P0wning a public transport system

Presented at Kiwicon 7: Cyberfriends (2013), Nov. 9, 2013, 1:45 p.m. (30 minutes).

The operators of a certain NZ public transport system told us it used a "safe and secure smart card", but of course it was proprietary, we just had to "trust" them. Someone might want to explain terms like "white-list", "encryption" and "server side validation" to them because they made some very non-smart security decisions. In this talk I'll explain the details of reverse engineering the system, the cards, protocols and formats used. While doing so I discovered a number of vulnerabilities in this smart card system. It turns out there are both client side and server side vulnerabilities, which allow total exploitation.

Presenters:

• William Turner / AmmonRa   as William "AmmonRa" Turner
  Sell out code monkey by day, DIY cyborg by night, AmmonRa has lurked around Kiwicon for the last few years and finally lucked into having something to talk about this year.

Links:

• https://2013.kiwicon.org/the-con/talks/#e112

Similar Presentations:

• DEF CON 24 (2016) / (Ab)using Smart Cities: The Dark Age of Modern Mobility
• DEF CON 12 (2004) / Smart Card Security
• BSides Austin 2018 / Introduction to Smart Cards and leveraging them in attacks