lukas/smartcardshue2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
smartcardshue2/main.typ

389 lines
20 KiB
Typst
Raw Normal View History

init
2024-12-28 14:34:21 +01:00
#import "@preview/ichigo:0.1.0": config, prob
#import "@preview/algorithmic:0.1.0"
#import algorithmic: algorithm
#import "@preview/fletcher:0.5.1" as fletcher: diagram, node, edge
#import fletcher.shapes: house, hexagon
#import "@preview/linguify:0.4.1": load_ftl_data, linguify
#import "@preview/subpar:0.1.1"
#let blob(pos, label, tint: white, ..args) = node(
pos, align(center, label),
width: 26mm,
fill: tint.lighten(60%),
stroke: 1pt + tint.darken(20%),
corner-radius: 5pt,
..args,
)
#let g(text) = table.cell(
fill: green.lighten(60%),
)[#text]
#show: config.with(
answer second q
2025-01-05 17:32:40 +01:00
course-name: "Smart Cards & NFC
Homework 2: Smart Card Protocols",
init
2024-12-28 14:34:21 +01:00
serial-str: "k12104785",
author-info: [
Lukas Heiligenbrunner
],
author-names: "Lukas Heiligenbrunner",
)
#prob[
What contactless smart cards do you have? Install an NFC card reader application on your phone
and analyze what data they provide about your cards!
For Android, useful applications to analyze your contactless smart cards are, for example,
- NFC TagInfo by NXP by NXP Semiconductors,
- MIFARE Classic Tool by IKARUS Projects (tailored to MIFARE Classic cards; note that brute-
force key mapping using the extended keyset will take a very long time),
- NFC Tools by wakdev (may display misleading/wrong information!),
- NFC Tag Reader by GoNext (mainly useful information about NFC Forum tags),
- my NFC TagInfo app (may no longer be available and does not work on Android 10 and
above),
- or try to find your own favorite app!
Some useful apps for reading specific card types:
- For electronic passports (eMRTD):
- ReadID Me by Inverid creators of ReadID (to read e-passports),
- e-Passport NFC reader by Anton Tananaev,
- For payment cards:
- Credit Card Reader NFC (EMV) by Julien MILLAU (see warning and note below, this app
reveals the data read from a card only after typing the last 4 digits of the card number),
- iso8583.info NFC reader by Aleksandr Shevelev (see warning below, app masks out parts
of the read information with (although full information is read from the card); recent
versions of the app seem to crash when removing the card; otherwise quite useful app),
- NFC Credit Card Reader (EMV) by PaymentWiser (see warning below),
- and there might be other suitable apps specific for your card!
Unfortunately, there is still no (useful) iOS app that can read interesting data from contactless smart
cards (though NFC TagInfo by NXP and NFC Tools are available on App Store). If you dont have
access to an Android device with NFC, you may analyze the screenshots shown at the end of this
document instead.
][
I downloaded the NFC TagInfo app by NXP.
I tried to scan: JKU-student id, e\-card and Mammut membership id.
= JKU\-student id:
#subpar.grid(
figure(image("rsc/jkucard_01.jpg"), caption: []), <a>,
figure(image("rsc/jkucard_02.jpg"), caption: []), <b>,
figure(image("rsc/jkucard_03.jpg"), caption: []), <c>,
figure(image("rsc/jkucard_04.jpg"), caption: []), <d>,
figure(image("rsc/jkucard_05.jpg"), caption: []), <d>,
figure(image("rsc/jkucard_06.jpg"), caption: []), <d>,
figure(image("rsc/jkucard_07.jpg"), caption: []), <d>,
figure(image("rsc/jkucard_08.jpg"), caption: []), <d>,
figure(image("rsc/jkucard_09.jpg"), caption: []), <d>,
figure(image("rsc/jkucard_10.jpg"), caption: []), <d>,
columns: (1fr, 1fr, 1fr, 1fr, 1fr),
caption: [JKU student id],
label: <full>,
)
- Is the card a memory smart card or a processor smart card?
- Memory smart card $arrow$ MIFARE Classic EV1: googled and found out that it is a memory smart card.
- What communication protocols are implemented by the card?
- MIFARE Classic
- ISO/IEC 14443-3 Type A : Initialization and anticollision
- ISO/IEC 14443-2 Type A : Radio frequency power and signal interface
- Does the card “speak” APDUs? I.e. does the communication protocol rely on APDUs to inter-face the card? If not, what else?
- No, it does not speak APDUs.
- MIFARE Classic cards use a proprietary protocol to access memory sectors
- Not like cards that follow the ISO/IEC 7816 standard, which rely on APDUs for communication.
- Does the card contain a file system or only a flat memory structure?
- Yes, the card uses a flat memory structure.
- The memory is organized into 16 sectors, each containing 4 blocks (64 total blocks). This arrangement is a flat memory layout.
- What is the anti-collision identifier of your card? Is it static or randomly-generated?
- The UID of the chip is 74:2F:52:44 and is static.
- The "Re-used" and "Non-Unique" hints that the uid is not randomly generated but built in at fab time.
- What chip does the card contain and who is the manufacturer?
- The card contains a MIFARE Classic EV1 chip by NXP Semiconductors. (IC INFO)
- The detailed IC info is MF1S503xX/V1 available on EXTRA Tab.
- If the card is a processor card, can you find out the operating system? What chip model does the card contain?
- N/A $arrow$ not a processor card
- Can any personal or (potentially) sensitive data be read from the card without authentication?
Try specific apps if the generic reader apps dont reveal any data! Please avoid providing screen-
shots that show actual personal/sensitive data. You dont need to mention the actual data values in your
report, if you dont want to.
- Only the first two secors of the card are used
- In the first sector the uid and some card info is publicly available.
- The second secotor is encrypted and might be used for door unlocking.
- Is there any data that can only be accessed with a secret key? Do you have that key?
- Yes the second block is accessible with a secret key
- I tried to get this key for the JKU card somehow but couldn't find any way to get it.
- What other interesting information can you spot?
- TSMC is the manufacturer
= E-Card
#subpar.grid(
figure(image("rsc/ecard_01.jpg"), caption: []), <a>,
figure(image("rsc/ecard_02.jpg"), caption: []), <b>,
figure(image("rsc/ecard_03.jpg"), caption: []), <c>,
figure(image("rsc/ecard_04.jpg"), caption: []), <d>,
figure(image("rsc/ecard_05.jpg"), caption: []), <d>,
columns: (1fr, 1fr, 1fr, 1fr),
caption: [ECard],
label: <full>,
)
- Is the card a memory smart card or a processor smart card?
- Processor smart card: Since the card supports ISO/IEC 7816-4, which indicates that this card supports command/response queries (ADPUs).
- What communication protocols are implemented by the card?
- ISO/IEC 7816-4 : Organization, security and commands for interchange
- ISO/IEC 14443-3 Type A : Initialization and anticollision
- ISO/IEC 14443-4 Type A : Transmission protocol
- Does the card “speak” APDUs? I.e. does the communication protocol rely on APDUs to inter-face the card? If not, what else?
- Yes, the card speaks APDUs.
- The ISO/IEC 7816-4 standard indicates that the card uses APDUs for communication.
- The android info also reports that extended APDUs are supported.
- Does the card contain a file system or only a flat memory structure?
- The card seems to contain a filesystem
- The extra section reports elements like "Master File," "EF.DIR," and "EF.ATR," which are part of the hierarchical file system structure used in smart cards.
- What is the anti-collision identifier of your card? Is it static or randomly-generated?
- The uid is 08:7D:3A:B3, and it is randomly generated.
- It is explicitly stated "Random ID", so this id is generated after every power-up.
- What chip does the card contain and who is the manufacturer?
- The IC type is unknown, the card reports "Unknown Manufacturer" and "Unknown IC."
- If the card is a processor card, can you find out the operating system? What chip model does the card contain?
- There seems to run an operating system on the card but its hard to figure out which one.
- I couldn't find any hints on further information.
- Can any personal or (potentially) sensitive data be read from the card without authentication?
Try specific apps if the generic reader apps dont reveal any data! Please avoid providing screen-
shots that show actual personal/sensitive data. You dont need to mention the actual data values in your
report, if you dont want to.
- No personal or sensitive data can be read without authentication and I have no way to authenticate to this card.
- Is there any data that can only be accessed with a secret key? Do you have that key?
- Yes there is informations that can only be accessed with a secret key.
- What other interesting information can you spot?
- Multiple DF selection methods are supported.
= Mammut card
#subpar.grid(
figure(image("rsc/mammut_01.jpg"), caption: []), <a>,
figure(image("rsc/mammut_02.jpg"), caption: []), <b>,
figure(image("rsc/mammut_03.jpg"), caption: []), <c>,
figure(image("rsc/mammut_04.jpg"), caption: []), <d>,
columns: (1fr, 1fr, 1fr, 1fr),
caption: [Mammut key card],
label: <full>,
)
- Is the card a memory smart card or a processor smart card?
- Memory smart card $arrow$ MIFARE Ultralight EV1: googled and found out that it is a memory smart card.
- What communication protocols are implemented by the card?
- ISO/IEC 14443-3
- ISO/IEC 14443-2 (Type A)
- Does the card “speak” APDUs? I.e. does the communication protocol rely on APDUs to inter-face the card? If not, what else?
- No, it does not speak APDUs.
- MIFARE Ultralight cards use a simpler command set
- Does the card contain a file system or only a flat memory structure?
- Yes, the card uses a flat memory structure.
- The memory is organized into 12 pages, each containing 4bytes.
- What is the anti-collision identifier of your card? Is it static or randomly-generated?
- The UID of the chip is 04:3C:1F:42:03:74:85 and is static.
- It can be read on the full-scan page at memory content
- What chip does the card contain and who is the manufacturer?
- The card contains a MIFARE Ultralight EV1 (MF0UL11) chip by NXP Semiconductors. (IC INFO)
- The detailed IC Subtype is 17pF available on EXTRA Tab.
- If the card is a processor card, can you find out the operating system? What chip model does the card contain?
- N/A $arrow$ not a processor card
- Can any personal or (potentially) sensitive data be read from the card without authentication?
Try specific apps if the generic reader apps dont reveal any data! Please avoid providing screen-
shots that show actual personal/sensitive data. You dont need to mention the actual data values in your
report, if you dont want to.
- The full memory content is readable without authentication.
- Somehow a user-id must be stored within the card to identify the user.
- Maybe just the card-id is used for this, I can't read from the memory content anything that looks like a user-id.
- Is there any data that can only be accessed with a secret key? Do you have that key?
- Yes the card has a password-protected area for writing as indicated by the locked sections 12 and 13.
- Access to these sections requires a secret key. (maybe a user id is stored there?)
- What other interesting information can you spot?
- The card has no limit on wrong password attempts (which may be a security consideration?)
- Strong load modulation is disabled which may affect signal strength.
- chips signature is verified with NXPs public key.
]
#prob[
The following trace shows the communication between a smart card reader and a smart card. Lines
beginning with R->C are commands (C-APDUs) sent by the terminal. Lines beginning with C->R
are responses (R-APDUs) by the card.
```c
R->C 00A404000E315041592E5359532E444446303100
C->R 6F46840E315041592E5359532E4444463031A5348801055F2D046465656EBF0C275F540B42594C4144454D313030315F5316444530323132303330303030303030303030303030309000
R->C 00B2012C00
C->R 701D611B4F07A0000000031010500B566973612043726564697487010173009000
R->C 00B2022C00
C->R 6A83
R->C 00A4040007A000000003101000
C->R 6F238407A0000000031010A518500B56697361204372656469745F2D086465656E667265739000
R->C 80A8000002830000
C->R 800E5C000801030010010101180103009000
R->C 00B2010C00
C->R 701D57134548180123445500D08072010100000000000F9F1401059F23010A9000
R->C 00B2020C00
C->R 703E8C159F02069F03069F1A0295055F2A029A039C019F37048D178A029F02069F03069F1A0295055F2A029A039C019F37049F080200849F420209789F4401029000
R->C 00B2030C00
C->R 70415F201A524F4C414E442F4D49434841454C2020202020202020202020205F300202019F1F183031303030303030303030303030303030303030303030309F4A01829000
R->C 00B2011400
C->R 70485A0845481801234455005F24030807315F280200405F3401008E1000000000000000005E03410342031F009F0702FF009F0D05F060ACA8009F0E0500100000009F0F05F068BCF8009000
R->C 00B2011C00
C->R 708183908180A1DAB6962BE6908DE93662C091260D6A6E96C893031D59C99FA569A28A34319E756546A889867E047AFF693E8538B8D3FEE7F1ABEF64340CC31830F42D3D3B4D2528174923207DEBA92A9E02ABC23E7B9A62B0F08F6796402F615881B68059BF813A5AD7B7F753519FD873F344648BBCEF244C69E0670638F832BA8B94A24FFE9000
R->C 00B2021C00
C->R 702D8F01019F3201039224E598988DE173C1911BEC0F5F930B423AD7D542CACCC8903F22F87604CCFF5716342A74059000
R->C 00B2031C00
C->R 7081839381801522FB9F3ECE609D716CF1BD92A11335F520333BD5B50B0914735D0E2B0FADC26719BB00C9A252894CC3C7B224A04A45EDB8662D0717A93DD3008DE5F5281B2CD354594D894A0A97374A5A57286714E11BA2BB69F5046D6AC7FCF4814E20AA870E64EB35E7DC31FF7610B1FF771EEF529E4F5BB0EBA95CC82BA5CF22CCBF80FB9000
R->C 0020008008243653FFFFFFFFFF
C->R 63C2
R->C 0020008008248495FFFFFFFFFF
C->R 63C1
R->C 0020008008247742FFFFFFFFFF
C->R 9000
```
Analyze the trace and answer the questions below! Note that you do not need to understand ev-
ery bit and byte. Stick to the inter-industry command set1. Start by analyzing the APDU headers
and trailers (particularly CLA, INS, and SW1-SW2) to match them with commands from the inter-
industry command set. Dont invest too much time to analyze commands of the proprietary class
(i.e. commands not part of the inter-industry command set). Remember that data on smart cards
is often organized in TLV data structures. A good online tool to decode and analyze ASN.1 TLV
encoded data is https://emvlab.org/tlvutils/.
Your analysis should, in particular, answer the following questions:
+ What is going on in the trace? What commands are sent? What data is returned?
+ What files/applications are accessed? Can you determine specific application and file IDs? What are these IDs?
+ What type of card could this be?
+ Is there any potentially privacy-critical data transmitted unencrypted? E.g. personal data, identifying data, account numbers, etc.
+ Is there any potentially security-critical data transmitted unencrypted? E.g. a password or PIN, private keys (of cryptographic key pairs), etc.
+ Could the data extracted from this trace be abused by an attacker who stole that card? Why? Why not?
+ Could the data extracted from this trace be abused by an attacker who does not have physical access to the card? Keep in mind that some online shops only ask for a credit card number (but no verification code) when you pay. Hint: Whats a “PAN”?
answer second q
2025-01-05 17:32:40 +01:00
][
Here is documentation of the instruction set of the ISO/IEC 7816-4 standard:
#figure(
image("rsc/instructionsets.png", width: 50%),
caption: [],
) <instrset>
+ What is going on in the trace? What commands are sent? What data is returned?
In the first instruction, the terminal sends a SELECT (CLA=00, INS=A4) command.
This command selects a file or application on the card.
The card responds with a file control information (FCI) template.
#figure(
image("rsc/selectcmd1.png", width: 50%),
caption: [Response of this command],
)
The response contains an *IBAN* and *BIC* code, so it seems to be some kind of banking card.
In the second instruction (00B2012C00): READ RECORD (CLA=00, INS=B2) a specific record of the card is read (0x012C00).
#figure(
image("rsc/moreinfo1.png", width: 50%),
caption: [Response of record request],
)
So now we know this is a *VisaCredit* card.
THE Application identifier is A0000000031010.
The next instruction (00B2022C00) does basically the same and requests another record.
The card returns an error code (6A83) which means "Record not found".
The next instruction (00A4040007A000000003101000) SELECT (CLA=00, INS=A4) selects the application read in the previous command.
#figure(
image("rsc/selectcmd2.png", width: 50%),
caption: [Response of second SELECT command],
)
It returns similar infos than the command above.
Next the 80A8000002830000 command is sent (GENERATE APPLICATION CRYPTOGRAM (CLA=80, INS=A8)).
This command is responsible for generating dynamic cryptographic data.
#figure(
image("rsc/cryptoresp.png", width: 50%),
caption: [Response of the crypto command],
)
The result seems to contain some cryptographic data, maybe a random key.
Thge next 7 instructions (00B2xxxx) are very similar and read records. (READ RECORD (CLA=00, INS=B2)).
#subpar.grid(
figure(image("rsc/moreinfo2.png"), caption: []),
figure(image("rsc/moreinfo3.png"), caption: []),
figure(image("rsc/moreinfo4.png"), caption: []),
figure(image("rsc/moreinfo5.png"), caption: []),
columns: (1fr, 1fr, 1fr, 1fr),
caption: [],
)
#figure(
image("rsc/moreinfo6.png", width: 100%),
caption: [Response of the crypto command],
)
#figure(
image("rsc/moreinfo7.png", width: 50%),
caption: [Response of the crypto command],
)
#figure(
image("rsc/moreinfo8.png", width: 100%),
caption: [Response of the crypto command],
)
The commands read more informations like *card holder*, *application version*, *application expiration date*.
The next command (0020008008243653FFFFFFFFFF) is VERIFY (CLA=00, INS=20).
This seems to verify a PIN entered in the terminal.
As from the documentation of the standard:
In this group of commands, SW1-SW2 set to '63CX' indicates a successful change of memory state, but after
an internal retry routine; 'X' > '0' encodes the number of retries; 'X' = '0' means that no counter is provided.
This means in our case the command is sent 3 times and and we get three different responses:
- 63C2 -> 2 retries left
- 63C1 -> 1 retry left
- 9000 -> success
This means the pin is entered wrong 2 times the counter to freeze the card was decreased and on the third try the card was unlocked.
+ What files/applications are accessed? Can you determine specific application and file IDs? What are these IDs?
Applications accessed:
- 315041592E5359532E4444463031 -> payment system application
- A0000000031010 -> VisaCredit application
+ What type of card could this be?
This is a VisaCredit card for payments.
+ Is there any potentially privacy-critical data transmitted unencrypted? E.g. personal data, identifying data, account numbers, etc.
Yes, there is several personal data transmitted unencrypted:
- IBAN: 44453032313230333030303030303030303030303030
- BIC: 42594C4144454D31303031
- Card holder name: R O L A N D / M I C H A E L
- Application primary account number: 4548180123445500
- Expiration date:080731
+ Is there any potentially security-critical data transmitted unencrypted? E.g. a password or PIN, private keys (of cryptographic key pairs), etc.
One command that might leak private infos is 80A8.
#figure(
image("rsc/cryptocmdinfo.png", width: 50%),
caption: [Informations about the 80A8 command],
)
This seems to verify the digital signature of the card.
The response might be a cryptographic key which could be used to exploit something?
+ Could the data extracted from this trace be abused by an attacker who stole that card? Why? Why not?
The attacker could use the PAN or expiration date for online transactions.
+ Could the data extracted from this trace be abused by an attacker who does not have physical access to the card? Keep in mind that some online shops only ask for a credit card number (but no verification code) when you pay. Hint: Whats a “PAN”?
PAN is the primary account number and is the number on the front of the card.
Yes, if an attacker has this trace he could:
- Use the PAN and expiration date for online transactions. -> if no verification code is needed
- Use the track data to produce magnetic stripe clones.
- Use the card holder name for social engineering attacks.
]
Reference in New Issue Copy Permalink