Downloaded 15 times
Uploaded byidsecconf
IDSECCONF2025 - Faisal Ilham - Semi Automating Vulnerability Scanner and Exploitation in Biometric Systems A Dual-Script Approach.pdf
This research addresses key challenges in securing biometric access devices by proposing a semi-automated security solution that can be integrated into a Telegram bot. We developed and evaluated two scripts, zksentinel-WEB and zksentinel-CLI, to identify vulnerabilities like weak authentication and insecure endpoints in biometric systems. The findings revealed significant risks, including the potential for fraud and unauthorized data access. The results show that this approach is effective in detecting system weaknesses and provides practical guidance for organizations to protect against malicious insider threats and external hackers. This tool is aimed at increasing security awareness and supporting the development of safer technology in the future, helping to minimize material losses and fraud within companies.
IDSECCONF2025 - Faisal Ilham - Semi Automating Vulnerability Scanner and Exploitation in Biometric Systems A Dual-Script Approach.pdf
- 1. A dual-script approach SEMIAUTOMATING VULNERABILITY SCANNER & EXPLOITATION IN BIOMETRIC SYSTEM : 8 - 9 NOVEMBER
- 2. 2012 - LinuxCo-Trainer | Fundamental Linux Instruction & System Administration Coaching 2013 - Freelance Penetration Tester | Independent Cybersecurity Consultant | Ethical Hacking Specialist 2014 - Security Operations Center Specialist | Cyber Threat Monitoring & Incident Response 2015 - Penetration Tester | Red Team Operator | Vulnerability Assessment & Exploitation Specialist 2016 - Technology Innovation & R&D Specialist | Product Development & Solution Engineering 2017 - Freelance Penetration Tester | Independent Cybersecurity Consultant | Ethical Hacking Specialist 2018 - Present (PALU - GADA APA LU MAU GUE ADA) ./whoami Faisal ilham, S.T / Xsan Lahci Untuk Yang Belum Kenal saya, Saya Orang yang Pendiam dan Introvert, Bagi Yang Sudah mengenal Saya, Kau DIAM !!
- 4. Table Of Content ./whoami ZKSentinel Demo BAC0D& TAB0K Pray Why BA RAT & GAMPAR Q & A Intro
- 5. While biometrics offerbetter security, their vulnerabilities persist. We present ZKSentinel, a semi-automated tool to address these specific threats in ZK**** devices. Introduction
- 6. Why ? Base OnExperience 2017 > I discovered an exploit in a system and reported it to the Tim CSIRT 2014 > My friends created a script that successfully manipulated the biometric system, forcing it to reset the time back to a past date. 2020 - 2021 > I found. several employees using cloned fingerprints to manipulate their attendance records and leave work early. 2024 > Present I still have some 0-day vulnerabilities for current systems.
- 7.
- 8. ZKSentinel To address thesesecurity challenges, the ZKSentinel toolkit was developed. It consists of two main scripts: What is ? zksentinel-CLI.sh: A shell script designed for semi-automated testing of specific endpoints. It supports both single and mass targets, validates logins with default credentials, and evaluates device responses to known vulnerabilities, and send the information to the Bot Telegram ZK**** Security Evaluation Network Tool for Internal Logging & Exposure Neutralization zksentinel-WEB.php: A web-based tool that analyzes data transmitted and received via a web browser to identify security gaps.
- 9. ZKSeninel-CLI ZKSentinel-WEB TAB0K ZKScanner bac0d ZKSentinelFeature Telegram Bot
- 10. Login to End point Getthe Session Login ZKSentinel Bac0d Tab0k ZKScanner Exploit Put Session Run Get Results Choose IP Target Reporting
- 11. Unauthorized Door Control Time Setting Manipulation Network Configuration Access Password ResetAdmin IMPACT User Biometric Enumeration Unauthorized User Biometric Registered Reboot Biometric Device Data Biometric Exfiltration Download Data Biometric Device Information Disclosure Biometric User Delete Biometric User Data
- 12.
- 13.
- 14.
- 15. AI, tolong diapakandulu apa itunya biar ga apa apa kali
- 17. Biometric Attack CrawlingObject Definition
- 18. Biometric Attack CrawlingObject Definition
- 21. Time Setting Manipulation Network Configuration Access Password Reset Admin 12 Vulnerability UserBiometric Enumeration Reboot Biometric Device Data Biometric Exfiltration Download Data Biometric Device Information Disclosure Biometric User Delete Biometric User Data Unauthorized Door Control Unauthorized User Biometric Registered Default Credential
- 22.
- 26. 🚨 Summary: BiometricDevice Configuration Findings
- 27. PHOTOS FROM BIOMETRICDEVICE
- 28. Additional findings This Photoby Unknown Author is licensed under CC BY-SA
- 30.
- 34.
- 35.
- 37. MORE DETAIL ABOUTGAMPAR
- 39.
- 40.
- 41. Conclusion & ActionItems Biometric vulnerabilities are not theoretical; they pose a tangible risk that could compromise both business operations and the confidentiality of sensitive data. Key Takeaways : • High Risk : Rapid Exploitation: Vulnerabilities like Default Credentials and Open Endpoints allow attackers to immediately gain Unauthorized Door Control, Biometric User Data Manipulation, and Biometric Data Exfiltration. • Dual Threat : These weaknesses can be leveraged by insider threats (for time/attendance manipulation) or external hackers (for system takeover and data theft). • Quick Visibility: ZKSentinel & BA RAT are vital tools for security testing, providing rapid visibility into the vulnerability status of your biometric devices.
- 42. Biometric security isnot just about data; it's about physical access control. Don't leave your doors open.!
- 43. MOHON MAAF BANYAKKEKURANGAN ATAS PAPARAN YANG DISAMPAIKAN, KARENA KESEMPURNAAN HANYA MILIK TUHAN, SEJATINYA ILMU PENGETAHUAN HANYA TITIPAN, MAKA SEBAIKNYA KITA BAGIKAN
- 44. THANK YOU • ALM.RANDYAKA CYBERTANK • ISTERI • AUREL666 • PETRUKNIS.ME • KANG ALI • SUDO3RS • ALDYFRZ • M.YUGA • ARDIAN OKTADIKA • KUDANIL TERBANG https://2025.idsecconf.org/p/sponsorpartner.html REG. Makasar
- 45.