Penetration Testing mailing list archives
Re: Smartcard Security - Suggested Hardware
From: Rogan Dawes <lists () dawes za net>
Date: Thu, 18 Dec 2008 12:24:24 +0200
bin4ry wrote:
The hardware i am looking for shouldn't be the hardware we are researching. I am only looking for a powerful card reader _and_ writer so that we can write specific data to blank smartcards, to see if we can fool the actual reader which is used by the system we are researching. Furthermore it think of severeal other attack vectors: 1. The card itself (maybe we can dump the data, replicate it and break security system. If data is encrypted maybe we can extract a key) 2. The communication (maybe we can sniff the communication between card and reader. I don't really know where to apply to get the communication stream, yet). 3. The reader (Maybe we can manipulate the display, so it displas wrong info. We'll also try to dump the eeprom to see whats going on in there. Another approach would be to setup a serial connection to a pc or to replace the microprocessor with our own, manipulated, on. Cheers
You may want to take a look at something like the hackaday Bus Pirate, which allows you to implement a variety of protocols. Regards, Rogan ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- Smartcard Security - Suggested Hardware bin4ry (Dec 14)
- Re: Smartcard Security - Suggested Hardware Jerome Athias (Dec 15)
- Re: Smartcard Security - Suggested Hardware William Zellars (Dec 16)
- Re: Smartcard Security - Suggested Hardware Matt Neely (Dec 16)
- Re: Smartcard Security - Suggested Hardware Matthew Zimmerman (Dec 16)
- Re: Smartcard Security - Suggested Hardware bin4ry (Dec 18)
- Re: Smartcard Security - Suggested Hardware Rogan Dawes (Dec 18)
- Re: Smartcard Security - Suggested Hardware Ahmad Taha (Dec 18)
- Re: Smartcard Security - Suggested Hardware bin4ry (Dec 18)
- Re: Smartcard Security - Suggested Hardware Jerome Athias (Dec 15)