Proxmark 3 RDV2 Bypasses Millions of Hotel Rooms

by Lab401 Steve April 26, 2018

InfoSec firm F-Secure, as widely reported, have managed to cracked Assa Abloy's Ving Card system using the Proxmark 3 RDV2.

The Proxmark 3 RDV appears to:

Read an original hotel card in Stand-Alone mode
Determine the Master Key for the Site Installation
Use this Master Key to generate a Master Badge for the Site
Emulate the badge in Stand Alone Mode.

From the information and videos surfacing in the press, it would appear that F-Secure have cracked the Ving Card encryption algorithm, allowing for unfettered access to any site.

In theory, this attack could be used to:

Snatch a card from a hotel patron, and access any room / area
Upgrade your own hotel card to an all-access card

A full explanation video can be seen here:

Implementations aside, this is a testament to the Proxmark's flexibility as a device, and its Open-Source framework, easily allowing for security professionals to adapt the device to their own requirements.

Proxmark 3 RDV2 Bypasses Millions of Hotel Rooms

Related articles

🔐🚀 Black Friday & Cyber Monday: 10% + Free Gifts !

Iceman Unveiled: RFID Hacking, Proxmark, and a Decade of Discovery

LAB401 meet the teen programmer behind chameleonultraGui

What's in your Flipper?