While doing some research on parking management systems and associated technologies, I came across a specific manufacturer offering it’s customers the possibility of complete REMOTE MANAGEMENT of their parking systems with the ability to manage parking rates on-the-fly, view connected security cameras and even control barriers. Sounds like music to my ears!
In this talk I will cover all aspects from discovery to full remote compromise of one of Europe’s leading parking management system manufacturers. At the time of writing, we have detected over 190 remotely vulnerable parking management systems with more than a 150 of these located in Europe alone.
In this session, I will cover:
– Finding parking management systems that are connected to the internet and searching for possible points of entry
– Exploiting attack vectors (one 0day was found which allow us to obtain every file from the main system)
– Locating important files, backups and main configuration files
– Gaining full access to the parking management database
– Gaining full access to the management system as superuser (root) which allow us to change the strings of everything (tickets, screens etc), controlling the parking states, accessing webcams, controlling barriers and much more!
Note: In accordance with responsible disclosure practices, the manufacturer / vendor has been contacted and informed of the vulnerabilities discovered. At time of writing, we unfortunately have still not heard back from them.