Jump to content
.Gex.

RFID number printed on card

Recommended Posts

I don't know too much about these RFID cards other than they are pretty easy to clone if you are close enough.

 

But they often have numbers printed on the cards, can anyone tell me what the numbers usually are and if they would be useful to an attacker in anyway?
From what i can tell they can't do much with these numbers and I assume they are generated via a one way algorithm?

Share this post


Link to post
Share on other sites

It has been ages since I worked on RFID but from memory, low frequency cards often just contain short serial numbers and what is printed on the card is what it sends to the reader.

High frequency are smarter, for example MIFARE cards.

Share this post


Link to post
Share on other sites

So basically if you have that number you could just make your own card?

I would have thought the numbers are not the actual code that is sent to the reader but rather the result of the cards code being run through some kind of one way hashing etc.

Share this post


Link to post
Share on other sites

Again, from memory, the number printed on the card is the number it sends over. The assumption is security through obscurity, an attacker would have to see a number and then create a card.

The other attack I've seen here is where a company buys a large amount of cards, much more than they need. They enter the full range into the badge system but then try to recoup some cash by selling some of the remaining cards. If you can get one of those, your number is already in the system.

Share this post


Link to post
Share on other sites
On 3/8/2019 at 10:24 PM, .Gex. said:

So basically if you have that number you could just make your own card?

I would have thought the numbers are not the actual code that is sent to the reader but rather the result of the cards code being run through some kind of one way hashing etc.

I looked into this a while back as well but never got motivated enough to do it or to order a card cloner. I am talking about access cards that is.

Even if I was motivated enough, it's not as simple as just scanning a card and then having its digital fingerprint to use whenever you want. The cards are encrypted and I can't remember how the actual authentication works but the fact that you can't clone modern MIFARE cards suggests that the encryption is not some simple one way hash.

Sure there were some MIFARE encryption vulnerabilities discovered a few years back but not sure how easy it was to exploit them.

I thought this was an interesting article. The guy has no sources to back himself up or even quotes any facts but some of what he says makes sense.

https://www.csoonline.com/article/3199009/why-you-dont-need-an-rfid-blocking-wallet.html

Anyway let us know how you go because I'd be interested to see if there some real-world application.

Share this post


Link to post
Share on other sites

Depends if you are looking at high or low frequency. The high frequency are the MIFARE style with encryption and stuff like that, the low frequency are the basic ones such as the ones used in stock control that only hand over a number.

It isn't a good idea to use the low frequency in badge systems but they often are because they are a lot cheaper.

Share this post


Link to post
Share on other sites
17 minutes ago, digininja said:

Depends if you are looking at high or low frequency. The high frequency are the MIFARE style with encryption and stuff like that, the low frequency are the basic ones such as the ones used in stock control that only hand over a number.

It isn't a good idea to use the low frequency in badge systems but they often are because they are a lot cheaper.

OK I might just have to look into this again. I'll order some readers/writers and let you know how I go 😉

Share this post


Link to post
Share on other sites

My guess would be model # of card to get a replacement of card as there are many variations of cards. High freq. Or low freq. Different brands ect

Share this post


Link to post
Share on other sites

They are supposed to be unique so you don't get replacements, you just get new tags, disable the old ones and enable the new ones.

  • Like 1

Share this post


Link to post
Share on other sites
Posted (edited)

Maybe each one is unique but also when cross refenced linked to a certain card reader. Like a keyway a schlage key will fit a schlage lock but also many other noname brands will to.

Edited by Bigbiz

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...