Proxmark 3 RDV2 Bypasses Millions of Hotel Rooms

Pubblicato da Lab401 Steve il

InfoSec firm F-Secure, as widely reported, have managed to cracked Assa Abloy's Ving Card system using the Proxmark 3 RDV2.

The Proxmark 3 RDV appears to:

  • Read an original hotel card in Stand-Alone mode
  • Determine the Master Key for the Site Installation
  • Use this Master Key to generate a Master Badge for the Site
  • Emulate the badge in Stand Alone Mode.

From the information and videos surfacing in the press, it would appear that F-Secure have cracked the Ving Card encryption algorithm, allowing for unfettered access to any site.

In theory, this attack could be used to:

  • Snatch a card from a hotel patron, and access any room / area
  • Upgrade your own hotel card to an all-access card

A full explanation video can be seen here:

Implementations aside, this is a testament to the Proxmark's flexibility as a device, and its Open-Source framework, easily allowing for security professionals to adapt the device to their own requirements.

Proxmark Ving Card Crack DemonstrationProxmark Ving Card Crack Demonstration

Hotel Room Proxmark Master Card

Condividi questo post

← Articolo più vecchio Articolo più recente →

Lascia un commento

Si prega di notare che i commenti sono soggetti ad approvazione prima di essere pubblicati