Black Hat researcher builds device that lets intruders steal and clone legitimate credentials from biometric and contactless card-based systems
February 22, 2008
WASHINGTON -- BLACK HAT DC -- If you think your biometric or contactless smart card physical access system is safe, think again: A researcher here yesterday demonstrated how easy it is to hack these seemingly secure systems.
Zac Franken, a U.K. researcher, demonstrated a homegrown device called the Gecko, which is made from a Programmable Intelligent Computer (PIC) chip and some circuits. When connected to the wiring of a reader or scanner, it can intercept the user’s authentication entry data, leaving the door wide open for an attacker to clone or steal a user’s entry credentials, he said.
Gecko attacks the Wiegand protocols used by most readers to communicate with the access control systems. “Wiegand [communicates the data] in plain text, so it’s easily intercepted,” Franken said. (And many readers can easily be cracked open by unscrewing their plastic cover plates, he said.)
Franken demonstrated what he called Version 1 of Gecko, which can capture, record, replay, and disable a user’s credentials after they’ve been scanned into the reader. Gecko sits between the scanner and back-end access control system.
In the Gecko demo, a Black Hat volunteer scanned a legitimate access card through the reader, and then fellow researcher Adam Laurie -- acting as the bad guy -- was able to piggyback off of her access code with his own card and gain entry. He was also able to disable her card and enable his. (See Black Hat Researcher Hacks Credit Cards.)
Franken said Version 2 of Gecko will store multiple identities in Flash memory, and Version 3 will include a Bluetooth interface that can fake out biometric scanners that don’t use proximity cards. “Version 3 is ideal for biometric devices,” he said.
Version 4, meanwhile, will come with a GSM interface, Franken said, and would let an attacker open a door remotely.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024