Dan “AltF4” Petro & Oscar Salaza - Hacking Smart Safes: On the "Brink" of a Robbery

10/16/15 • -1 min

DEF CON 23 [Audio] Speeches from the Hacker Convention

Hacking Smart Safes: On the "Brink" of a Robbery
Dan “AltF4” Petro Security Associate, Bishop Fox
Oscar Salazar Senior Security Associate at Bishop Fox
Have you ever wanted to crack open a safe full of cash with nothing but a USB stick? Now you can!

The Brink’s CompuSafe cash management product line provides a “smart safe as a service” solution to major retailers and fast food franchises. They offer end-to-end management of your cash, transporting it safely from your storefront safe to your bank via armored car.

During this talk, we’ll uncover a major flaw in the Brink’s CompuSafe and demonstrate how to crack one open in seconds flat. All you need is a USB stick and a large bag to hold all of the cash. We’ll discuss how to remotely takeover the safe with full administrator privileges, and show how to enumerate a target list of other major Brink’s CompuSafe customers (exposed via configuration files stored right on the safe).

At any given time, up to $240,000 can be sitting in each of the 14,000 Brink’s CompuSafe smart safes currently deployed across the United States - potentially billions of dollars just waiting to be stolen.

So come ready to engage us as we explore these tools and more in this DEMO-rich presentation. And don’t forget to call Kenny Loggins... because this presentation is your highway to the Danger Zone...

Note - This presentation is about exposing flaws in the Brinks’s Compusafe to improve security and allow pentesters to demonstrate these flaws to their customers. Please use this information responsibly.

Dan Petro is a Security Associate at Bishop Fox (formerly Stach & Liu), a security consulting firm providing IT security services to the Fortune 500, global financial institutions, and high-tech startups. In this role, he focuses on application penetration testing and secure development.

Dan has presented at numerous conferences, including DEF CON, BlackHat, HOPE, and BSides, and is the founding member of the Pi Backwards CTF team.

Prior to joining Bishop Fox, Dan served as Lead Software Engineer for a security contracting firm.

Dan holds a Bachelor of Science from Arizona State University with a major in Computer Science, as well as a Master’s Degree in Computer Science from Arizona State University.

Oscar Salazar is a Senior Security Associate at Bishop Fox (formerly Stach & Liu), a security consulting firm providing IT security services to the Fortune 500, global financial institutions, and high-tech startups. In this role, he focuses on application penetration testing, source code review, and secure software design.

Oscar has presented at RSA, Bsides, and Adobe’s annual private Security Summit conference.

Prior to joining Bishop Fox, Oscar served as a web security research engineer at Hewlett-Packard’s Application Security Center where he designed and developed security checks for the WebInspect web application security scanner. In addition, his research involved developing more effective methods of scanning Web 2.0 applications.

Oscar holds a Bachelor of Science from the Georgia Institute of Technology with a major in Computer Science and a focus on Networking and Security.

https://www.facebook.com/BishopFoxConsulting
https://twitter.com/bishopfox
https://www.linkedin.com/company/bishop-fox

Dan has presented at numerous conferences, including DEF CON, BlackHat, HOPE, and BSides, and is the founding member of the Pi Backwards CTF team.

Prior to joining Bishop Fox, Dan served as Lead Software Engineer for a security contracting firm.

Dan holds a Bachelor of Science from Arizona State University with a major in Computer Science, as well as a Master’s Degree in Computer Science from Arizona State University.

Oscar has presented at RSA, Bsides, and Adobe’s annual private Security Summit conference.

Oscar holds a Bachelor of Science from the Georgia Institute of Technology with a major in Computer Science and a focus on Networking and Security.

https://www.facebook.com/BishopFoxConsulting
https://twitter.com/bishopfox
https://www.linkedin.com/company/bishop-fox

Previous Episode

Mickey Shkatov & Jesse Michael - Scared Poopless – LTE and your laptop

Materials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Mickey-Shkatov-Jesse-Michael-Scared-poopless-LTE-and-your-laptop-UPDATED.pdf

Scared Poopless – LTE and *your* laptop
Mickey Shkatov Security researcher, Intel Advanced Threat Research.
Jesse Michael Security researcher

With today’s advancement in connectivity and internet access using 3G and LTE modems it seems we all can have a device that’s always internet capable, including our laptops, tablets, 2 in 1’s ultrabook. It becomes easier to be online without using your WiFi at all. In our talk we will demonstrate and discuss the exploitation of an internal LTE modem from Huawei which can be found in a number of devices including laptops by HP.

Mickey Shkatov is a security researcher and a member of the Intel Advanced Threat Research team. His areas of expertise include vulnerability research, hardware and firmware security, and embedded device security. Mickey has presented some of his past research at DEF CON, Black Hat USA, BruCON, and BsidesPDX

Twitter: @laplinker

Jesse Michael has been working in security for over a decade and is currently a security researcher at a Fortune 50 company who spends his time causing trouble and finding low-level hardware security vulnerabilities in modern computing platforms.

Twitter: @jessemichael

Next Episode

Colby Moore - Spread Spectrum Satcom Hacking - Attacking The GlobalStar Simplex Data Service

Materials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Colby-Moore-Spread-Spectrum-Satcom-Hacking.pdf

Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simplex Data Service
Colby Moore Manager of Special Activities, Synack
Recently there have been several highly publicized talks about satellite hacking. However, most only touch on the theoretical rather than demonstrate actual vulnerabilities and real world attack scenarios. This talk will demystify some of the technologies behind satellite communications and do what no one has done before - take the audience step-by-step from reverse engineering to exploitation of the GlobalStar simplex satcom protocol and demonstrate a full blown signals intelligence collection and spoofing capability. I will also demonstrate how an attacker might simulate critical conditions in satellite connected SCADA systems.

In recent years, Globalstar has gained popularity with the introduction of its consumer focused SPOT asset-tracking solutions. During the session, I’ll deconstruct the transmitters used in these (and commercial) solutions and reveal design and implementation flaws that result in the ability to intercept, spoof, falsify, and intelligently jam communications. Due to design tradeoffs these vulnerabilities are realistically unpatchable and put millions of devices, critical infrastructure, emergency services, and high value assets at risk.

Colby Moore is Synack's Manager of Special Activities. He works on the oddball and difficult problems that no one else knows how to tackle and strives to embrace the attacker mindset during all engagements. He is a former employee of VRL and has identified countless 0day vulnerabilities in embedded systems and major applications. In his spare time you will find him focusing on that sweet spot where hardware and software meet, usually resulting in very interesting consequences.

Twitter: @colbymoore