The presentation discusses the exploitation of a hotel's Wi-Fi network and mobile device management solution to gain control of all the bedrooms. The main focus is on obtaining the key of the national network and bypassing the gated access protection on an iPod Touch.
- The speaker discovered that the national network's SSID and key were generated by NAS notes by default, making all NAS notes CES 8700 routers vulnerable to attack.
- The gated access protection on an iPod Touch can be bypassed by draining the battery and rebooting the device.
- The web protocol used by the national network is insecure and can be exploited to retrieve the web key.
- The hotel was cooperative in addressing the security issues and took them seriously.
The speaker created a script that transformed all the towers in a bedroom into a sofa and back, and turned the lights on and off, to create a memorable night for the guest. However, the script was lost at midnight and the speaker was unsure if the guest had a good night. The speaker also contacted both the nationals and the hotel to report the vulnerabilities found.