Black Hat USA 2013 - RFID Hacking: Live Free or RFID Hard - 01Aug2013
Переглядів 104,363
10 років тому01 August 2013 - Black Hat USA 2013
Fran Brown - Bishop Fox
www.bishopfox.com/resources/to...
www.blackhat.com/us-13/briefin...
Have you ever attended an RFID hacking presentation and walked away with more questions than answers? This talk will finally provide practical guidance on how RFID proximity badge systems work. We'll cover what you'll need to build out your own RFID physical penetration toolkit, and how to easily use an Arduino microcontroller to weaponize commercial RFID badge readers -- turning them into custom, long range RFID hacking tools.
This presentation will NOT weigh you down with theoretical details, discussions of radio frequencies and modulation schemes, or talk of inductive coupling. It WILL serve as a practical guide for penetration testers to understand the attack tools and techniques available to them for stealing and using RFID proximity badge information to gain unauthorized access to buildings and other secure areas. Schematics and Arduino code will be released, and 100 lucky audience members will receive a custom PCB they can insert into almost any commercial RFID reader to steal badge info and conveniently save it to a text file on a microSD card for later use (such as badge cloning). This solution will allow you to read cards from up to 3 feet away, a significant improvement over the few centimeter range of common RFID hacking tools.
Some of the topics we will explore are:
* Overview of best RFID hacking tools available to get for your toolkit
* Stealing RFID proximity badge info from unsuspecting passers-by
* Replaying RFID badge info and creating fake cloned cards
* Brute-forcing higher privileged badge numbers to gain data center access
* Attacking badge readers and controllers directly
* Planting PwnPlugs, Raspberry Pis, and similar devices as physical backdoors to maintain internal network access
* Creating custom RFID hacking tools using the Arduino
* Defending yourself from RFID hacking threats
This DEMO-rich presentation will benefit both newcomers and seasoned professionals of the physical penetration testing field.
@marccoffey291 8 років тому
Last time I had to hack into a building, I just reversed through the front doors with a stolen Ford Transit van?
@mastermason10 10 років тому
Awesome. Thanks much for the post
@wheaties466 10 років тому
is there a link to spec on the smaller short range RFID card reader he used to clone?
@nashvillewebnet 9 років тому
I'm still trying to learn how to use my RFIDler
@iamshabeeb 8 років тому
Is there any possible way to receive and send gsm signal over internet to another country ?
@GloomyHouse 9 років тому
Guys, I need some advice on a project I am working on. Not hacking, just Using a robot with built in SLAM and combining it with RFID tags, and a reader to localize it. If there is anyone willing to help me I would be incredibly helpful. I just got a couple questions.
@bpatton1727 10 років тому
Sweet vest!
@diazpame10 7 років тому
hi,i have a rfid card and its protect by password.how hack this rfid card? ( myfer)
@vanhetgoor 4 роки тому
How time flies? In the old day you could read a card and than write the found data upon a new empty blanc card. Shortly after this they invented the blanc card with an unchangeable serial number, then came the cards with logic on it. That you had to write certain data on an address before the card would release some data. This is only six years ago.
@tasticful 10 років тому
The proxmark3.
@RichardsWorld 10 років тому
If a highway toll booth uses RFID to read the a Easypass or other prepaid tollbooth cards, they must be very strong.
@tonyangeles8741 7 років тому
Holla when u get back then, ill be waitin
@lacrosseattacker10 7 років тому
Amazon Go stores are gonna be so screwed...
@LeeAnnabelarticlespinner 8 років тому
Friend, Hacking tools to buy.
@bpatton1727 10 років тому
I too have done "penitration tests"
@ismzaxxon 8 років тому
i used to do this stuff 20 years ago. These cards are still being installed in 2016. Why, because they are cheap. They are easy to get. For any serious people wanting technical advice, pm me. Great VID though. aimed at IT guys not upper end security engineers.
@gerardyoung8533 5 років тому
do you have a email that we can contact you at?
@user-fc2tq7rr9x 8 років тому
We need your help to find a circuit board or RFID bought a pancake can not find pamagite
@Siemianowicee 5 років тому
I just want the parking lot key !
@manoushow6658 5 років тому
good noiti and I would like to know how you find a site of credit card and personal data and and cenha and cpf very top cees eshou I am new in this method I want to get some of the maires rack of the world boss has like you miajuda ai this goal I will please a lot
@waylandjennings4073 9 років тому
He sharted at 3:01 then stalled for a moment or two.
@Siemianowicee 5 років тому
There are cafes other than Starbucks !
@tonyangeles8741 7 років тому
Oh ok, just seen that message. See, this shits throwin me off, never talked on this bs thang before
@20rich02 9 років тому
I have a very serious question. If a person is implanted with a RFID chip/chips, how would someone be able to hack them? Im interssted in helping people that have been implanted with chips. Thats also why im serious about this subject. If you or anyone out there could help me out on this one I would be more than greatful for helpful information.
@LiezerZero 9 років тому
Its no different.. they would have to upgrade their implant to increase security. They should be willing to do this at least once a year or two years (pushing it) or they will become obsolete. I see no need to get an implant.
@20rich02 9 років тому
Well yes I agree. I was talking about human implants that are called implantable RFID chips (Verichips). IF you have any ideas Id be more than greatfull.
@eukaryotic0703 7 років тому
20rich02 Having a RFID implant would be cool, I would use it to unlock my computer. is it just a small transistor in silicone
@Waxxumus 7 років тому
Really really really overthinking this. You can get into most places by dressing buisness casual and looking nice and being nice. Walking up to the door where the smokers are, and asking "Hey bro could you badge me in i forgot mine today" Next doors you just wait until someone else badges in and then walk through the door.
@ko-Daegu 5 років тому
Doctor Jack Can you do that at night thought
@williammorken7484 8 років тому
audio is horrible on this my ears are bleeding from the squeeks
@jackoneill8585 8 років тому
wait so this douch is selling these....>? wtf thats illegal...
@dtec5993 5 років тому
Boring
HackersOnBoard
Переглядів 1 млн
Суспільне Львів
Переглядів 631 тис.
OWASP Foundation
Переглядів 1,6 млн
AI Explained
Переглядів 63 тис.