ABUS Secvest Proximity Key Cloning PoC Attack
Автор: SySS Pentest TV
Загружено: 2019-05-02
Просмотров: 6899
Описание:
In this SySS (https://www.syss.de/) proof-of-concept video, SySS IT security expert Matthias Deeg demonstrates a security vulnerability in the ABUS proximity chip key [1] for ABUS Secvest wireless alarm systems [2].
Due to the use of an insecure RFID technology (MIFARE Classic), ABUS proximity chip keys (RFID tokens) of the ABUS Secvest wireless alarm system can easily be cloned, and those cloned RFID tokens can then be used to deactivate the alarm system in an unauthorized way.
SySS GmbH could successfully clone ABUS proximity keys using different freely available off-the-shelf tools like an Android smartphone with the Mifare Classic Tool (MCT) [3] developed by SySS IT security expert Gerhard Klostermeier, a ChameleonMini [4] by Kasper & Oswald, and an RFID/NFC reader/writer [5] ordered via Amazon, and disarm the ABUS wireless alarm system in an unauthorized manner.
You can find further details about this security vulnerability in our SySS security advisory SYSS-2019-005 [6].
[1] Product website for ABUS proximity chip key
https://www.abus.com/eng/Home-Securit...
[2] Product website for ABUS Secvest wireless alarm system
https://www.abus.com/eng/Home-Securit...
[3] MIFARE Classic Tool - MCT
https://play.google.com/store/apps/de...
[4] GitHub repository of ChameleonMini
https://github.com/emsec/ChameleonMini
[5] OBO Hands RFID/NFC Reader/Writer
https://www.amazon.de/dp/B07DHL9XQ4/
[6] SySS Security Advisory SYSS-2019-005
https://www.syss.de/fileadmin/dokumen...
[7] SySS GmbH, SySS Responsible Disclosure Policy
https://www.syss.de/en/news/responsib...
Повторяем попытку...
Доступные форматы для скачивания:
Скачать видео
-
Информация по загрузке: