Tools Coming To Def Con For Hacking RFID Access Doors

jfruh writes: Next month's Def Con security conference will feature, among other things, new tools that will help you hack into the RFID readers that secure doors in most office buildings. RFID cards have been built with more safeguards against cloning; these new tools will bypass that protection by simply hacking the readers themselves. ITWorld reports that Francis Brown, a partner at the computer security firm Bishop Fox, says: "...his aim is to make it easier for penetration testers to show how easy it is to clone employee badges, break into buildings and plant network backdoors—without needing an electrical engineering degree to decode the vagaries of near-field communication (NFC) and RFID systems."

Done before

[schitso]

This was done several years ago by another: see here.
The issue is that, even if you have the most secure, multi-factor biometric and smart card reader, it's still more than likely transmitting that data back to the access control panel via Wiegand, which is offers not even the slightest bit of security against interception, replay, etc. OSDP has been around for a while and offers encryption to at least combat this, but, honestly, nobody freaking cares, and the lack of industry adoption of OSDP reflects this. There's a dozen and a half easier ways to get into a building.

Very much not new

[Change]

Take a look back to Zac Franken's talk at Defcon 15 (August 2007), where he introduced the same types of tools: https://www.defcon.org/images/...
tl;dr you clip into the data lines of an RFID card reader and record the (plaintext) transactions, then you can later play them back directly over the same bus so the access control system sees what it thinks is a card read from the reader.
Mitigation? Keep your access control readers behind an RF-transparent barrier (glass works, as long as it's not metallic-particle tinted).