YouTube home Comedy Week on YouTube
Upload

Mifare Hack

DigitalSecurityRUN DigitalSecurityRUN·3 videos
45
242,510
Like     Dislike 13

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to like DigitalSecurityRUN's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to dislike DigitalSecurityRUN's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to add DigitalSecurityRUN's video to your playlist.

Uploaded on Mar 12, 2008

Security flaw in Mifare Classic RFID applications exposed. See http://www.ru.nl/ds/research/rfid/ for more information, including the paper "Dismantling MIFARE Classic" with all details.

Ratings have been disabled for this video.
Rating is available when the video has been rented.
This feature is not available right now. Please try again later.

Uploader Comments (DigitalSecurityRUN)

  • djbanizza

    djbanizza 4 years ago

    Is this the MIFARE Classic version? What about the DES, 3DES version - is it secure?

    · 2

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate djbanizza's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate djbanizza's comment.
  • DigitalSecurityRUN

    DigitalSecurityRUN 4 years ago

    Yes, this is about the Mifare Classic. We have no information on the DESFire.

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate DigitalSecurityRUN's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate DigitalSecurityRUN's comment.
    in reply to djbanizza (Show the comment)
  • noeglups

    noeglups 4 years ago

    The first part is stupid ! The attacker can't connect data unless there's a card in the field. Reader gets data (from card) only after a succesful request+anticollision+select loop.

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate noeglups's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate noeglups's comment.
  • DigitalSecurityRUN

    DigitalSecurityRUN 4 years ago

    The device that is used in the first part emulates a Mifare card and that is how the data gets collected.

    · 4

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate DigitalSecurityRUN's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate DigitalSecurityRUN's comment.
    in reply to noeglups (Show the comment)

Top Comments

  • The1stPoster

    The1stPoster 4 years ago

    Mr. Garcia would be entering that building about 500 times a day lmfao xD

    · 38

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate The1stPoster's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate The1stPoster's comment.
  • markomnen

    markomnen 1 year ago

    The first part is ok, it can be used to get crypto key, but it is not so easy to read the card just "meeting" the person on the street. You have to be really near the card (few centimeters) and it takes time to read all sectors and blocks, at least 2-3 seconds. Possible but not so easy like it looks in this video.

    · 6

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate markomnen's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate markomnen's comment.
    in reply to noeglups (Show the comment)

Video Responses

All Comments (80)

Sign in now to post a comment!
  • jude9099

    jude9099 2 weeks ago

    It could be real but there is NO way of it being legal.

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate jude9099's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate jude9099's comment.
    in reply to BonesxtoxPaste (Show the comment)
  • SzymekCRX

    SzymekCRX 4 months ago

    Well, it all depends on RX/TX power of the cracker device. Subsequently the victim can be followed with a powerfull scanning device. Definitely doable

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate SzymekCRX's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate SzymekCRX's comment.
    in reply to markomnen (Show the comment)
  • ThePatricio116

    ThePatricio116 1 year ago

    Great, i will never miss a class on collegue ever again.

    If you know what i mean.

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate ThePatricio116's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate ThePatricio116's comment.
  • WAsucksblackducks

    WAsucksblackducks 1 year ago

    Thanks for the tutorial

    · 2

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate WAsucksblackducks's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate WAsucksblackducks's comment.
  • ghaneipour

    ghaneipour 1 year ago

    با سلام

    من این روش را تست کردم . براحتی کلید شناسایی شد.

    با اختراعی که ثبت نمودم توانستم بر آن غلبه کرده و از حک شدن جلوگیری کنم.

    ایرانی ها موفق هستند.

    ما معتقدیم که میتوانیم را به توانستیم تبدیل نمودیم

    ایرانی قهرمان است

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate ghaneipour's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate ghaneipour's comment.
  • jayp28

    jayp28 2 years ago

    guy in the middle looks like mark zuccerberg

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate jayp28's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate jayp28's comment.
  • DeeJayBounce

    DeeJayBounce 2 years ago

    Nice, thanks.

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate DeeJayBounce's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate DeeJayBounce's comment.
    in reply to 1O67 (Show the comment)
  • 1O67

    1O67 2 years ago

    It is called: "Omnikey CardMan 5121 Contact-Less Demo Application Programming" search google for: "contactlessdemovc".

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate 1O67's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate 1O67's comment.
    in reply to DeeJayBounce (Show the comment)
  • BonesxtoxPaste

    BonesxtoxPaste 2 years ago

    Is this shit for real? And legal?

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate BonesxtoxPaste's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate BonesxtoxPaste's comment.
  • Loading comment...
Loading...
Loading...
Working...
Sign in to add this to Watch Later