Reverse engineering the DUOX PLUS protocol

This talk explores the reverse engineering of the proprietary DUOX PLUS intercom system, focusing on its digital signaling, identification methods, and security weaknesses. Using hardware tools like oscilloscopes, logic analyzers, breadboards, and other simple tools most hackers have lying around we demonstrate MITM attacks, spoofing, and signal manipulation.

The DUOX PLUS system is a digital, non-polarized two-wire intercom and video entry system, which is widely used in residential and commercial security installations in Europe and Asia. While proprietary and closed-source, its extensive deployment raises critical security questions about its robustness against interception and spoofing.

This talk details an ongoing effort to reverse engineer the DUOX PLUS protocol by analyzing its electrical characteristics, digital signaling, and communication structure. Through oscilloscope probing and logic analysis, we uncover how the system transmits and authenticates calls, video streams, and access control signals.

About the Speaker

Kirils Solovjovs

Kirils Solovjovs is Latvia’s leading white-hat hacker and IT policy activist. He began programming at age 7, and by grade 9 was already writing machine code directly in a hex editor during lunch breaks. Renowned for uncovering and responsibly disclosing critical vulnerabilities in national and international systems, he is an expert in network flow analysis, reverse engineering, and social engineering. A lifelong command-line enthusiast, he uses bash daily for hacking, automation, and large-scale data processing. He is the author of the jailbreak tool for MikroTik RouterOS and played a pivotal role in developing e-Saeima, the world’s first fully remote legislative system used by the Latvian Parliament. Today, Kirils serves as lead researcher at Possible Security.