SANSFIRE 2025: SANS@Night - Unlocking Secrets: Keypad Safe Attack Using Side-Channel Timing And Pulseview
In this demo of hardware hacking, we'll introduce PulseView - the 'Wireshark of hardware hacking' - and demonstrate a technique to unlock a keypad safe. Our method? A Side-Channel Timing Attack, which relies on the timing discrepancies in the user interface. Using an affordable logic analyzer (priced under $15), we'll capture microsecond changes in response times tied to incorrect passcodes. By leveraging this side-channel data, we will carefully decipher the true passcode of the safe. Unique Approach: Traditional hacking often focuses on software vulnerabilities to exfiltrate sensitive data. In this demonstration, we will show how the timing of system responses can leak data without any traditional vulnerabilities. This approach emphasizes the power and subtlety of side-channel attacks in extracting valuable information. Insights for Attendees: Understand how a side-channel timing attack works to reveal sensitive data. Learn about the key functionality of logic analyzers and the PulseView software, often called the 'Wireshark of hardware hacking.' Gain practical knowledge on how to utilize changes in response time to recover the passcode of a keypad safe. Join us for this insightful session to explore the intricacies of hardware hacking and enhance your cybersecurity skill set with real-world applications and techniques.
