Skip to main content

RFID credit cards easily hacked with $8 reader

The RFID hacks keep coming fast and furious -- hot the heels of that Mifare / Oyster Card exploit, the crew at BoingBoing TV has posted up a little demo of how easy cracking the RFID encryption on an American Express card can be. All it takes is an $8 dollar reader easily available on eBay, some software, and the courage to walk around with a laptop waving plastic boxes at people's butt pockets, but developer Pablos Holman says he's hoping to develop a newer version that will allow him to be a little more discreet. The root of the problem is apparently the fact that the system uses local decryption rather than sending card info to a secure data center, but either way we've been worried about this for a long time -- we're sticking to loose change and the barter system from now on. Video

Popular posts from this blog

ALFA-­AWUS036H & ALFA-­AWUS050NH INSTALLING/UPDATING DRIVERS RTL8187, r8187, RT2800usb on UBUNTU

NOTE: For surfing Internet with ALFA-AWUS050NH on Ubuntu Jaunty with rt2870sta driver, you must use the Kernel "2.6.28-11-generic #42-Ubuntu", without change or updates the drivers modules. NOTE: The tutorial is not related to Ubuntu karmic. Driver RTL8187/Stacks-­mac80211 (ref. ALFA-­AWUS036h) ­- These drivers, for surfing Internet, are more stable than r8187, and fully compatible with Network-Manager 0.7 installed by default on Ubuntu 9.04. Network-Manager 0.7 installed by default on Ubuntu 9.04. ­- Supports all encryption without problems. (OPEN, WEP and WPA/WPA2) ­- With Compat-Wireless, the "injection" working, but for support “Fragmentation attack” (opt. -5) you need to install one patch. - The RX sensitivity and packets injection is less, related to drivers r8187. Driver r8187/Stacks-ieee80211 (ref. ALFA-AWUS036h) - This driver is recommended for use with the Suite of Aircrack-ng, but not particularly suitable for Internet connections, as less stable and disc...
Post a Comment
Read more

Sniffing SSL traffic using MITM attack / ettercap, fragrouter, webmitm and dnsspoof.

Before reading on this guide is for educational purposes only. I take no responsibility from what people do with this info. First thing is to get fragrouter. I don't know if you can use other tools provided with the backtrack, there are 100 ways to skin a cat and this is just my way. http://packetstormsecurity.nl/UNIX/IDS/nidsbench/fragrouter.html There are lots of things that you can do with fragrouter but we are going to use fragrouter to setup IP forwarding. We do this with this command : Code: fragrouter -B1Squash that window and put it to one side. Now open another shell and we will start dnsspoof with this command Code: dnsspoof -i ath0 (or whatever network interface you are using)Again put that window to one side and lets load up webmitm. Webmitm will issue our ssl cert to the victim so we can decrypt the traffic we capture. Start webmitm by typing Code: webmitm -dNow we can start the arp spoof. To start ettercap type Code: ettercap -T -M arp:remote /router addy/ /victim a...
Post a Comment
Read more

Test New ALFA-AWUS036H v.2 (1.000mW) VS ALFA-AWUS036H v.1 (500mW)

- Recently emerged the New ALFA-AWUS036H v.2 (1.000mW), and these are the tests. TEST WITH NETSTUMBLER 1) usb da 100mW chipset railink 2) usb da 200mW chipset railink rt73 3) intel 2200 b/g con connettore esterno rp-sma 4) Alfa-AWUS036H 500mW 5) New Alfa-AWUS036H V2 da 1.000mW
Post a Comment
Read more