Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2009-12-11 11:00:39

loko3
Member
Registered: 2009-12-10
Posts: 2

Security Audits - Help selecting hardware

Hello forum,

I am a network security auditor and need to start digging into RFID and security around it. I have a Omnikey 5321 today that
Im sucessfully used together with RFidiot. The problem I have with the reader is that I can not sniff keys between reader and tags, not handle LF cards and not run RFdump, so Im planning to buy some more equipment to fill the gap. I have been thinking to buy:

Proxmark3 (sniff keys, clone cards etc)

OMNIKEY® 5553 Reader Board USB Comfort Multi ISO Plug & Play (to run with rfdump)
http://www.rfid-webshop.com/shop/produc … -Play.html

What reader should I buy for LF cards to be able to read/write and clone cards and do security audits?

Thanks, Im new to this area and have started to read up.

Last edited by loko3 (2009-12-11 11:01:25)

Offline

#2 2009-12-11 14:53:27

edo512
Contributor
Registered: 2008-10-07
Posts: 103

Re: Security Audits - Help selecting hardware

Hi,

  The proxmark3, honestly, is more of a researcher's and developer's tool than a security auditor's tool. Of course it will let you do some basic LF and even HF simulation, but if you want to make an impression on your customers (I suppose this is the point, right?), a good Russian key duplicator will be easier for you to work with, unless you also want to spend time (potentially lots of time) learning about RFID at a low level!

Offline

#3 2009-12-11 15:56:37

loko3
Member
Registered: 2009-12-10
Posts: 2

Re: Security Audits - Help selecting hardware

Thanks Edo,

yes, I want to see if they are using security in their RFID implementation and if it's possible to circumvent it. Where can
I get a Russin RFID duplicator? Are there any other tools you think I should have? The more flaws I can show my customer the more likely he or she will hire me again in the future wink

Last edited by loko3 (2009-12-11 16:08:18)

Offline

#4 2009-12-12 10:12:11

adam@algroup.co.uk
Contributor
From: UK
Registered: 2009-05-01
Posts: 203
Website

Re: Security Audits - Help selecting hardware

Q5 and/or Hitag2 TAGS can be used to emulate a good selection of LF security tags, such as EM4x02(Unique), FDX-B and TRANSIT, and RFIDIOt provides the software tools for these. The Q5 can emulate almost any LF UID-only type device - you just need to use the proxmark to figure out the bit pattern and modulation etc. (see previous thread here for an example: http://www.proxmark.org/forum/topic/314 … at-keys/). The reader/writer you would need is an ACG LF.

Offline

Board footer

Powered by FluxBB