Radio Frequency Identification & NFC Research with Proxmark3

Name: Radio Frequency Identification & NFC Research with Proxmark3
Rating: 3.9 (22 reviews)

A Masterclass on RFID & NFC Research, with the Proxmark3 Easy, and other RFID capable devices for Security Research

Created byAnton Iagounov

Last updated 8/2022

English

What you'll learn

Radio Frequency Identification history, timeline, and evolution. Difference between Low-Frequency, High-Frequency, Ultra-High Frequency, and NFC RFID.
Basic command line skills, and familiarity with Github repository, linux and/or Windows command line interface (CLI). Downloading, installing, and flashing soft
RFID & NFC Physical Access Control Systems, or PACS, and different tag typology, hardware, readers, and industry application such as U.S. government contracts.
RFID vulnerabilities, encryption, standards, and government guidelines. HackRF, and other RFID capable readers, writers, and tools.

Course content

4 sections • 11 lectures • 1h 50m total length

Introduction, Contents, and About the Instructor9:27
The introduction of our presentation will familiarize students with the instructor, Anton A. Iagounov, and yield insight into the contents of this course and what students can expect from this RFID and NFC learning module.
Radio Frequency Identification and Near Feild Communication History & Timeline17:42
In this lecture, we will discuss the history and timeline of RFID & NFC, and talk more about the origins of RFID technology, and revisit World War II, IBM's Hollerith Census Machine, the first inventors and patent owners of the RFID technology which paved the way to modern times NFC, FDA Approval of RFID for medical devices, and the widely accepted usage of RFID in the government sector, such as the U.S. Department of Defense.
Radio Frequency Identification (RFID) and Near Field Communication (NFC) Facts8:58
This lecture will focus on identifying and distinguishing between the different types of RFID, that is; low-frequency (LF 125kHz-134kHz), high-frequency (HF 13.56MHz), and ultra-high frequency tags (UHF 860-960MHz). We will also discuss Near Field Communication (NFC) tags, which are a sub-domain of high-frequency RFID.
Additionally, students will learn the difference between Active vs. Passive tags, FCC (Federal Communications Commission) regulations, Interoperability, EPC, Gen 1 & Gen 2 (and Gen 2 v2), and different classes of UHF tags.
RFID Industry Standards with the ISO, GS1, IEC7:01
This lecture will continue to focus on industry standards and protocols (ISO, IEC, GS1, NFC Forum), and further explore Near Field Communication (NFC), as well as give a brief recap of early RFID adoption for Physical Access Control Systems.

Government Application of RFID for Access Control (Common Access Card and PIV)14:48
In this lecture we will learn about government adoption of RFID for Physical Access Control Systems. We will also discuss government proximity access cards, such as the Common Access Card (CAC), and the Personal Identity Verification (PIV), Homeland Security Presidential Directive 12 (HSPD-12), The Federal Information Processing Standard 201-3, Propriety Air Interface, ISO 14443 and ISO 7816, multi-factor authentication, and other government industry standards which address uniformity.
RFID Vulnerabilities10:41
This lecture will focus on common RFID Vulnerabilities, such as; Cloning, Decryption, Eavesdropping, Unique ID hijacking, Spoofing, Tag Tampering, Data Capturing and Modification, Phishing, Relay Attacks, and Data Corruption. We'll also discuss major RFID technology contractors, and provide a conceptual model of an RFID attack.

Proxmark3 Command Line Interface with Putty SSH: Exploring LF and HF RFID Tags8:24
This lecture, we dive deep into the Proxmark3 Easy, and explore the different Command Line Interface options for various high-frequency (HF), and low-frequency (LF) tags, such as reading, writing, and cloning tag data. We'll talk about bugs, sub-menus, and other Proxamark3 functionality as an RFID & NFC tool.
RFID Low-Frequency & High-Frequency Commands with Proxmark3 Easy6:35
Here we continue to explore Proxmark3 sub-menus of different tags, and talk more about data input, and tag cross-compatibility.
RFID Tag Parameters: Low-Frequency & High-Frequency Tags13:01
We continue to explore Proxmark3 Easy sub-menu options, and talk more about tag parameters, and use various low-frequency and high-frequency tags as examples.

Other RFID & NFC Devices10:39
This lecture takes us on a journey into other RFID & NFC devices, such as the Keysy, Flipper Zero, and HackRF/GNU Radio, and talk more about tag cloning, recording and relaying signals, and intercepting data/eavesdropping. We'll also explore a smartphone app known as the NFC Tools Pro, and discuss the app's functionality.
Summary3:11
Finally, we arrive at the summary where we will recap our learning experience in this presentation and kind of reinforce what we have learned.

Requirements

Basic commandline skills, and familiarity with github repository, linux and/or Windows commandline. Downloading, installing, and flashing software and firmware.

Description

This course is designed to familiarize students with Radio Frequency Identification (RFID) and Near Field Communication (NFC) technology, historic timeline, RFID industry standards, federal rules and regulations (FCC), the different types of RFID typologies (readers, tags, etc.), differences between RFID vs. NFC, low-frequency (LF), high-frequency (HF), and ultra-high frequency (UHF), and the evolution of RFID from it's inception to our current and modern times. Students will also learn about RFID vulnerabilities, such as cloning, data manipulation, middle-man attacks on RFID systems, and much more.

Additionally, students will learn about the different Command Line Interface (CLI) commands for the Proxmark3, where we'll dive deeper into reading, writing, and cloning RFID tags with Proxmark, and other RFID capable devices, such as the Keysy, Flipper Zero, and HackRF with GNU Radio, where we will explore a conceptual model of signal reading, processing, decrypting and relaying a high-frequency RFID tag, such as the MiFare Classic (ISO 14443). We will also discuss different RFID industry leaders, government contractors, protocols, and independent authorities who set the industry precedent for RFID and NFC.

This course is designed to bring about RFID awareness from a security researcher perspective, and is designed for ethical hackers, cybersecurity researchers, and IT professionals, with an emphasis on signals intelligence.

Who this course is for:

Security researchers and hackers with a particular interest in Radio Frequency Identification and Near Field Communication technology.

Radio Frequency Identification & NFC Research with Proxmark3

What you'll learn

Explore related topics

Course content

Introduction4 lectures • 43min

RFID Tags, Physical Access Control Systems, CAC & PIV, and Vulnerabilities2 lectures • 25min

Proxmark3 Easy RFID & NFC Reader, Writer, & Cloning Device3 lectures • 28min

Other RFID & NFC Devices: Kysy, Flipper Zero, NFC Tools Pro, & HackRF GNU Radio2 lectures • 14min

Requirements

Description

Who this course is for: