Wearable Countermeasures

Unless there’s a bug in the reader’s firmware, no. And even so, you’re only likely to crash it at best, not disable it permanently. The only one I know of is the Halo scanner that can’t handle EM4xxx UIDs with zeros - and that doesn’t kill or crash it: it just fails to report them.

Having said that, you raise an interesting point. It might be worth investigating for one reason: I have a feeling most engineers who coded such firmware probably didn’t expect the card to return malformed datagrams. Or said another way, most readers probably don’t treat data returned by a card as unstrusted input, like they would a regular user input.

So there’s a good chance that you might crash more than a few readers by returning oversized datagrams to cause a buffer overflow, or datagrams containing “impossible” values in key bitfields to trigger division-by-zero errors.

If you’re old enough to remember, there was one infamous such bug in Windows 3.11, 95 and NT: if you sent a very large packet to a Windows computer on port 139, you would crash the entire OS. Back in the days, there was a considerable number of script kiddies having fun crashing computers on IRC chatroom.

I’m willing to bet you probably can use the same trick to crash a good few RFID readers - and possibly lock up a few of them permanently, if they’re silly enough to write that malformed data, or something that derives from it, in flash.

Other devices that might be susceptible to exploits are readers with undocumented features, like special “programming” or “configuration” cards. These devices treat certain cards as “master keys” that unlock certain configuration options, or set certain things. If you manage to identify what makes a card special for such a device, you could possibly set the device in an impossible state, disabling it.

4 Likes

4 posts were merged into an existing topic: The anti-derailment & thread hijacking thread :interrobang:

My hunch is that if you presented the NFC Kill device, which is designed to kill NFC tags, to an NFC reader instead… you would be able to fry a large percentage of NFC readers, probably including some smartphones.

2 Likes

They list readers as being effected by it, it even kill’s wireless power chargers AFAIK

2 Likes

They fry a reader starting at the 2 min mark in this

I’ve been tempted to test it on an old phone.

2 Likes

To answer the question nobody asked (but mostly to follow up on this exchange in the proper thread): chainmail as a Faraday cage doesn’t work to shield LF or HF implants:

4 Likes

I see your chain mail, and raise you a gauntlet :gloves:

1 Like

I kinda want one of those now…
is that plastic or metal and where did you get it?

haha, You called my Bluff. (obviously my joke wasn’t funny)
Sorry to mislead.
I got the image of the interwebs

But if I could choose one “glove”, THIS would be my choice
images (80)

well, i got the joke and thought it was funny, but i really want to find the sauce for that image because i think it would be cool to have.
TO GOOGLE!

well you beat me to that one but look at this one i found:
image
I could stab myself with several more implants with that amount of money, holy shit!

1 Like

Problem solved.
For pennies on the dollar you can make a flexible glove. Just tested it. Works
Pro tip: extra thick aluminum foil

7 Likes

Ooooh rave hands for Defcon!

2 Likes

I have to wonder why this device is legal? It doesn’t sound like it conforms to part 15 of the FCC regulations.

edit: I didn’t check the timestamp on this thread. Sorry for bumping it.

1 Like

No, Thankyou, i think it’s a topic that can still live pretty well. I hadn’t thought about my implants in a place like defcon (oversite i know) as even though i don’t have any plans to fly to defcon i still think about getting a burner phone, leaving as much as possible at home ect.

Was there ever any progress on a method of shielding your implants, if you were to go somewhere sketchy like defcon?

Rfid kill or sniffing etc

A great product exist already!

I am not aware of anything being talked about on here since the first time.

1 Like

I thought the testing showed that didn’t really work

Rosco showed some chain mail socks (because of course chain mail socks instead of shoes)

And he could read thru it no problem

I was just making a joke.

Personally? I feel your best bet is just to maintain distance if you are worried about it.

If someone really wants to walk around frying peoples chips, they will sure try to.