Slashdot Mirror

← Back to Stories (view on slashdot.org)

Long Range RFID Hacking Tool To Be Released At Black Hat

Posted by Unknown on from the arduino-powered-passport-collector dept.

msm1267 writes "Next week at the Black Hat Briefings in Las Vegas, a security researcher will release a modified RFID reader that can capture data from 125KHz low frequency RFID badges from up to three feet away. Previous RFID hacking tools must be within centimeters of a victim to work properly; this tool would allow an attacker or pen-tester to store the device inside a backpack and it would silently grab card data from anyone walking close enough to it.The researcher said the tool will be the difference between a practical and impractical attack, and that he's had 100 percent success rates in testing the device. Schematics and code will be released at Black Hat as well." Plus it's built using an Arduino.

15 of 73 comments (clear)

  1. Three feet away... by K.+S.+Kyosuke · · Score: 4, Funny

    ...as in, almost though not quite enough to reach into an American's personal bubble, but totally workable in Japan.

    --
    Ezekiel 23:20
    1. Re:Three feet away... by intermodal · · Score: 5, Insightful

      Until you put the Americans on any form of public transit. Metro, BART, DART, Marta, MARC, SEPTA, you name it. Grab a seat by the door and you're in business.

      --
      In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!
    2. Re:Three feet away... by plover · · Score: 2

      Shielding options? Sure, they're pretty cheap and easy. My passport has a shield built into the cover. It has to be opened to be read. And my passport card came with a foil sleeve that shields it. You can also buy RF shielding wallets in many places.

      But look at the people. People don't carry shields today because then their cards don't easily work at the readers. Watch people using the readers today, and you'll see. They like to wave their purse or wallet at the reader and walk on by. It's hardly a convenience if they have to stop, open their purse, pull out their wallet, take the card from the shield, and wave it over the reader, then put the card back in the wallet, and put the wallet back in the purse.

      Another thing to consider is that lots of the companies around here integrate the RFID chip into their employee badges, which they have to have visible when walking around in their buildings. Half the people eating lunch at the various restaurants around town are wearing exposed name-tag/RFID-badges. If you hide a reader inside a McDonalds waste bin you'll get a hundred cards a day.

      The last thing is that if the attacker places the device near enough to the reader, (a flower pot next to the door, perhaps) people will be extracting their cards in the vicinity to legitimately gain access. This will give the attacker a window of opportunity to clone the card.

      --
      John
    3. Re:Three feet away... by realityimpaired · · Score: 4, Funny

      Burn lots of calories carrying around the extra weight, too...

      Hmm. I like your ideas and wish to subscribe to your newsletter.

    4. Re:Three feet away... by Em+Adespoton · · Score: 3, Interesting

      At last year's BlackHat, a foil gum wrapper on one side of the badge was enough to block transmission.

      If this more powerful emitter will somehow get past that, I recommend someone use this technology for beefing up regular readers; not to 3 feet, but at least to get the readers working reliably at 1".

      An even better reader design would be to have a cage around the reader that shields the card from most directions when it is presented.

    5. Re:Three feet away... by pixelpusher220 · · Score: 2

      For a Bi-Fold wallet, is some metal mesh or other flexible metallic lattice put in the bill fold enough (so that it acts like a clamshell) ? Or would you likely need a tri-fold wallet type?

      --
      People in cars cause accidents....accidents in cars cause people :-D
    6. Re:Three feet away... by cusco · · Score: 2

      Baloney. Co-worker left his backpack on the train the other day, he waited until the train turned around and came back and the backpack was still shoved under the seat where he left it.

      --
      "Think about how stupid the average person is. Now, realise that half of them are dumber than that." - George Carlin
    7. Re:Three feet away... by pixelpusher220 · · Score: 2

      There's a big difference between a backpack left next to a wall on an open floor near a door and one stuffed under a seat in a small space with confined viewing angles.

      Not to say the former would be noticed, but it's a lot more likely. It's much more probable that nobody actually noticed your friends bag, rather than noticed it and ignored it.

      --
      People in cars cause accidents....accidents in cars cause people :-D
  2. Re:Long range by SJHillman · · Score: 2

    "Long" is a relative term. When going from a few centimeters to a meter, that's a an increase of 20 or thirty times.
    A rifle is long range compared to a pistol. A mortar is long range compared to a rifle. A cruise missile is long range compared to a mortar.

  3. Re:Woo-hoo 3 feet!!! by Umuri · · Score: 4, Informative

    You do realize the difference between low frequency and high frequency RFID right?
    Allow me to answer in Haiku:

    What you found yells loud,
    while this new device can hear,
    barely a whisper

    --
    You never realize how much manually made unmanaged "linked" lists suck, till you have src.link.link.link.link...
  4. Re:Woo-hoo 3 feet!!! by SJHillman · · Score: 3, Informative

    I believe it has to do with frequency. He's looking at the 125KHz range, which Wikipedia lists a range of about 10cm. The link you posted is for 860-928MHz, which Wikipedia lists as having a rnage of up to 12 meters.

    http://en.wikipedia.org/wiki/Radio-frequency_identification#Frequencies

  5. Re:RIFD Proof Wallets? by SJHillman · · Score: 2

    I don't think you want an RFID-proof wallet so much as a radio frequency blocking wallet. An RFID-proof wallet would just be silly, because then where would you keep your RFIDs?

  6. This is already in the wild... by Phixxr · · Score: 2

    According to a relative of mine in law enforcement this attack is already in play in several major cities. Generally targeting Apple stores as the cards that are collected are more-likely to have higher limits and available balances. The CC thief generally stands at the entrance to the store with a backpack, and is automatically uploading card details to a central host. Those details are then written to blank cards and used in Casinos in Las Vegas within a matter of hours.

    --
    ungggghhhh
  7. Re:May I recommend... by plover · · Score: 2

    You can tell an RFID enabled card pretty easily. It's not kept secret. Your first clue should be the printing of the distinctive "radiating four parenthesis" logo that advertises "RFID within".

    Second, if you have a card that you might suspect has RFID in it, but you're not sure, look carefully at the surface of the card, particularly the reflections of light on the smooth surfaces. If the card has an embedded chip, it's often visible as a small (5mm, 3/16") squarish dimple, either on the back or the front of the card. Sometimes the dimple is parallel to the edges of the card, but some HID cards have the chip set at a 45 degree angle in a corner of the card. HID cards also commonly have their ID number printed along an edge with a dot matrix printer.

    Usually, though, it's not a mystery. The banks or the issuers put the RFID chip in the card because they intend for you to use it, not because they like to spend money on secret chips you won't use.

    --
    John
  8. This is awesome by zero0ne · · Score: 2

    125KHz is the same freq. that they use in the little rfid pills they inject to your pets...

    I'd love to be able to track / control my pets around the house with this

    - Sick cat? only give it access to one of the litter boxes.
    - Cat with different dietary requirements? Give them each their own bowl that are 5+ feet away from each other and have it with a door / retractable cover.
    - Outdoor cat? Have the cat door unlock when it gets close to it, but only for that one cat.