From Parking Hacks to Legacy Flaws: Our Team at RootedCON PT 2025

By Char49 Events David Sopas, Paulo Silva, Lisbon, rootedcon, rootedconpt

RootedCON PT is the Portuguese edition of RootedCON, a cybersecurity conference that started in Spain and has become known for its technical content and active community involvement. It brings together researchers, professionals and enthusiasts to share knowledge and practical experiences. The 2025 edition in Lisbon continued this approach, providing a space for technical talks and knowledge exchange.

We’re proud to share that our team members David Sopas and Paulo Silva were invited speakers at this year’s event.

David Sopas, Co-Founder and COO of Char49, presented "The Parking Chronicles: A DIY Guide to Controller Detection". What started as a casual curiosity about a local parking system evolved into a hardware exploration of how controllers communicated, hid, and sometimes exposed more than they should. In his talk, David walked the audience through the journey of identifying, locating, and analyzing parking controllers using DIY tools and techniques. He explored classic Bluetooth and BLE, highlighting how accessible methods were used to uncover vulnerabilities in seemingly innocuous infrastructure. The goal wasn't just to break things, but to understand them — and to show how anyone with a soldering iron, a few scripts, and a lot of persistence could demystify such systems. The session delivered practical insights, real-world examples, and even a few laughs along the way.

Paulo Silva, our Principal Security Researcher and Co-Leader of the OWASP API Security Project, presented "Aged Like a Fine Port: Old Yet Impactful", where he explored CVE-2023-34923, a critical XML Signature Wrapping (XSW) vulnerability found in a Microsoft Azure AD integration. In this session, Paulo examined how this vulnerability remained undetected for over a decade — despite regular penetration testing — in a service management platform. While Azure AD is often perceived as "secure by default" due to Microsoft’s strong security reputation, the validation of the SAML response was, in fact, the responsibility of the receiving party. This crucial step had been overlooked, allowing the vulnerability to persist silently for years. The session explored the technical details of the flaw, the possible human factors that contributed to the oversight, and broader lessons for the security community. Paulo provided a comprehensive look at how seemingly minor assumptions can lead to persistent security blind spots. While XML Signature Wrapping is a well-known and well-documented vulnerability, this case illustrated how even established weaknesses can persist when key assumptions go unchallenged. The audience gained insights into the mechanics of the vulnerability, the psychological and operational biases behind its longevity, and practical strategies for identifying similar weaknesses in their own systems.

The talk emphasized the importance of questioning assumptions, thoroughly validating third-party integrations, and giving proper attention to complex, resource-intensive features.

We congratulate both speakers for their impactful contributions and commitment to advancing security knowledge in the #infosec community.