Proxmark 3 RDV2 Bypasses Millions of Hotel Rooms

Publié par Lab401 Steve le

InfoSec firm F-Secure, as widely reported, have managed to cracked Assa Abloy's Ving Card system using the Proxmark 3 RDV2.

The Proxmark 3 RDV appears to:

  • Read an original hotel card in Stand-Alone mode
  • Determine the Master Key for the Site Installation
  • Use this Master Key to generate a Master Badge for the Site
  • Emulate the badge in Stand Alone Mode.

From the information and videos surfacing in the press, it would appear that F-Secure have cracked the Ving Card encryption algorithm, allowing for unfettered access to any site.

In theory, this attack could be used to:

  • Snatch a card from a hotel patron, and access any room / area
  • Upgrade your own hotel card to an all-access card

A full explanation video can be seen here:

Implementations aside, this is a testament to the Proxmark's flexibility as a device, and its Open-Source framework, easily allowing for security professionals to adapt the device to their own requirements.

Proxmark Ving Card Crack DemonstrationProxmark Ving Card Crack Demonstration

Hotel Room Proxmark Master Card


Partager ce message



← Message plus ancien Message plus récent →


Laisser un commentaire

Veuillez noter que les commentaires doivent être approuvés avant leur publication.

Français