Reverse Engineering the Linear DX Wireless Security System

Presented at Summercon 2017, June 23, 2017, 4 p.m. (50 minutes)

The Linear DX wireless protocol is as old as dirt and utilized in many physical security components like PIR sensors, bill traps, and door lock strikers. Here we will walk through the black box reverse engineering of the wireless signaling and destroy some of the vendor's security claims by enumerating the entire key space. We'll also clobber together a universal transmitter out of an existing remote and a BeagleBone Black capable of triggering some receivers in as little as 30 minutes and jamming other transmitters.

Presenters:

• Mikhail Davidov
  Mikhail Davidov is a Principal Security Researcher at Duo Labs specializing in vulnerability research and reverse engineering. After spending years in the consulting bug mines and developing crash dump analysis tools for DARPA, Mikhail now helps keep software and hardware vendors accountable for their security claims. His recent published research includes an in depth analysis of OEM updaters and an EMET bypass. @sirus

Links:

• https://www.summercon.org/archives/2017/presentations.html#reverse-engineering-dx

Similar Presentations:

• BSidesDC 2017 / The Black Art of Wireless Post-Exploitation
• 32C3 (2015) / Building and Breaking Wireless Security: Wireless Physical Layer Security & More...
• Black Hat Asia 2018 / AES Wireless Keyboard – Template Attack for Eavesdropping