RFID Hacking in the workplace/school

At my school, we have a very interesting system when it comes to buying lunch.

Instead of the fussier option of having to bring in lunch money in the form of cash everyday to pay for meals and snacks, we all have an RFID card that does two main things

  1. Let us open doors
  2. Act as a debit card for food

So naturally, when I came across a TedX video describing how easy and simple it is to pull off RDIF hacks, I decided to give it a try.

So I looked up RFID scanners. Here was the top result.

rfidscanner.PNG

Slightly pricey. So I looked up cheap RFID scanners.

cheaprfidscanner.PNG

Still not the price range I was looking for. Then it hit me. Isn’t RFID the same thing (basically) as NFC? And doesn’t my phone have NFC?

Well it turns out there are hundreds of RFID scanning applications for Android that you can use to steal anybody’s keys and clone them onto your own.

Here’s how I did it

  1. Go onto eBay and look up “RFID cards” or “RFID tags”. Immediately you are met with hundreds of extremely cheap options. Buy a set that suits your needs.
  2. On android, go to the Google Play Store and find the app called “NFC tag cloner”. It’s the one with the farm animal theme. Install it. An alternative is below.
  3. If you’re on apple, unlucky. You shouldn’t have bought that phone if you want to be a hacker.
  4. Acquire a victim’s RFID card. When you’re using android as a scanner, it’s much easier and makes more sense to actually be holding the card when you scan it, as the phone probably won’t be good enough to grab details just from brushing past somebody.
  5. Open up NFC tag cloner and select “One to one”
  6. Scan the victim’s card (place it upon the back of your phone, lifting away and placing it back again until the phone recognizes it)
  7. Scan one of your blank RFID cards off eBay in the same way

Your blank RFID card should now be written with all of the data on the victim’s card, and should be able to open doors, buy things and perform other actions exactly as the victim’s card does.

Possible Errors

Quite a few things could go wrong while doing this. Here are some of the most common ones.

  1. The Victim’s Card type is not compatible with your phone’s NFC service. There is nothing you can really do with this apart from either get a new phone or just simply buy a cheap low grade RFID scanner off eBay or Amazon.
  2. The Victim’s Card type is not compatible with your RFID scanner app. This is easy to fix if you have time on your hands. Simply start trying all the RFID cloner apps there are out there and see which ones work with your card.
  3. The Victim’s Card is unreadable or unwriteable. This has happened to me multiple times without any explanation. Perhaps look for a victim, or keep trying. Another app might work as well.
  4. The RFID tags you bought don’t work. Use another app such as one in the alternatives list below to find the type of card you are scanning, and try to buy more cards of that type online. NFC Tools Pro (paid on the app store but the apk is free) works best for me when it comes to finding the type of card you want to duplicate.

My favorite alternative

  • NFC Tools Pro
    • Good for
      • Finding type of card you want to duplicate
    • Features
      • Identifying cards
      • Writing to cards
        • Stuff like contacts or a web link
      • Duplicating tags
      • Erasing tags
      • Locking tags (permanent)
      • Reading memory
      • Formatting memory
      • Setting a password to the tag (for writing)
      • Removing passwords
      • Executing advanced commands
    • Disadvantages
      • Obviously doesn’t work with every card
      • Has to be installed via APK instead of just off app store

Thanks for reading!

  -- Monk36
Advertisements

2 thoughts on “RFID Hacking in the workplace/school

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s