476
edits
Minutes 2025-02-13: Difference between revisions
Added images
No edit summary |
(Added images) |
||
|
# Presentation from Noah on creating MIFARE Classic polyglot cards!
## Brief primer of NFC and RFID[[File:LUG Card Programming Meeting (Whole Table).jpg|thumb|468x468px|Members hanging out around the round table]]
### HID and NXP duopoly
### Many organizations use credentials with broken or nonexistent encryption
#### NXP attempts to sue, fails
### Used in lots of hotels and organizations that don't know any better
## Visual representation of data on a MIFARE Classic card[[File:LUG Card Programming Meeting (Half Table).jpg|thumb|462x462px|Response to being photographed]]
### The '1K' in "MIFARE Classic 1K" is the total space
### There's only 720 bytes of usable space
### Key Diversification Function (KDF)
### Take the (in this case) four-byte UID
### [[File:Logan cutting his card.jpg|thumb|460x460px|Logan cutting his card]]Plug into 'black-box' algorithm
### get keys for that sector
### We don't have the KDF for Schlage, but we can get a 1:1 copy of the data anyway
### Wiegand values are all sequential in most systems
### These are both stupid
## The MIFARE Application Directory (MAD)[[File:Josh programming a card.jpg|thumb|460x460px|Josh programming an ID]]
### Allows formatting the data in the card in special ways
### Designed to allow multi-tenant functionality
### Don't implement spec properly
### IOS is really strict with some aspects, but still doesn't implement it correctly
## What do we do?[[File:Closeup of Josh programming an ID.jpg|thumb|457x457px|Closeup of the ID being programmed]]
### Allegion has our backs
### Schlage readers support a zillion card formats
## They work!
### They even work on iPhones!
# Borrowed Ethan's Flipper Zero to check if the unlabeled stock of cards were gen1 or gen2[[File:Anika's LUG IDs.jpg|thumb|455x455px|Anika showing off the front and back of her two LUG IDs]]
## We ran out of pre-confirmed gen2 tags
## Didn't want to use gen1 tags, so members could rewrite cards with their phones at a later date
# USG Budget Hearing @ 8:20 PM
## Took some quick pictures before leaving at 8:15 (the ones embedded in these minutes)
| |||