shift or die

security. photography. foobar.

DemoTag works

Cynops recently bought a RFID DemoTag, a device that is made by the IAIK people at TU Graz. Its main use is to be able to copy a Mifare card's »unique« ID. Not having had a reader for Mifare cards, I wasn't able to play with it all week — not until the mrmcd, that is.

Luckily, local and not-so-local RFID hackers where present and willing to play with it — thanks to Collin and starbug. Here are some pictures of us spoofing a Mifare card with ID »DEADBEEF« :-)

Here is the device with two different readers:

This is how it looks on the client — you connect to the device via the serial port and tell it to be the tag with ID x, and you can see the communication between the reader and the tag:

And this is how it looks on the reader side — DEADBEEF received correctly :-)