RFID/NFC for the Masses

March 16, 2015 (at 9:30 a.m.)

This workshop will provide you with all the tools, materials, and references for further study and research. The workshop covers from the Low Frequency band (mainly used for individual physical access to buildings, garages, hotels, etc.) to the High Frequency band, where NFC is the main term we are going to discuss about.

We will understand which type of access cards can be emulated or even cloned; then we are going to use traditional NFC USB readers, we will compile and execute the famous LibNFC, and play with some special hardware like the Proxmark3 and HydraNFC.

Arduino examples will be shown to deal with both Low and High frequency cards and tokens. We will try to create our own cloner in less than 50 lines of code!

The last part of the workshop will review HID iClass vulnerabilities and focus on NXP Mifare Classic technology and public hacks.

By the end, we will discuss some case studies, practical hacks and lessons learned from working systems the can be found in the wild.

Agenda

What is true about RFID? What is NOT true about RFID? Real Life Examples * Electronic Payments, Physical Access to buildings, Tolls, Passports, Medical Supplies and Equipment Tracking, Clothes, almost everywhere!

RFID Hardware

Operating Frequencies (LF, HF, UHF)

LibNFC

What?
Compatible Devices
Resources
Examples of usage

Proxmark3

What?
Community Forum
Examples of usage
Examples of Emulation & Cloning – Bypassing a Door Lock

HydraNFC

What?

Arduino Playground

Simple UID reader
Simple LF cloner

HID iClass

What?
Practical Applications
Hacks

NXP Mifare

What?
Practical Applications

Mifare Classic

Memory Organization
Access Keys and Bits, Security

Hacks

mfoc, mfcuk, crapto1, reader-only attack
Really Cool Chinese stuff

Use Cases

NFC is everywhere!
Hacking an ISO 15693 (TagIT) real world tag
Shopping, Resources, Dealers, Discounts, etc.

Prior Rquired Skills

No prior RFID / NFC technology knowledge is required. We will start from the very beginning.

It is desirable to have a minimum knowledge of C language – debugging, compiling, and running.

The speaker will conduct all the demos (yup! real hardware) with the help of the audience, so it is not a requirement to bring any laptop or other equipment. However, the attendees are encouraged to bring their laptops and a compiled version of the latest LibNFC toolset or an updated Kali Linux to play with the teacher’s equipment.

Any RFID / NFC card or device is very welcome to share experiences and try some hacks on/with them.

Target Audiance

This class is perfect for information security enthusiasts and professionals, seeking to enter the Radio Frequency Identification + NFC world. Penetration Testers running Physical access engagements will love this intro course.

Level

From Beginners to Intermediate.

Nahuel Grisolía

Nahuel Grisolía is the Founder and CEO of Cinta Infinita, an Information Security company based in Buenos Aires, Argentina.He is specialized in (Web) Application Penetration Testing and Hardware Hacking. He loves playing with Arduino’s, ARM based hardware devices, Tamagotchis, Quadcopters, Lasers, etc. He has delivered trainings and talks in conferences around the world: BugCON (Mexico), H2HC (Brazil), Ekoparty (Argentina), OWASP events (Argentina), TROOPERS (Germany), PHDays (Russia), Ground Zero Summit (India), etc. He has discovered vulnerabilities in software from McAfee, VMWare, Manage Engine, Oracle, Websense, Google, Twitter and also in free software projects like Achievo, Cacti, OSSIM, Dolibarr and osTicket.

More Info at: