Penetration Testing mailing list archives

Re: Smartcard Security - Suggested Hardware

From: Ahmad Taha <ahmad.taha () usa net>
Date: Thu, 18 Dec 2008 15:32:45 +0200

You can try one of the smart card programmer used to program smart cardfor scrambled satellite reception, there is one card programmer calledsmartmouse and another one called phoenix which you can build yourselfusing help from the following link for example:

www.osepie.onicom.sk/phoenix/info_d.htm

Or you can buy some more advanced unit like the USB Phoenix smart cardmultiprogrammer, which you can find easily searching the Internet.


I hope this will help.

Regards,
Ahmad Taha Zaki

bin4ry wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The hardware i am looking for shouldn't be the hardware we are
researching. I am only looking for a powerful card reader _and_ writer
so that we can write specific data to blank smartcards, to see if we can
fool the actual reader which is used by the system we are researching.

Furthermore it think of severeal other attack vectors:

1. The card itself (maybe we can dump the data, replicate it and break
security system. If data is encrypted maybe we can extract a key)

2. The communication (maybe we can sniff the communication between card
and reader. I don't really know where to apply to get the communication
stream, yet).

3. The reader (Maybe we can manipulate the display, so it displas wrong
info. We'll also try to dump the eeprom to see whats going on in there.
Another approach would be to setup a serial connection to a pc or to
replace the microprocessor with our own, manipulated, on.


Cheers


Matthew Zimmerman schrieb:

Maybe I'm not grasping the whole picture.  Seems to me that the
hardware you're using should either be the same hardware where you
think the problem is (e.g., that exact product) (hardware error) or
the hardware you're using doesn't really matter (software error).  It
could certainly be something in between, but I would go with hardware
that helps you exploit where you think the issue is in this device.

Matt Z

On Sun, Dec 14, 2008 at 10:46 AM, bin4ry <bin4ry () theknetgroup org> wrote:
Hi together,

at university i am working on a project which tries to identify
vulnerabilities in a smartcard system which consists of the actual
smartcard plus a (pseudo?)level-3 reader (reader has a pinpad plus a
display). This system will be used in major cities and we want to make
people aware of the fact that it is (probably) pretty unsecure.

At the moment we are in the pre-information gathering phase: We are
about to import knowledge about smartcards, used protocols, etc.

Since i want to dump the contents of that smartcard and maybe even
rewrite it to another, empty card i need a smartcard reader/writer.

Does anyone has ever done a pentest on that kind of system? Can somebody
suggest special hardware? I know that the chaos computer club (ccc;
local hacking group) has made its own reader/writer but this one isnt
available any more.

If you could hook me up with any info regarding this theme (books?), i
really much would appreciate it.

Kind regards

- ------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic

Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report

- ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBAgAGBQJJSMjpAAoJELgHfGPPLPuOHkAH/iKqYR/jxOmRqwMOLy/FRigl
+4GfHYfDbYPlOy0lH/o+Ft1fbOrZxM4h1q3J4udBPcPeaK6cuSpCICjaJv+ACDMP
jF1aUsBtQGNiOx5S3DmcFO8eZtGyKDpeTAoeHDoHOSpv1qgqz/UMfyyGstr0ZprH
RkAid9BQCvKDpFrfaw0z8kw943qUG7794C0OqVKU6t8aKuDid9Yu2BEt0lL+4Jwt
K+8mw2hYPxjFejK5AZxiX+IC/GyN9ONDf2oE4Xpb+oK4vRrL3UkbjWf90YpG1eRk
V+NhKTb2ToAVCj+LtqOAWQDZvxgFC7QK6IM4g5tGKF22S6uQ6riMb1olCwOiTD4=
=bmga
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------


.




------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------

Current thread:

Smartcard Security - Suggested Hardware bin4ry (Dec 14)
- Re: Smartcard Security - Suggested Hardware Jerome Athias (Dec 15)
  - Re: Smartcard Security - Suggested Hardware William Zellars (Dec 16)
- Re: Smartcard Security - Suggested Hardware Matt Neely (Dec 16)
- Re: Smartcard Security - Suggested Hardware Matthew Zimmerman (Dec 16)
  - Re: Smartcard Security - Suggested Hardware bin4ry (Dec 18)
    - Re: Smartcard Security - Suggested Hardware Rogan Dawes (Dec 18)
    - Re: Smartcard Security - Suggested Hardware Ahmad Taha (Dec 18)