHz, 134KHz, and 13.56MHz technologies.
  • ESPKey Wiegand Interception Tool: A stamp-sized man-in-the middle attack tool that can be deployed against most systems to intercept, replay, and manipulate credential data in-transit.

The Hardware Hacking Kit Includes:

  • NARD SAM: Designed by killergeek and bettse, this handy little expansion board allows your newly (or old-ly) acquired Flipper Zero to talk to up to two SIMs or SAMs! Why on earth would you want this? Probably because of the next inclusion.
  • Special Purpose Secure Element: Along with your shiny new NARD SAM we've gone ahead and secured a number of some super-handy secure elements that happen to be preloaded with some really useful secrets!
  • Saleae Logic 8: Ever wish you could download a protocol into your brain like Neo so you can look past the 1's and 0's and see what's really going on? Well, we can't help you with that, but our favorite USB logic analyzer will get you close!
  • THE BLACK BOX*: Every student will get a practical, real-world example of security hardware that will serve as a learning platform! This will most likely be a hospitality safe but some finer details are still being worked out. There may be a game-time substitution for something even better! Either way, you won't be disappointed!

A Flipper Zero is required for participation! Students who are providing their own Flipper Zero are not required to purchase one, but students should be prepared to backup and re-flash their Flipper if necessary!

This special training/workshop combo will be offered both virtually and on-site at the flagship RTA covert entry training facility in Las Vegas, NV. On-site seats will be limited so make sure to grab a spot early!

*The box may not be black and may not be a box.