git clone --recursive https://github.com/JonZeolla/lab-ProximityAttacks
- Clone the latest revision of the lab-ProximityAttacks repo and automatically bring in the related submodules.
2016-08-11 Steel City Information Security Lab
http://www.meetup.com/Steel-City-InfoSec/events/227075388/
From the top level of the source code repository run:
./setup.sh
From the top level of the source code repository, right click the setup.ps1
file and click "Run with PowerShell". These scripts are not currently signed, so you may need to set Set-ExecutionPolicy
properly.
A VM will be provided for the lab (TODO). Only VMWare hypervisors have been tested with the following configuration.
- Username: prox
- Password: P@ssword
Note: This setup will only handle the RFID stations. Because of Windows licensing and the fact that my MSR605 only works on Windows, I am unable to distribute that as a VM.
-
Install Kali 2016.1 in a VM
-
Login as root, then open a terminal
-
(optional) Take a snapshot
-
Run the following commands:
apt-get -y update && apt-get -y upgrade apt-get -y install open-vm-tools-desktop fuse history -c && gnome-session-quit
-
VM Tools should now be active, allowing you to easily copy and paste into the VM. Login as root again, then open a terminal and run the following commands:
echo -e "# Add additional sbin and bin directories to \$PATH\nexport PATH=\$PATH:\${HOME}/bin:/sbin:/usr/sbin:/usr/local/sbin:/opt/devkitpro/devkitARM/bin/\n\n# Include .bashrc if it exists\nif [ -f "\${HOME}/.bashrc" ]; then\n . "\${HOME}/.bashrc"\nfi\n" > /etc/skel/.bash_profile echo -e "# Kali rolling repos\ndeb http://http.kali.org/kali kali-rolling main contrib non-free\n#deb-src http://http.kali.org/kali kali-rolling main contrib non-free" > /etc/apt/sources.list echo -e "\n\n# Add additional sbin and bin directories to \$PATH\nexport PATH=\$PATH:\${HOME}/bin:/sbin:/usr/sbin:/usr/local/sbin:/opt/devkitpro/devkitARM/bin/\n" >> /etc/skel/.profile echo "pXloRpmKEasnWPCUihcQcx1WeUo9fo2hQJAXh1uoAOQ1ooz3xLUCbPYDItfeULA9zItnZaQqfell0LLBzSuQhxl98dyP8y7DY1hE" > /etc/scis.conf useradd -m -p $(openssl passwd -1 P@ssword) -s /bin/bash -c "SCIS Proximity Attacks User" -G sudo prox history -c && gnome-session-quit
-
Login as prox and rearrange the Favorites shortcuts as appropriate
-
Open a terminal and run the following commands:
sudo systemctl disable rsyslog;sudo systemctl stop rsyslog sudo logrotate -f /etc/logrotate.conf sudo rm -rf /var/log/*1 /var/log/*old /var/log/*gz cd ${HOME}/Desktop git clone -b ProximityAttacks --single-branch --recursive https://github.com/JonZeolla/lab lab/setup.sh exitcode=$? sudo systemctl enable rsyslog rm ~/.bash_history if [[ ${exitcode} == 0 ]]; then history -c && shutdown -P now; fi
-
Create the OVA. On a Mac using VMware Fusion, this looks something like:
cd /Applications/VMware\ Fusion.app/Contents/Library/VMware\ OVF\ Tool/ ./ovftool --acceptAllEulas /path/to/VM.vmx /path/to/VM.ova
If you'd like to update this branch, open a terminal and cd
into the repo (if you are following the lab, this is ${HOME}/Desktop/lab/
) and then run:
git pull
./setup.sh
- It is possible that you will need to first run
git reset --mixed
, depending on if thegit merge
can be successful without manual intervention. Note that running this command will reset your index, but not the working tree. If you don't know what that means, and would like to, read this.
There is no current way to update this branch on a Windows machine.
- https://www.kickstarter.com/projects/rysccorp/proxmark-pro-proxmark3-without-a-pc
- http://news.mit.edu/2016/hack-proof-rfid-chips-0203
- http://shop.riftrecon.com/products/rfidler
- https://github.com/linklayer/BLEKey
- https://store.ryscc.com/products/new-proxmark3-kit
- http://www.bishopfox.com/resources/tools/rfid-hacking/attack-tools/
- http://www.boscloner.com/build-instructions.html
- https://silent-pocket.com/
- http://rfidguardian.org/index.php/Main_Page
- https://github.com/emsec/ChameleonMini
- https://github.com/coldfusion39/VertXploit
- https://github.com/AdamLaurie/RFIDIOt
- https://github.com/ApertureLabsLtd/RFIDler
- https://github.com/Proxmark/proxmark3
- https://github.com/samyk/magspoof
- https://pmwdzvbyvnmwobk5.onion.link/project/freakcard
- https://github.com/brad-anton/proxbrute
- https://github.com/brad-anton/VertX
- https://github.com/exploitagency/github-proxmark3-standalone-lf-emulator
- https://developer.android.com/guide/topics/connectivity/nfc/hce.html
- https://sourceforge.net/projects/nfcproxy/
- http://www.radio-electronics.com/info/wireless/nfc/near-field-communications-modulation-rf-signal-interface.php
- http://docs.lib.purdue.edu/cgi/viewcontent.cgi?article=1033&context=techmasters
- https://www.youtube.com/watch?v=1Xz5HgOL_Gc&list=PLDIb0pk-F3fXXsU90h3WZS9uxyj1rMW0E
- https://www.youtube.com/watch?v=Bttr7fEfxiE (slides)
- https://www.youtube.com/watch?v=seKas8KFcSI
- http://proxclone.com/
- Fork the repository
- Create a feature branch via
git checkout -b feature/description
- Make your changes
- Commit your changes via
git commit -am 'Summarize the changes here'
- Create a new pull request (how-to)