Description: NOTE: The slides can be downloaded from http://nullcon.net/archive/2011/presentation/
The research work reveals the methodologies that could be aided in checking the security of a Finger Print Scanner, Remotely and Locally.
Local Attack:
Finger print scanners read input using two methodologies:
1) Optical scanner
2) Capacitance scanner
Optical Scanner are most widely used ones and the main part of it are the CCD[charge coupled device ], these are simply an array of light-sensitive diodes called photosites, which generate an electrical signal in response to light photons. Each photosite records a pixel, a tiny dot representing the light that hit that spot. Collectively, the light and dark pixels form an image of the scanned finger print. By-passing these devices is possible by cloning the fingerprint of an employee when he tries to authenticate by placing a transparent less reflective plastic in front of the device. And later these clones could be modified by enlarging and modifying the extracted clone to fool the Bio-Metric Systems.
This above mentioned trick is practically not easy as the problems we would have to face would be the validation of the machine in order to differentiate between a real and valid image by checking the average pixel darkness, or the overall values in a small sample by rejecting the scan if the overall image is too dark or too light.
Capacitance Scanners work on the principle of capacitance and the above mentioned technique would not work on these systems. But there is a possibility of fooling the system by voluntarily cloning your finger print on a substance which has got body equivalent capacitance. Certain systems along with capacitance checks blood flow, temperature, and even simulate human sweat. Well that makes it hard to tamper but not impossible. A video on bypassing one such device on a typical model [Just capacitance] will also be shown
Remote Attack:
The biometric system, almost all runs with a remote administration module in the MIPS, which would be connected to network via the same switch, Man in the Middle attacks is always possible, and other attacks like: http://www.exploit-db.com/exploits/11822/ but the issue is of identifying these devices as normal network scans will only detect these as a Linux System. So I have built an Nmap script which could spot such devices on the network. The script works on the basis of internal databases of [banner and services] used by Biometric Hardware vendors, current list populates most used devices [India only]. A video or if possible, a real scenario would be demonstrated . And usage of my Nmap module would be explained.
Tags: null , nullcon , security conference , conference , biometric , hardware , exploit , exploits , hacker , hack , hacking , exploitation , retina , fingerprint , scanner , scanning , biometrics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
In all of these Nullcon Goa videos it looks like the presenter is wearing a lavalier microphone but it sounds like the video is using its built-in mic. Any there any links to these very interesting videos that have better sound quality?
Thanks for the feedback WCNA. We'll definitely keep this in mind for the next conf and have direct output to cam.
no doubts!!!i liked whole presentation...thats awesome bro....keep rocking!!!btw what is the criteria 4 paper selection??whats d deadline(dates)4 paper submission.....thankx in advance
Nice talk! Nullcon's technical talks quality is at par the best in the world like Defcon and Blackhat. Keep it up.