collin_mulliner_25c3_attacking_nfc_phones.pdf
New set of tools will be uploaded soon.
Advisory
Nokia 6131 NFC URI Spoofing and DoS Advisory as posted to BugTraq and Full Disclosure
EUSecWest2008 Slides
Here are the slides for my EUSecWest talk Attacking NFC Mobile Phones.
Python NDEF library and tools (also contains scripts that will created spoofing demos used for my talk)
NDEF_Mifare is a small librfid based NDEF reading/writing tool I wrote.
Sample badproxy.py for URL spoofing using the @-trick. Simple Man-in-the-middle proxy that logs all traffic. This is based on cgiproxy by James Marshall.
NFC Phone Tools (only tested on Nokia 6131 NFC)
BtNfcAdapter
-
A small tool that turns your Nokia 6131 NFC into a NDEF reader and writer. The tool uses a Bluetooth link (RFCOMM channel 25) to communicate with the client application (e.g. my Python NDEF library). The tool automatically stores all read NDEF tags for later download via Bluetooth.
BtNfcAdapterRaw
-
Basically the same as BtNfcAdapter but this on is a low level Mifare Classic reader (no writing yet). The tool will make a snapshot of a Mifare Classic tag if
the read key is a known key (e.g. ffffffffffff, a0a1a2a3a4a5, d3f7d3f7d3f7). Reads complete Mifare Classic (inc. sector 0 and sectors trailers of all sectors).
MfStt (Mifare Sector Trailer Tool)
-
This tool gives you access to the Mifare Classic Sector trailer. It shows you the read/write permissions of each block of the sector. You can overwrite the trailer (only do this if you know what you are doing!!!).
Get everything here.
Fotos from various NFC tags I made. Also includes my paper tag collection. geri-m also took some pictures of a NFC SmartPoster in London.
Contact
-
Collin Mulliner collin-nfc
mulliner.org