Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2012-02-12 20:44:26

microterf
Member
Registered: 2012-02-12
Posts: 2

SEcurity of RFID cards.

Hello everyone,

   I am new to this forum, and honestly don't have much of a clue on how RFID cards/readers work, so I'll try to to waste too much of anyone's time, so I'll sum up what I'm doing, and looking for. 

I'm doing a paper on security for my networking capstone class, my topic is how we trust technology for security when maybe we shouldn't.  I found some videos and info on getting infortion from RFID cards (one video used a credit card that a girl had in her hand to steal the information) 

At school we have RFID cards for our student IDs and we can use them to get into certain rooms that have restricted access and I use it to pay for my books and lunches also via readers that they have set up. 

For my presentation I would love to be able to have something that can get my information off the card at a minimum, and if I could "steal" info from my card and be able to put it on a blank card walk out of the room, and use that card to open the door to get back in would be the optimum solution obviously. 

The information I have about my student ID is that it says HID iCLASS DL on the back, and searching for that, I found a manual that seems like it's a 13.56 MHZ card. 

So my questions are:
1. Is it possible to do what i would like to do
2. what equipment do I need.
3. How hard is it to do that for someone with very little knowledge on the subject.

Offline

#2 2012-02-12 21:28:17

0xFFFF
Administrator
From: Vic - Australia
Registered: 2011-05-31
Posts: 632

Re: SEcurity of RFID cards.

Hello microterf,

Welcome to the forum.

I would suggest you focus your talk on Mifare since it will be a lot easier to demonstrate these technical attacks. I should also point out that for whatever reason Mifare seems to be the popular choice for most schools / universities.
HID iCLASS DL cards are a dual technology card. They have a 13.56MHz iClass and 125kHz Prox credential built in to one.
Although you can demonstrate the attack with the student ID you have (both iClass and Prox are broken), the process is a lot more complex and will require an in depth understanding of the technologies (namely iClass).

Answers to your questions:

  1. Yes. But I’d recommend using Mifare for the demonstration.

  2. You will need at least two cards - The original and a blank. Or two blanks

    • A programmer. You can find these on eBay for about $60AUD but I’m not sure how you’ll go with performing the technical attack. It might be easier (but more expensive) to go for the Proxmark. Perhaps someone else here has a cheaper / easier solution?

  3. You need to knuckle down and do a bit of research. Topics to look up (most are available from http://www.proxmark.org/files/index.php).

    • Amplitude Shift Keying.

    • “A Practical Attack on the MIFARE Classic”.

    • ISO14443.

    • Mifare protocol documentation. (Not easy to find)

BTW – I deleted your duplicate post.

Regards,

0xFFFF

Offline

#3 2012-02-13 15:48:37

carl55
Contributor
From: Arizona USA
Registered: 2010-07-04
Posts: 175

Re: SEcurity of RFID cards.

Microterf,
While 0xFFFF is usually correct, I have to disagree with a couple of his statements regarding iclass. I myself have over a hundred iclass cards that are marked as "DG", "DL", and "CL" and none of them are dual technology cards (125Khz & 13.56Mhz). In addition, although Mifare cards are very widely used over in Europe and some other parts of the world their use is a lot more limited here in the United States. Most of the American Universities that I havevisited rely heavily on the use of HID Proximity and HID iClass cards for access control. Since you didn't state where you reside I cannot say what is the most common technology used in your country.
Regarding iClass duplication, it is certainly possible as evidenced by the recent papers that have been written on the subject. A Google search of "iClass hack" or "iClass clone" will reveal some of the information available to help you with your security research paper.
Good Luck.

Offline

#4 2012-02-14 12:04:35

0xFFFF
Administrator
From: Vic - Australia
Registered: 2011-05-31
Posts: 632

Re: SEcurity of RFID cards.

You're right carl55 if you're looking at "DG", "DL", "CL", etc... models only. I don't know why I put "DL". HID cards marked "Px G6L" are an example of HID dual technology cards.

Mifare has been a popular choice for the Universities I have been to.

Offline

#5 2012-10-01 14:41:47

carl55
Contributor
From: Arizona USA
Registered: 2010-07-04
Posts: 175

Re: SEcurity of RFID cards.

I think you misunderstood the above posts. The iClass family of products is "exclusively" based on the 13.56Mhz technology. It was designed and marketed as a more secure replacement for the older 125Khz Proximity technology that HID utilizes for their Prox and ProxII systems. To support an easy migration to iClass HID offers their users an optional dual technology credential that embeds both technologies into a single card. They simply integrate two IDIC transponders and two antennas into the same card. iClass itself is "only" 13.56Mhz.

Offline

Board footer

Powered by FluxBB