BSides Austin 2018 has ended
Back To Schedule
Friday, March 9 • 10:00am - 11:00am
Introduction to Smart Cards and leveraging them in attacks

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Most admins assume that deploying the cumbersome smart card will secure their identity challenges. The fact is, PKI smart cards suffer similar vulnerabilities that most other security controls do and can be bypassed using reasonable software attack vectors. In this workshop, pen testers will get an overview of how smart cards work including example call stacks, common use cases and deployment configurations, learn workarounds for poor policies and configurations, how a smart card defends itself, and how to leverage their high trust in attacks. This high level overview will cover OS-level and software based attacks, and will not cover hardware, wireless, or physical attacks on smart cards.

avatar for Tim Honker

Tim Honker

Security Solutions Engineer II, Rapid7
Tim Honker enjoys building things and breaking other people’s things. Since 2010, Tim has served at several cybersecurity companies specializing in IAM, MFA, vulnerability management, and penetration testing. Currently a Senior Solutions Engineer at Rapid7, Tim previously worked... Read More →

Friday March 9, 2018 10:00am - 11:00am CST