How to Bypass RFID Badge Readers (w/ Deviant Ollam and Babak Javadi)

  Переглядів 1,150,819

The Modern Rogue

The Modern Rogue

4 роки тому

Find out who might be the World's Greatest Con: • Michael Larson Also Di...
Go to privacy.com/rogue to get $5 free money!
🡇 -------------- extra material & accreditation -------------- 🡇
If you can see this video, we have successfully bypassed the RFID chip in your right temple.
------------------------------------------------------------------------------
Unedited footage for this video ($5+ patrons): / 33495515
------------------------------------------------------------------------------
Music used in this video:
Nokiaa x nofeels "All Us" chillhop.bandcamp.com/track/a...
fantompower "Things Work Out Eventually" chillhop.bandcamp.com/track/t...
Ian Ewing "Trinidad" chillhop.bandcamp.com/track/t...
Tesk "Green Stamps” chillhop.bandcamp.com/track/g...
Sofasound "With All I Am" chillhop.bandcamp.com/track/w...
Otesla
"Carbon" chillhop.bandcamp.com/track/c...
Most of the music from the show: bit.ly/mrspotify
------------------------------------------------------------------------------
Post-production powered by Doghouse Systems (They're good. You should buy one)
www.doghousesystems.com/v/rogue/
Use promo code “ROGUE” and get a free 250gb SSD now!
------------------------------------------------------------------------------
This video was made with the help of:
Brian Brushwood - host -- / shwood
Jason Murphy - host -- / captainmurphy
Brandt Hughes - camera operator / colorist / editing supervisor-- / gatowag - / gatowag
Bryce Castillo - live audio engineer -- / brycas
John Rael - camera operator / editor-- / skepticallypwnd
Annaliese Martin - camera operator (ep) -- / amuseliese
Deviant Ollam - guest -- / deviantollam
Babak Javadi - guest -- / babakjavadi
Benjamin F. (Rev) - first draft of english captioning
------------------------------------------------------------------------------
Our Mailing Address
Modern Rogue
539 W. Commerce #1975, Dallas TX 75208
------------------------------------------------------------------------------
Scam Nation: / scamschool
Patreon: / modernrogue
Discord (patron reward): / discord
MR Articles: themodernrogue.com
Outtakes & BTS: / scamstuff
Subreddit: modernrogue.reddit.com
Merch: www.scamstuff.com/
Twitter: / modernrogueshow
Instagram: / modernrogueshow

КОМЕНТАРІ: 1 200
@ModernRogue
@ModernRogue 4 роки тому
That's right, you could win an ESPKey or a clear RFID badge from Red Team Alliance. Plus, we're extending last week's Miracle Fruit Tablets giveaway another week! Be one of 10 lucky winners to get an ESPKey, clear RFID badge, or set of Miracle Fruit tablets by entering this week's free giveaway now at gimme.scamstuff.com (no purchase necessary, giveaway ends 2/6/2020)
@The.Incredible.Mister.E
@The.Incredible.Mister.E 4 роки тому
I'm the winner. Fact.
@Dezzy601
@Dezzy601 4 роки тому
@@gaijinontheroof5093 probably never :p
@Ashonthestreet
@Ashonthestreet 4 роки тому
I’m 90% sure the modern rouge is just Brian and Jason planning a super elaborate heist
@differntname2807
@differntname2807 4 роки тому
I want.
@JacobPeterzon
@JacobPeterzon 4 роки тому
Dude I had no idea sounds awesome though! :D Love the show!
@buzzbros2002
@buzzbros2002 4 роки тому
6:25 "It's open source man. If it doesn't work you can just fix it". The perfect argument!
@jameswalker199
@jameswalker199 4 роки тому
I love open source, but of course the people that could help fix things and don't are where we all fall flat on our faces.
@trones9204
@trones9204 4 роки тому
@@jameswalker199 ? I don't understand your comment. Who are "we"? How do "we" fall flat on our faces? Who are the people "that could help fix things"? OOP is incredibly easy to learn, so anyone willing to put in a bit of time can fix the open source software. I'm not trying to be rude, I am genuinely curious.
@buddergolem9463
@buddergolem9463 3 роки тому
@@trones9204 he means instead of using the knowledge to fix it they use it to exploit the issue for their benefit
@godjhaka7376
@godjhaka7376 9 днів тому
​@@buddergolem9463not in the case of Android or any mainstream open source project. only problem is people who refuse to Google, refuse to use their brain and create spam aka low-effort posts asking what they could easily solve with one google.
@cretin2025
@cretin2025 4 роки тому
I love the very strong attempt to provide an “everyday” reason to know all this throughout the channel. On the contrary there is also a successful attempt to scare me and yourselves. Keep up the power moves.
@KaitouKaiju
@KaitouKaiju 4 роки тому
@@tenchraven That sounds awesome and I wish I could be your player. No homo
@thetimebinder
@thetimebinder 4 роки тому
It's helps inform people of vulnerabilities in THEIR own security
@kellynolen498
@kellynolen498 4 роки тому
Knowing how to do it is literaly the only way to know how to stop it in the security bis not that i have a legit reason to know i just dont want to call a smith to break into my own car or house i also like to help my friends and coworkers out too when im there
@nicksurfs1
@nicksurfs1 4 роки тому
Kevin D I’ve been looking for tabletop RPGs with a sci-fi setting but have been unsuccessful. What do you play? I love D&D but I love cyberpunk dystopia more.
@Luminarigon
@Luminarigon 4 роки тому
Babak Javadi's glasses look like they were added in post.
@jimmyat
@jimmyat 4 роки тому
I thought the same thing. They look like a snapchat filter
@wolfsden6479
@wolfsden6479 4 роки тому
I think that is the point of them they look cool.
@jimmyat
@jimmyat 4 роки тому
Yeah it looks pretty cool.
@wolfsden6479
@wolfsden6479 4 роки тому
@@jimmyat my other thought is they may be anti face reconization.
@kyleo1236
@kyleo1236 4 роки тому
If anyone knows the brand of those glasses, please post it. They look freaking awesome.
@saudade7842
@saudade7842 4 роки тому
I'm really enjoying the newer security/privacy based videos you guys are doing.
@edwardbarton1680
@edwardbarton1680 4 роки тому
It's worth mentioning that the more expensive RFID tags use an active challenge-response system, where the number broadcast is different every time.
@BLavins
@BLavins 4 роки тому
It's also worth mentioning that those are rarely used in practice. As a security integrator, I can say my experience is that I may install 1 out of a 100. That is because it is more expensive and the sales guys like to sell the cheaper systems so they can upcharge and pocket the rest.
@BLavins
@BLavins 4 роки тому
And then of course, if they install REX Motions then forget about security. Give me a can of compressed air and I'm in. Security is only as good as your weakest link.
@brwa5176
@brwa5176 4 місяці тому
@@BLavins all the readers I'm familiar with use this challenge response approach.
@devonwilliams2423
@devonwilliams2423 2 місяці тому
@@brwa5176I challenge this and expect a response
@Thegbiggamerz
@Thegbiggamerz Місяць тому
@@brwa5176you must work for a higher end establishment then in my installation experience this is not the case. Either way I’m sure there are ways to defeat it
@windwalker5765
@windwalker5765 4 роки тому
So, for the last couple years, I've been having a bunch of fun watching Modern Rogue, InRange TV, and Deviant's talks at various conventions. And now within a month or two, Deviant shows up on MR and InRange! It's like finding out your cool friends actually know each other and get along, it's friggin' awesome!
@taylorstem4454
@taylorstem4454 4 роки тому
1:39 the glasses looked like they where edited on
@LyvlonLP
@LyvlonLP 4 роки тому
Thought i was the only one
@thecringelord5525
@thecringelord5525 4 роки тому
True
@RocketCityGardener
@RocketCityGardener 4 роки тому
dude has snapchat filter glasses
@JacobPeterzon
@JacobPeterzon 4 роки тому
Yeah It was big trippy first like 2 minutes I just stared! Like wait, what?
@troublewithweebles
@troublewithweebles 4 роки тому
Came here to say this. Ten Points.
@marcuschen2779
@marcuschen2779 4 роки тому
I can imagine someone entering a building illegally and got caught. Police: "where did you learn how to do this?" Perp: " Because I'm a MODERN ROGUEEEE!!!"
@ModernRogue
@ModernRogue 4 роки тому
That will be a legendary police video
@AG.Floats
@AG.Floats 4 роки тому
Prep?
@JeremiahFrye
@JeremiahFrye 4 роки тому
Then you yell 'GO AWAY COP GUYS' and slam a flash bang into the ground before running away.
@marcuschen2779
@marcuschen2779 4 роки тому
@@AG.Floats oops is supposed to be perp short of perpetrator. But autocorrect...
@user-rl1eq8ml1h
@user-rl1eq8ml1h 4 роки тому
@@AG.Floatsa perp is a suspected criminal like a suspect
@CollinRobertsVlogs
@CollinRobertsVlogs 4 роки тому
Hey Brian and Jason! Proudly been watching for nearly 10 years now. Much love and respect!
@ModernRogue
@ModernRogue 4 роки тому
wow! Thanks so much, man!
@NtGism
@NtGism 4 роки тому
Honestly, the episodes with these guys are great. Both in terms of content and subject but also in terms of presentation
@peternewson2275
@peternewson2275 4 роки тому
These new modern rouge episodes have been A+, really great seeing this channel grow.
@kiddochy5756
@kiddochy5756 4 роки тому
Look up Deviant Ollam's defcon talks they're really good
@SamBebbington
@SamBebbington 4 роки тому
RFID is a lot more secure nowadays, yes a few places still use easily cloneable cards, but most use some form of encryption and a a nonce (random number) to verify that both the card and the reader are not spoofing. If you try to copy a card, and you don’t know the encryption key, the card will refuse to send data. The skimmer is still an issue as far as I’m aware, but you still won’t be able to make a card if you do t know the encryption.
@studioxxswe
@studioxxswe 4 роки тому
thats my understanding as well.
@FatherPrax
@FatherPrax 4 роки тому
Yes and No. If you check out Deviant Ollam's channel, one of his talks he did mentioned that even the more secure systems, most of the time the readers also have a Prox system in-place and enabled as a built in backup. So while you may not be able to spoof at higher end card, you can still fool the sensor in other ways to trigger a door open.
@freman
@freman 4 роки тому
You also run into circumstances where an organisation doesn't control the whole building so while they have whizz bang encryption in their readers and protocols on the wire to the controller, they do dumb stuff like make building lifts with it's legacy system part of their security framework. Hell, I've seen the "break glass" emergency switches mounted *in* the public lobby area because the only way to get to the emergency stairs is through that door - rather than building a path that didn't require basically disabling security.
@BLavins
@BLavins 4 роки тому
As a security integrator myself, I will have to say that in my experience, the sales guys are still selling the unencrypted HID Prox readers. In fact, it is rare when I install anything encrypted. I have the Proxmark 3 and use it to clone company cards when I'm at a company that doesn't have a guest badge for IT vendors. I've cloned my own cards to transfer them to keyfobs instead so I don't have to carry my badge everywhere I go. Instead, it's right there on my keychain.
@BLavins
@BLavins 4 роки тому
@@freman In many places it's actually part of the fire code. Nothing they can do about it. I just did an office recently that wanted to have a fail secure crash bar on the stairwell door but fire code says it must be fail-safe so if the fire alarms go off then the doors unlock. This way the fire department can access the floor from the stairwell. It's fail-safe so that way if the power fails it will also be unlocked. The owner didn't like it but there was nothing he could do about it due to the fire code.
@timp788
@timp788 4 роки тому
I was kind of hoping that Deviant would use the back of his hand to open the lock.
@alexkantor8238
@alexkantor8238 4 роки тому
Oh yeah he's got a chip
@screwball69
@screwball69 4 роки тому
Thats coming, they covered implants while they were there
@Volvary
@Volvary 4 роки тому
@@screwball69 It would just have been the perfect moment right now to make jason and bryan just flip their shit.
@screwball69
@screwball69 4 роки тому
@@Volvary Agreed
@ThetaReactor
@ThetaReactor 4 роки тому
Deviant Olaf, cyber-intrusion agent.
@aalleezzzz
@aalleezzzz 4 роки тому
I work with this in Sweden and this is widely known in the security industry, I would love to see them explain with mifare which is the by far most used one in new/renovationer building. Possibly go into differences in mif/ mig lite and mif 4K.
@matthewellisor5835
@matthewellisor5835 4 роки тому
"There are different things to put in different places." -Babak
@user-lw8jk6nv7l
@user-lw8jk6nv7l 4 роки тому
This is essentially the lost mythbusters episode that adam savage talked about.
@DarkFoxDK
@DarkFoxDK 4 роки тому
Not really. Tap to pay has a little more smarts than simple access cards, and aren't vulnerable to the types of attacks in this video.
@Hebdomad7
@Hebdomad7 4 роки тому
More credit cards than door access cards. Credit cards have a wee bit more security built in. Especially on the payment terminal. The lost mythbusters episode on that covered how easy it is to duplicate credit cards and do it from a distance. Chip and pin still remains the most secure but the danger of old RFID credit cards was the credit card number wasn't encrypted! This ment you could steal credit card numbers from wallets without touching them, hence all the RFID protection wallets have these days... Oh passports were also vulnerable to this.
@user-lw8jk6nv7l
@user-lw8jk6nv7l 4 роки тому
@@DarkFoxDK it is. Adam savage was doing some appearance at a convention irrc, and he said they were going to do a show on how vulnerable the chips are, but they decided not to due to legal reasons.
@SkaveRat
@SkaveRat 4 роки тому
well, the "legal reasons" were: "Credit card companies threatened to stop buying advertisements at discovery channel"
@DarkFoxDK
@DarkFoxDK 4 роки тому
@@user-lw8jk6nv7l Like Phil says, wireless credit cards, and chips aren't just static data being shouted out, which can then be copied. There's a cryptographic challenge and response process, which prevents straight up copying of the card as shown in this video, as the card's secret is never revealed directly. There are other vulnerabilities that are a lot more difficult to exploit, but it's not nearly as easy as copying an access card.
@OliviaWenya
@OliviaWenya 4 роки тому
When you already know, but watches it anyway since it's the best collab ever.
@ChrisWCorp
@ChrisWCorp 4 роки тому
As someone getting into cybersecurity, these episodes are amazing.
@NZSpides
@NZSpides 4 роки тому
If you're into cyber security, then you should have read about this years ago.... this is way old news
@boneappletee6416
@boneappletee6416 2 роки тому
@@NZSpides Everyone progresses at a different pace, with different starting points, end goals, and starts at a different time in their life.
@MrHowardPhillips
@MrHowardPhillips 4 роки тому
I've been reading quite a few comments saying how newer cards are encrypted (chap smart cards). I work on large industrial and government systems almost daily and can tell you the number and types of things that are still 'secured' by the lowest level cards (26 bit) is scary. I have literally cloned a card in front of a security director of a weapons lab with one of those eBay blue guns and it still took them over a year to upgrade because the way government financing works.
@BLavins
@BLavins 4 роки тому
I hear you, man. Same here, I'm also a security integrator and I keep reading the same comments and think, "if they only knew."
@thezfunk
@thezfunk 4 роки тому
Industry polling say that 26-bit, standard Weigand is still the majority of installations in the US. Some companies have moved to 'smart' cards (13.56MHz) but it is far, far lower conversion rate than you would hope/expect. These techniques will get you in most places today. When security people show this to C-Level executives they freak out, initially. Then, they ask how much will it cost to replace all the readers and rebadge every employee and they quickly sweep it under the rug. Trust me, rebadging hundreds, thousands, tens of thousands of employees for a changeover is a logistical nightmare.
@NZSpides
@NZSpides 4 роки тому
@@thezfunk I wish I could tell you what I do, it is super scary the number of facilities in the US that are using ancient access technologies. A lot of the US is actually about a decade or more behind most of the rest of the world. I have stories.
@KrolKaz
@KrolKaz 3 роки тому
imagine how old the systems are that North korea or Iran use to protect thier weapons systems.
@l3d-3dmaker58
@l3d-3dmaker58 4 роки тому
my god I LOVE this! it's so interesting to learn about, I'd love to see more of this pen testing strategies and absolutely demolishing the sense of security I have of buildings
@Dezzy601
@Dezzy601 4 роки тому
Oh there are tons of things that will demolish that sense of security :)
@pharynx007
@pharynx007 4 роки тому
deviant does a pretty awesome talk here: ukposts.info/have/v-deo/qp6el4iLpYp_pGw.html it's all about crazy physical penetration he's done.
@alexhamon9261
@alexhamon9261 4 роки тому
Check out Deviant's channel, hes got hours of to talks on how to beat locks, doors, access control systems, elevators, and how these all get applied to pen testing.
@Lamoboos223
@Lamoboos223 5 місяців тому
this was one of the exciting videos I ever seen, I loved the instructors and the interviewers. Thank you sm!
@peterh3943
@peterh3943 4 роки тому
THANKS FOR THE VALUTA CONVERSION - WAS A GREAT TOUCH ;)
@virgil2478
@virgil2478 4 роки тому
When the modern rogue posts a video... while I’m watching a modern rogue video Edit: I do appear to have spelt Rogue wrong. I have fixed it now.
@ModernRogue
@ModernRogue 4 роки тому
nice.
@jonathangrey2183
@jonathangrey2183 4 роки тому
Spell it right R-O-G-U-E! --Brian
@JaxMerrick
@JaxMerrick 4 роки тому
As Mother Nature intended.
@kp5602
@kp5602 4 роки тому
Hey Virgil wheres your profile picture from? Ive seen it multiple times before.
@matthewellisor5835
@matthewellisor5835 4 роки тому
@@jonathangrey2183 there is no "C"
@batchampa
@batchampa 4 роки тому
The more interesting aspect of this video is related to what information you can get from bugging the readers. Cloning cards and replay attacks are only going to work against systems that aren't using cryptographic access cards
@kyvehvolvadan5260
@kyvehvolvadan5260 4 роки тому
I'd actually thought about this for some time, since I do work for an airport as a baggage handler. And to know it would be that easy for somebody to break into an airport using tools like this is just amazing to me.
@brutus2288
@brutus2288 4 роки тому
If I had the mentality and the initial funds.. with zero concern for being a criminal.. this channel has truly taught me to be the ultimate mastermind behind breaking and entering, skimming, hacking and build and creating weapons and self defense.. you can truly become the ultimate human just by watching this
@tommy6322
@tommy6322 4 роки тому
I saw Deviants name in my notification and stopped what I was watching to start this
@user-ox7id9he5v
@user-ox7id9he5v 4 роки тому
I can just imagine someone placing a RFID chip in a Sonic screwdriver prop and just using that to open doors where they work
@tohfawalker159
@tohfawalker159 4 роки тому
Ashton Minden I believe someone did it with the London Underground rfid card and a sonic
@will_scarborough6487
@will_scarborough6487 4 роки тому
I plan on doing that at school. I’m trying to find out the frequency that they use in their fobs, then I’m just gonna purchase one, strip it down, and put it in a sonic
@CWGminer
@CWGminer 4 роки тому
I'm waiting for my proxmark in the mail, I'm totally gonna try that. Thanks for the idea.
@mikebik4365
@mikebik4365 3 роки тому
@@will_scarborough6487 then you will go to jail for a felony.
@KENNETHCARNIE
@KENNETHCARNIE 3 роки тому
Genius
@NeilHyndman
@NeilHyndman 6 місяців тому
This was one great video! I enjoyed every moment of it. Thank you for this video! Well done!
@FYCBigJezus
@FYCBigJezus 4 роки тому
with each episode this channel becomes more entertaining, intriguing and terrifying. I love it.
@neonyeko
@neonyeko 4 роки тому
I imagine that after destroying so many sources of "security", Jason begins scheming to destroy the sponsors of thier videos because they produce "security" and Murphy holds Jason back.
@zackthemaniac5754
@zackthemaniac5754 4 роки тому
And Jason Murphy holds Jason Murphy back?
@PoodlePuncher
@PoodlePuncher 4 роки тому
@@zackthemaniac5754 +1 lol
@demonman1234
@demonman1234 4 роки тому
Split personality's?
@neonyeko
@neonyeko 4 роки тому
Murphy is the side of Jason Murphy that we see, Jason comes out when the cameras aren't rolling.
@debrabarnhardt1103
@debrabarnhardt1103 2 роки тому
Decades ago, long before I saw this video I just assumed the entry cards were security theater and the real purpose was monitoring the employees. When we told repeatedly not to piggyback on someone else's card it was rather obvious. Now I KNOW they monitor the employees.
@Merlin012001
@Merlin012001 4 роки тому
i am glad to see the deviant out and about! i love the defcon talks he gives!
@yamumsyadas5215
@yamumsyadas5215 4 роки тому
Love your work you inspire me all the time PS. love your videos was just watching one as you posted
@Packman332
@Packman332 4 роки тому
"F*cking magnets, how do they work?" Terrific reference by that dude.
@mandc20022
@mandc20022 4 роки тому
Icp
@darkclownKellen
@darkclownKellen 3 роки тому
Whoop whoop
@kdb699292
@kdb699292 3 роки тому
Had to look through the comments as soon as I heard that to see who else caught it. Whoop! Whoop!
@StrokeMahEgo
@StrokeMahEgo 4 роки тому
Company: "dang, that DeviantOllam fellow decoded our top master key, better install prox cards!" The following week: "Now he's got everyone's card code and is randomly badging in as other people! We have to stop him!" Deviant: /hides in elevator/
@---cr8nw
@---cr8nw 4 роки тому
Sir, with all due respect, how do I know you're not him? He could be any one of us, just using a cloned badge.
@AriosQarsute
@AriosQarsute 4 роки тому
I see you saw Deviant's elevator talk.
@CWGminer
@CWGminer 4 роки тому
@@---cr8nw He could be any one of us. He could be you, he could be me! He could even be-- **BLAM** *spy dies*
@jwayneair
@jwayneair 2 роки тому
V, is that you??
@Bebop_2962
@Bebop_2962 4 роки тому
Love the conversions. Well done.
@JO-sg7wk
@JO-sg7wk 4 роки тому
Holly crap i know this is gonna be good. Ollam has 3, 1 hr long talks on YT about physical building security and its amazing. Mans hype
@Wondobar
@Wondobar 3 роки тому
Can you link it please?
@ihavekalashnikovyoudomath9275
@ihavekalashnikovyoudomath9275 4 роки тому
Watching these videos, I REALLY wanna see a heist movie that is so painfully accurate, it could be used as a how to guide.
@Kamaropoulos
@Kamaropoulos 4 роки тому
This guy's glasses make him look like a cartoon.
@ddtrjared2596
@ddtrjared2596 4 роки тому
I was gonna say looks like a snap chat filter
@maybeso1547
@maybeso1547 4 роки тому
For me it was the painted on beard.
@eddiegrathwohl624
@eddiegrathwohl624 4 роки тому
Not gonna lie. I like this video just for the ad. I don't know anything about that specific company but i have always wanted that type of business to exist. Great video still.
@dannyvizor3403
@dannyvizor3403 4 роки тому
I love the way Jason shakes people's hands to make sure they can't have too tight a grip
@connorohoare7470
@connorohoare7470 4 роки тому
The guy talking about the technology looks like his glasses are put on with cgi on his close up
@cherryfan0016
@cherryfan0016 4 роки тому
I’m SOOO glad I’m not the ONLY person who noticed that!!!
@adipuppi
@adipuppi 4 роки тому
bruh
@ActionJackson321
@ActionJackson321 4 роки тому
*NEXT EPISODE:* Bi-fold prison wallet.
@takeaim420
@takeaim420 2 роки тому
Stoked to see Deviant on here!!
@BobShacklock
@BobShacklock 4 роки тому
Thanks, we have these readers all over our work and now I want to go pop one open!
@jwayneair
@jwayneair 2 роки тому
It’s so easy, it’s anticlimactic af.
@chroniclesofbap6170
@chroniclesofbap6170 3 роки тому
I can'thelp seeing his glasses as a post-production special-effect
@YouTubeWatcher9000
@YouTubeWatcher9000 4 роки тому
You should do a video of the best rogues throughout history
@rodriquh
@rodriquh 4 роки тому
This video is amazing. I had no idea 💡 it was that easy. $2 and a taco 🌮! Best line!
@michaelbrint7124
@michaelbrint7124 4 роки тому
Quite the interesting line of thought for the everyday experience.. very informative, thank you.
@MAYHEMSCO
@MAYHEMSCO 3 роки тому
BRO I KNEW IT WAS BRIAN FROM SCAMSCHOOL!!! His voice is so unique. I was like wait a second....where's his Pointy mohawk
@copuis
@copuis 4 роки тому
that moment brian kinda learns that US banking tech (chip and pin, and RFID in debit cards) is 20 years behind the rest of the world
@mrkiky
@mrkiky 4 роки тому
Seemed weird to me when he said "a couple of years ago" since I remember I had paywave visa cards 7 years ago in my backasswards country.
@iMadrid11
@iMadrid11 4 роки тому
It wasn’t a long time ago Visa & Mastercard actually stopped The Mythbusters from releasing the RFID episode.
@NZSpides
@NZSpides 4 роки тому
The US was actually first to get Apple Pay, which is leaps and bounds ahead of Chip an PIN (I finally have it where I live and use it wherever I get the oppertunity). Yes mag stripe is a joke, it's like he said, you may as well have your bank account written on a bit of paper. The banks here moved from MIFARE Classic (compromised 9 years ago) to MIFARE Plus (a bandaid patch to the Classic technology) a couple of year ago, better, but nothing compaired to Apple Pay and Google Wallet. Banks suck at security.
@copuis
@copuis 4 роки тому
@@NZSpides again, US BANKING is 20 years behind (like it is a real thing) a branded (in this case apple) solution does not somehow make it a leap forward all the tech was already there (so much so, that apply talked to companies, and worked with them in bringing banking tech (again, already in use, and for many many many years before hand) into a form that made it easier the tech apple uses is 20+ years (in the sense of what is making the payment) face ID, or fingerprint, or pin, thats what you enter into the phone (the phone at that point is handling security, so the payment device, that is really the only difference, and again, isn't new)
@NZSpides
@NZSpides 4 роки тому
Jeremy Sims I was referring to the point that every transaction with your account is unique. The actual technology after that hasn’t changed in years. Banks use insurance to cover the fraudulent transaction which helps them but screws the user that has to go change all their account info for payment sites.
@terminatordoink
@terminatordoink 3 роки тому
Thanks for asking the right question. But please never ever interrupt them
@flyingturtle140
@flyingturtle140 4 роки тому
So I just discovered deviant ollam yesterday and was continuing my binge when I saw this vid
@jwayneair
@jwayneair 2 роки тому
Yes. He is a gateway ‘drug’ into infocrack.
@AndrevusWhitetail
@AndrevusWhitetail 4 роки тому
"couple bucks" Try 10 for 1 dollar depending on the type. (Like the NTAG RFID tokens you can use to make Nintendo Amiibo's at home.)
@GIJew
@GIJew 2 роки тому
When you buy cards in bulk it makes out or less than $1/piece. Cards made by HID are a bit more expensive.
@TheUnnatural93
@TheUnnatural93 4 роки тому
The most mind blowing part of this video was the $5 ESP chip being sold at a $80 price tag.
@CWGminer
@CWGminer 4 роки тому
The ESP key that they use is the ESP chip loaded with custom firmware and additional hardware that automatically strips the wires when you press them into the slots on the chip. I'm not saying it's not pricey, but they're not just reselling it for a $75 markup.
@tzimiscelord8483
@tzimiscelord8483 2 роки тому
Its more like their selling their code for 75$ and the chip for convenience
@TheAkashicTraveller
@TheAkashicTraveller 4 роки тому
Do any of these RFID tag have two way communication? That way you could have the door controller send a random number have the tag sign it with it's private key and send it back. Much much harder to break or skim.
@JamiePineappleWyatt
@JamiePineappleWyatt 4 роки тому
In Australia JayCar sells an RFID cloning "educational kit" that was capable of so much more than just RFID for just $30AUD and that's in a local store. It's very close to performing most of the features of the more expensive unit displayed here
@Dr.Jiggles
@Dr.Jiggles 4 роки тому
"fear not my paranoid and ignorant juggalos; she is not a scientist"
@jameswalker199
@jameswalker199 4 роки тому
I love how the WiFi network from the creds skimmer is called "Eve's Android". It looks inconspicuous because a random hotspot could be on, and its called "Eve" as in "Eavesdroper".
@RuneInternational
@RuneInternational 4 роки тому
Good to see Deviant use the same great Wera screwdriver I carry in my work belt, for nearly all lock related jobs.
@bbq1423
@bbq1423 4 роки тому
This is legit just what I was going to search for when opening the UKposts app.
@TheHAPISBoyo
@TheHAPISBoyo 4 роки тому
Now i know how to get into the principals office
@prodbydramatic
@prodbydramatic 4 роки тому
knowing is a fraction of the goal. Its like me sayin I know how to shoot like Micheal Jordan. or I could be like Kobe and Study and apply and be a legend 5X Champ #RipKobe24
@Nckolas20
@Nckolas20 3 роки тому
If I had this I would clone garage key cards in my city for free parking
@idHawk
@idHawk 4 роки тому
thanks for including IDR in the conversion :D
@freddynajar1321
@freddynajar1321 4 роки тому
Nice demonstration, very educational and clear.
@justjulian7503
@justjulian7503 4 роки тому
I understand Brian is very excited about this stuff but he keep interrupting my man trying to explain how this tech works.
@ishaantrivedi9968
@ishaantrivedi9968 4 роки тому
Never been here this early.... Wassup notification squad
@theduck-kduk1945
@theduck-kduk1945 4 роки тому
Excellent! Very informative for the inquisitive mind. Thank you
@Zendail
@Zendail 4 роки тому
Yay more Devi, keep em coming :)
@richardpowell4281
@richardpowell4281 4 роки тому
Next stop Area 51 underground Bunker complex from Independence Day where they store the bodies and the spacecraft
@AflacMan13
@AflacMan13 4 роки тому
How to stop a card cloner from cloning your card: 1) Get something to block the RFID. (passive) 2) Card Companies... install a momentary on/switch into the card. (active) - Literally just a pressable microswitch, something like a flat indent you press your finger into, that closes the circuit in the RFID circuit in the card, and BAM, allows the RFID circuit to function.
@mrkiky
@mrkiky 4 роки тому
They could still clone it if they pressed that switch though, or if they hid their reader somewhere near the legit reader. The encrypted way is better because it allows the public to use their cards in the same way, and it makes them pretty much unspoofable.
@criticallook1352
@criticallook1352 4 роки тому
+Daniel Nunya Bidnezz Best way to stop a card cloner from cloning your card is to *USE CASH.* :
@birdfacemd
@birdfacemd 2 роки тому
Always happy to see my boy Deviant
@CollinWillson
@CollinWillson 4 роки тому
The best combination of UKpostsrs I've ever seen
@jimmy8469
@jimmy8469 4 роки тому
When you come to the modern rogue for their humor and possibly to learn a new skill... But leave scared shitless Thanks Jason and Brian :)
@GreyHulk2156
@GreyHulk2156 4 роки тому
Am I the only one who thinks "Dr. Venture"?
@daled4191
@daled4191 4 роки тому
Omg yes!
@cyberneticwarmachine
@cyberneticwarmachine 4 роки тому
Couple years ago, the Dutch transit system used RFID card for opening gates/ credit. But with some cheap read/writer u could add "money" and travel for free.
@format6
@format6 2 роки тому
Interesting. I really appreciate you showing pricing in NZD, thanks!
@kicksledkid
@kicksledkid 4 роки тому
I still can't believe the US is so far behind on contactless payments. We've had tap for the longest time here in Canada.
@GameCyborgCh
@GameCyborgCh 4 роки тому
you think the US is far behind? then come to germany.
@andyk2594
@andyk2594 4 роки тому
@@GameCyborgCh try austria, people get angry when you try and talk them into using cards instead of cash. EU is trying to remove 1 and 2 (euro-)cent coins since they are basically worthless... some people here are VERY opinionated on that idea
@AG.Floats
@AG.Floats 4 роки тому
It doesn't affect you. Not sure why people always care so much what the U.S does.
@GameCyborgCh
@GameCyborgCh 4 роки тому
@@andyk2594 1 and 2 cent coins are actually less than worthless, they cost more to make than they are worth
@kicksledkid
@kicksledkid 4 роки тому
@@andyk2594 I didn't say it effected me, just that I was surprised. Plus, I'm Canadian so it impossible not to deal with the US in some way.
@landonlewis5918
@landonlewis5918 4 роки тому
The bald guy’s glasses look like they are a cartoon.
@Wolftrakker24
@Wolftrakker24 4 роки тому
Sounds awesome! Great guys!
@brucemartin8435
@brucemartin8435 4 роки тому
This cool as I work for a company that does dispensing cabinets for industrial supplies and the information can come in handy!
@rcblitzfpv8346
@rcblitzfpv8346 4 роки тому
Last few vids have made me a billionaire Cheers guys LMAO
@pyille
@pyille 4 роки тому
I love how they say that a esp8266 costs $80. It's like a 2 dollar device.
@5ch4um1
@5ch4um1 4 роки тому
0,74 € on aliexpress... maybe he wanted to say "80 cents" instead of "80 bucks"? but this thing looks like a really nice toy for all sorts of projects, didn't know that this stuff got THAT cheap, definitely on my wishlist now!
@adam_g.
@adam_g. 4 роки тому
Deviant Ollam videos are the best!
@tww1981
@tww1981 2 роки тому
What about combonation locks ! What do you do if you forget the combination !!
@CanadianSpaceGoose
@CanadianSpaceGoose 4 роки тому
It's no longer surprising how easy it is to do this kind of stuff.
@milhousevanhoutan9235
@milhousevanhoutan9235 4 роки тому
So... I know of BSL3 laboratories that use rfid tech for access and they're working with anthrax....... Being afraid is the appropriate reaction. Also "look like you belong" is the best advice for pen testing.
@DavidMulderOne
@DavidMulderOne 4 роки тому
Didn't watch the entire video yet, but RFID is a pretty generic term and a lot of RFID systems (such as the one on payment cards) can literally not mathematically be cloned. My knowledge of access control systems is far more limited, but as far as I know some of them are the old 'number on a card' approach, but definitely not all.
@milhousevanhoutan9235
@milhousevanhoutan9235 4 роки тому
@@DavidMulderOne it's the one he says "Oh the light bar? That's" and he names it and says it can be cloned. Honestly though the bigger security measure is all the cameras and the relatively small staff. People know who's supposed to be there and who isn't. Also the on sight 24/7 FBI agent is pretty good too.
@RenzVC
@RenzVC 4 роки тому
love the miles to km conversion popup
@Donald.Archer
@Donald.Archer 4 роки тому
Is it possible to use a rolling code like you can for old garage door / gate remote spoofing? If you have the reader / sender on the laptop process a rolling code instead of just a single code, will that not work?
@emmanuelrodriguez2346
@emmanuelrodriguez2346 4 роки тому
Esp module: $80. Me: I bought them for $5 and are standing there just turning on the lights :O
@CWGminer
@CWGminer 4 роки тому
The ESP chip is $5 but the ESP Key module that they use has the firmware already loaded, and it has special hardware to automatically strip the wires and connect to them when you shove them into the little slots on the chip.
@kaine2416
@kaine2416 4 роки тому
"Magnets are behind 99% of penetrations" -Brian Brushwood (2020, colorized, UKposts)
@losttownstreet3409
@losttownstreet3409 4 роки тому
With a proper smartcard you may implement a full PKI with certification checks on the cards and a crypto-tunnel for every component. It was be done with some goverment ID-Cards for the public. A crypto-RFID-reader with full certification isn't cheap and you should have some security for the goverment issued usage certificates. Nowdays only the police some big companies uses this as it failed in implementation. My bank tested it 4 years for online banking. (Now there are forced implementation for lawyers, doc's and debt collection company).
@Carnerd101
@Carnerd101 4 роки тому
You two 100% need to go to Defcon with these guys!
@mikethompson2745
@mikethompson2745 4 роки тому
Am I the only one who isn't as impressed or shocked by any of this as these guys pretend it is?
@hollywoodhobie
@hollywoodhobie 4 роки тому
Two things. 1) I am a little disappointed Ollam didn't show off the rfid implant he has in his hand. Its like real life freakin magic. 2) RFID is used in a variety of playing cards (specifically casinos and televised poker tournaments) to be able to see what cards players have without having to have a table cam show what cards a player is holding.
@KayhoticGames
@KayhoticGames 4 роки тому
always look forward to a modern rogue video
@ModernRogue
@ModernRogue 4 роки тому
Thanks, man
@larryreese1656
@larryreese1656 3 роки тому
Trying to figure out how to transfer my credentials onto a ring. Extremely helpful. Thanks
Pool Hall Sins and How to Avoid Them
24:55
The Modern Rogue
Переглядів 378 тис.
RFID Locks are way too easy to "Hack"! Let me show you!
11:41
GreatScott!
Переглядів 1,3 млн
12 ЧУДО ГАДЖЕТОВ ДЛЯ ЛЕНТЯЯ И МЕДВЕДЯ ВАЛЕРЫ
11:37
Познаватель
Переглядів 1,9 млн
SATISFYING BALLON CRAFT  🎈| POP A CRYSTAL 😲 #shorts
00:27
One More
Переглядів 31 млн
What You Do and Don't Need in a Physical Security Consulting Toolkit
25:31
Hacking Through the Air | Contactless Payments and NFC
24:14
Sumsub
Переглядів 162 тис.
Getting an RFID Implant
15:44
The Modern Rogue
Переглядів 630 тис.
Why 2.6 Million People Can Push This Button But We Can't
14:46
The Modern Rogue
Переглядів 2,7 млн
How Hackers Steal Card Info, Just by Standing Nearby
11:15
The Modern Rogue
Переглядів 355 тис.
Deviant's Travel Bag Breakdown
32:29
DeviantOllam
Переглядів 46 тис.
Stealing Data Over Open WiFi
15:17
The Modern Rogue
Переглядів 863 тис.
[51] What's in my Covert Entry Bag?
15:49
TheNotSoCivilEngr
Переглядів 87 тис.
14 BANNED GADGETS YOU STILL CAN BUY ON AMAZON
12:17
TechZone
Переглядів 10 млн
Типичная ситуация с МАМОЙ
0:16
Double Bubble
Переглядів 1,5 млн
ЗОЛОТАЯ КНОПКА #shorts
0:24
Паша Осадчий
Переглядів 1,8 млн
Он хотел поплавать с ней
0:38
KINO KAIF
Переглядів 5 млн
Дрон? Так давай зіб‘єм
0:18
Армія TV – Військове телебачення України
Переглядів 70 тис.