Resurrection
18.03.11, 04:32
http://www.youtube.com/watch?v=gBDVkY9KgtM
This is a demo of an Exploit of a specific vendors Card Key system. The phone does not sniff any card info, it is an app that was created due to a vulnerable design and solution.
--------
CyberSecurityGuy (http://www.cybersecurityguy.com/caribou.html)
Caribou is an Android-based application written by security researcher Ian Robertson as a proof-of-concept demonstration of the incredibly poor security controls in use on widely popular cardkey door control systems.
By providing Caribou only with the IP address of the target cardkey device, a single-button "Unlock" will access the cardkey system, unlock all available doors in sequence, allow 30 seconds for entry, and then re-lock all those same doors. Caribou has the capability of performing a brute-force of any customized security PIN used with the system.
This is a demo of an Exploit of a specific vendors Card Key system. The phone does not sniff any card info, it is an app that was created due to a vulnerable design and solution.
--------
CyberSecurityGuy (http://www.cybersecurityguy.com/caribou.html)
Caribou is an Android-based application written by security researcher Ian Robertson as a proof-of-concept demonstration of the incredibly poor security controls in use on widely popular cardkey door control systems.
By providing Caribou only with the IP address of the target cardkey device, a single-button "Unlock" will access the cardkey system, unlock all available doors in sequence, allow 30 seconds for entry, and then re-lock all those same doors. Caribou has the capability of performing a brute-force of any customized security PIN used with the system.