Close

Results 1 to 19 of 19

Thread: RFID hack1ng

  1. #1
    DF VIP Member
    unclex's Avatar
    Join Date
    Nov 2000
    Location
    MARS
    Posts
    2,067
    Thanks
    12
    Thanked:        33
    Karma Level
    333

    Tech RFID hack1ng

    Well it is that time again.

    Over the last two years or so RFID has become more popular and yes there are various thing you can do with RFID.

    We need to all start searching for fun things to look at in relation to RFID hack1ng....

    I would like to start it off - and I am going to make this a sticky for a while.

    h**p://rfidiot.org/
    Have Fun.





    U.N.C.L.E. X

    More UNCLEX than last week but less next :woot:

  2. #2
    DF Jedi WTD's Avatar
    Join Date
    Mar 2001
    Location
    Tokyo, Japan
    Posts
    3,256
    Thanks
    0
    Thanked:        0
    Karma Level
    420

    Default Re: RFID hack1ng

    thanks, was thinking about the implication of carrying rfid enabled devices (like mobilephones here and virtual cash cards) and the scope for abuse!!

  3. #3
    DF VIP Member
    unclex's Avatar
    Join Date
    Nov 2000
    Location
    MARS
    Posts
    2,067
    Thanks
    12
    Thanked:        33
    Karma Level
    333

    Default Re: RFID hack1ng

    Well we need to look at it all as it affects us all if you know what I mean
    Have Fun.





    U.N.C.L.E. X

    More UNCLEX than last week but less next :woot:

  4. #4
    DF God marcode's Avatar
    Join Date
    May 2001
    Location
    Satriale's
    Posts
    11,870
    Thanks
    2
    Thanked:        40
    Karma Level
    1244

    Default Re: RFID hack1ng

    a m8 of mine is doing an dissertation on rfid.. do you have any other useful links for me to pass on unclex?

  5. #5
    DF VIP Member Undertaker's Avatar
    Join Date
    Nov 2000
    Location
    Earth
    Posts
    2,527
    Thanks
    39
    Thanked:        184
    Karma Level
    421

    Default Re: RFID hack1ng

    It's the next big thing that gonna be open to so much abuse, interesting times ahead, if i find any interesting link or journal ( i do remember reading one) I shall pass them on

  6. #6
    DF VIP Member
    unclex's Avatar
    Join Date
    Nov 2000
    Location
    MARS
    Posts
    2,067
    Thanks
    12
    Thanked:        33
    Karma Level
    333

    Default Re: RFID hack1ng

    The one above is the best one I can find that relates to the UK
    Have Fun.





    U.N.C.L.E. X

    More UNCLEX than last week but less next :woot:

  7. #7
    DF Jedi slartibartfast's Avatar
    Join Date
    Jan 2001
    Posts
    2,867
    Thanks
    1
    Thanked:        4
    Karma Level
    707

    Default Re: RFID hack1ng

    There's a book in the downloads section on RFID security if it's any help. Link still works surprisingly.

    [Only registered and activated users can see links. ]

  8. #8
    DF VIP Member
    unclex's Avatar
    Join Date
    Nov 2000
    Location
    MARS
    Posts
    2,067
    Thanks
    12
    Thanked:        33
    Karma Level
    333

    Default Re: RFID hack1ng

    Thanks for the link
    Have Fun.





    U.N.C.L.E. X

    More UNCLEX than last week but less next :woot:

  9. #9
    DF VIP Member
    unclex's Avatar
    Join Date
    Nov 2000
    Location
    MARS
    Posts
    2,067
    Thanks
    12
    Thanked:        33
    Karma Level
    333

    Default Re: RFID hack1ng

    Any more good sites on this or places for cheap readers


    We also need to look at a tool called RFDUMP
    Last edited by unclex; 13th March 2007 at 12:21 AM.
    Have Fun.





    U.N.C.L.E. X

    More UNCLEX than last week but less next :woot:

  10. #10
    DF Super Moderator Over Carl's Avatar
    Join Date
    Apr 2006
    Location
    London
    Posts
    13,079
    Thanks
    3,831
    Thanked:        1,654
    Karma Level
    1270

    Default Re: RFID hack1ng

    Check the [Only registered and activated users can see links. ] site out, it says what readers are compatible.

    I was looking into cloning Phillips Mifare tags, but they have some kind of security code. Anyone know if they can be brute forced?

  11. #11
    DF VIP Member
    unclex's Avatar
    Join Date
    Nov 2000
    Location
    MARS
    Posts
    2,067
    Thanks
    12
    Thanked:        33
    Karma Level
    333

    Default Re: RFID hack1ng

    Well it is funny how there is now talk about installing RFID to Credit Cards.

    This is from last year - but there are still proposals to move forward with RFID Credit Cards

    RFID has been riddled with so many problems, it's amazing that anyone even has a shred of confidence in this technology at all. Our latest security problem du jour is that credit card companies are apparently issuing plastic that relays your digits wirelessly; as you might have guessed, security researchers are checking into this, and in a demonstration for The New York Times, easily hacked a University of Massachusetts computer science professor's newfangled RFID credit card. In short order (and with his permission), a researcher working with RSA Labs was able to steal the professor's name and credit card number that was being transmitted in cleartext -- thereby poking massive holes in Visa, MasterCard and American Express' claims that these card include "the highest level of encryption allowed by the U.S. government." Predictably, the credit card companies have already dismissed claims that the populus will be greatly affected by this hack. Brian Triplett, senior vice president for emerging-product development for Visa, told the Gray Lady: "This is an interesting technical exercise, but as a real threat to a consumer - that threat really doesn't exist." Well, Brian, care to put your plastic where your mouth is?

    h**p://www.engadget.com/2006/10/23/researchers-hack-rfid-credit-cards-big-surprise/

    Are the Credit Card Companies MAD

    It is only a matter of time before some breaks this type of system.
    Last edited by unclex; 13th March 2007 at 01:10 AM.
    Have Fun.





    U.N.C.L.E. X

    More UNCLEX than last week but less next :woot:

  12. #12
    DF VIP Member
    unclex's Avatar
    Join Date
    Nov 2000
    Location
    MARS
    Posts
    2,067
    Thanks
    12
    Thanked:        33
    Karma Level
    333

    Default Re: RFID hack1ng

    Check this out

    [Only registered and activated users can see links. ]
    Have Fun.





    U.N.C.L.E. X

    More UNCLEX than last week but less next :woot:

  13. #13
    DF Super Moderator Over Carl's Avatar
    Join Date
    Apr 2006
    Location
    London
    Posts
    13,079
    Thanks
    3,831
    Thanked:        1,654
    Karma Level
    1270

    Default Re: RFID hack1ng

    Just a thought. New cars with keyless start - like those new mercs work on rfid chips. So if I was to get rf-dump on a suitable handheld with appropraiate h/w, I could walk up to the owner of a £100k merc and capture his tag's details. Go back to car, and it should start it. Won't be able to do much, as modern immobs work on a rolling code system, so next time the car needs to be started, it won't accept the same code. (However, I suppose if you were to programme a clone of the original tag, the car should write the next expected value to your home made tag).

    Only problem I can see if the value of the code in the tag is a function of the serial no of the tag. I'm not even gonna consider nicking new mercs cos they've all got trackers probably, but I just have a curious mind (and the value being a function of the serial was something I thought about being an obstacle to another little idea I had). Was wondering if anyone had any knowledge of whether these tags would be encypted in such a way, as when I looked into Mifare cards, the only secuirty mentioned was some sort of p/w to access bits of the card - I reckon probably could be brute forced - can't get a conclusive answer there either. Anyone else got any ideas.

    Even ideas not yet in concrete, just wanna hear what others are thinking.

  14. #14
    DF VIP Member
    unclex's Avatar
    Join Date
    Nov 2000
    Location
    MARS
    Posts
    2,067
    Thanks
    12
    Thanked:        33
    Karma Level
    333

    Default Re: RFID hack1ng

    x edit
    Last edited by unclex; 21st June 2007 at 12:19 AM.
    Have Fun.





    U.N.C.L.E. X

    More UNCLEX than last week but less next :woot:

  15. #15
    DF VIP Member
    unclex's Avatar
    Join Date
    Nov 2000
    Location
    MARS
    Posts
    2,067
    Thanks
    12
    Thanked:        33
    Karma Level
    333

    Default Re: RFID hack1ng

    h**p://www.theregister.co.uk/2006/08/04/cloning_epassports/
    Have Fun.





    U.N.C.L.E. X

    More UNCLEX than last week but less next :woot:

  16. #16
    DF VIP Member
    unclex's Avatar
    Join Date
    Nov 2000
    Location
    MARS
    Posts
    2,067
    Thanks
    12
    Thanked:        33
    Karma Level
    333

    Default Re: RFID hack1ng

    Well I now have a CCcard with this installed and used the wave option the other day without a pin

    I can see skimming happening in the high street.

    Walk down the road and some BaS$%£"£D nicks your details.

    It is bound to happen.
    Have Fun.





    U.N.C.L.E. X

    More UNCLEX than last week but less next :woot:

  17. #17
    DF Super Moderator DJ Overdose's Avatar
    Join Date
    Jul 2001
    Location
    On da decks.
    Posts
    9,930
    Thanks
    946
    Thanked:        2,141
    Karma Level
    1129

    Default Re: RFID hack1ng

    Yeah I have one on my barclays card, and was thinking that if you were to bump into someone, or if someone taps your arse with a "paper" there go your details.

    Probably put readers under bar stools etc, toilets and all sorts. Doubt it would take much to amplify the receiver signal to increase range.

    If you think about it, I know that contactless payments are only valid for up to £20 or something, but if someone goes around bumping into people in the city, taking £20 off them all the time, it won't take long to earn a shit load of cash in a day...

    Considdering Oyster cards were hacked as well, I think that someone needs to come up with a better idea for electronic payments. Didn't they say as well that they were after putting this tech in mobile phones...


    DJ OD
    [Only registered and activated users can see links. ]
    [Only registered and activated users can see links. ]
    [Only registered and activated users can see links. ]

  18. #18
    DF Jedi Zippeyrude's Avatar
    Join Date
    Dec 2002
    Location
    UK
    Posts
    4,313
    Thanks
    237
    Thanked:        791
    Karma Level
    493

    Default Re: RFID hack1ng

    NFC (near field communications) in mobiles

    [Only registered and activated users can see links. ]

  19. #19
    DF PlaYa WotTheFook's Avatar
    Join Date
    Feb 2004
    Location
    Manchester
    Posts
    873
    Thanks
    202
    Thanked:        141
    Karma Level
    241

    Default Re: RFID hack1ng

    I don't know if it helps you at all, but there is software out there called Bartender that can generate RFIDs. It might give some insight as to how it works.

Similar Threads

  1. RFID info
    By Jacko in forum The Dog and Duck
    Replies: 3
    Last Post: 13th January 2010, 02:39 PM
  2. Replies: 2
    Last Post: 13th March 2007, 01:04 AM
  3. RFID hack1ng article
    By bugnote in forum System Security
    Replies: 1
    Last Post: 5th May 2006, 11:51 PM
  4. Replies: 5
    Last Post: 6th September 2002, 07:53 PM

Social Networking Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •