Full Disclosure mailing list archives
Re: Sniffing RFID ID's ( Physical Security )
From: "Josh L. Perrymon" <joshuaperrymon () gmail com>
Date: Tue, 27 Jun 2006 15:53:11 +1000
I'm just looking to validate if this is the case. Are most RFID access control cards susceptable to interception? I can see the security features built into something like RFID Credit Cards.. but I'm betting this is not the case with RFID access cards. Obviously, I can't validate this until I get a RFID reader/writer. If this is the case then it's a global problem. Not only for accessing a building illegally-- but this is a form of stealing a users identify. A lot of companies use the backend data from the card readers to trend workers in/out time and areas accessed. blah blah blah. Plus, I'd like to try this on my next on-site hack. JP PacketFocus.com On 6/27/06, mikeiscool <michaelslists () gmail com> wrote:
On 6/27/06, Josh L. Perrymon <joshuaperrymon () gmail com> wrote: > My post was based more on *existing* RFID implementations used for physical > security access cards. > > I know that non-contact cards such as RFID Credit Cards use encryption so > on... But are still vulnerable to non-authorized transactions.. I'm mean.. > there is no green button you push to authorize the transaction. > > But I just don't believe that the RFID access-card I use to access client > premeises use any type of encryption or only communicate with specific > readers. > > IF* this is the case then an attacker should have no problems powering the > card and making a "copy" of the contents. so what's your question then? how your card works? or how to make it secure? > JP > PacketFocus > > www.packetfocus.com > josh.perrymon () packetfocus com -- mic CMLRA, Mirios
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Sniffing RFID ID's ( Physical Security ) Josh L. Perrymon (Jun 26)
- Re: Sniffing RFID ID's ( Physical Security ) mikeiscool (Jun 26)
- Re: Sniffing RFID ID's ( Physical Security ) Valdis . Kletnieks (Jun 26)
- Re: Sniffing RFID ID's ( Physical Security ) mikeiscool (Jun 26)
- Re: Sniffing RFID ID's ( Physical Security ) Josh L. Perrymon (Jun 26)
- Re: Sniffing RFID ID's ( Physical Security ) mikeiscool (Jun 26)
- Re: Sniffing RFID ID's ( Physical Security ) Josh L. Perrymon (Jun 26)
- Re: Sniffing RFID ID's ( Physical Security ) Andre Gagne (Jun 27)
- Re: Sniffing RFID ID's ( Physical Security ) Hugo Fortier (Jun 27)
- Re: Sniffing RFID ID's ( Physical Security ) Valdis . Kletnieks (Jun 26)
- Re: Sniffing RFID ID's ( Physical Security ) mikeiscool (Jun 26)
- Re: Sniffing RFID ID's ( Physical Security ) Josh L. Perrymon (Jun 27)
- Re: Sniffing RFID ID's ( Physical Security ) Meder Kydyraliev (Jun 27)
- Re: Sniffing RFID ID's ( Physical Security ) Gary E. Miller (Jun 27)
- Re: Sniffing RFID ID's ( Physical Security ) Josh L. Perrymon (Jun 27)
- Re: Sniffing RFID ID's ( Physical Security ) Gary E. Miller (Jun 27)