🔒

Exploring Proxmark 3 for RFID Security

May 3, 2025

Tradecraft Episode: Physical Layer Security with Proxmark 3 RDV2

Introduction

  • Host: Troy
  • Focus: Physical security layer
  • Tool: Proxmark 3 RDV2
  • Demonstrations: Sniffing, emulating, and RFID cloning

Proxmark 3 RDV2 Overview

  • Purpose: Designed to read, decode, store, and replay information from low-frequency Pro cards and high-frequency RFID cards.
  • Usage: Widely used in corporate, educational, and government facilities.
  • Features:
    • Portable and covert design
    • Lipo battery for Standalone mode
    • Updated cables and antennas
    • Modular mounting system
    • Included kit: Antennas, protection shells, RFID tag bundle

Modes of Operation

Normal Mode

  • Control through command line client application connected via USB.
  • Capabilities:
    • Reading, writing, cloning
    • Card inspection
    • Waveform protocol analysis
    • Decryption and brute forcing

Standalone Mode

  • Quick reading and emulation of RFID cards.
  • Info stored in memory banks for replay/emulation.
  • Ideal for covert security audits.

Demonstration: Sniff and Replay Attack

  1. Setup:
    • Enter Standalone mode: Hold Proxmark button for 2 seconds.
    • LEDs indicate different modes.
  2. Process:
    • Sniff a valid HF RFID.
    • Proxmark reads and switches to emulation mode automatically.
    • Replay the signal to a card reader.
  3. Notes:
    • Most companies use older low-frequency cards.
    • Reflash Proxmark for low-frequency mode.

Demonstration: Cloning an Access Card

  1. Setup:
    • Connect Proxmark to Raspberry Pi.
    • Download and compile Proxmark source code.
    • Plug in Proxmark and run from USB.
  2. Process:
    • Identify tag ID using LF search command.
    • Copy tag ID onto a backup card using LF m410 write command.
    • Verify clone with LF search command.
  3. Outcome:
    • Exact clone of the original card.

Security Considerations

  1. RFID Blocking Case:
    • Use RFID blocking cases or badge holders.
  2. Update Card Systems:
    • Upgrade to high-frequency RFID with encryption.
  3. Encryption Use:
    • Use encryption to protect high-frequency card systems.
  4. Dual Validation Readers:
    • Implement systems requiring both a badge and a PIN.

Conclusion

  • Sniffing and cloning RFID cards are easy with Proxmark 3 RDV2.
  • Recommendations for enhancing RFID security.
  • Engage with comments on improving RFID access security.
  • Reminder to operate within legal boundaries.

Remember to keep updated on physical security tools and practices to ensure the integrity of access control systems.

Full transcript