Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#101 2014-12-19 16:47:56

marshmellow
Contributor
From: US
Registered: 2013-06-10
Posts: 2,302

Re: iClass is coming...

I too appreciate your contributions Holiman.

Offline

#102 2015-02-22 19:42:21

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: iClass is coming...

Thanks!

I am now implementing full-sim (I have also implemented decrypt, but you need the hid decryption key which is not checked in with the code). That requires the tag (the ARM) to calculate MAC. I did some quick tests yesterday (was in a bit of a hurry), it took about 2ms for the tag to answer with the MAC - carl55 said it needs to be around ~300us. So the time there needs to be shaved with almost an order of magnitude.

I think there are some easy time savings (such as disabling a wait in there). Also, I implemented loclass without any optimizations - aiming for a pure reference implementation, so there are probably some time which can be saved there, but in order to succeed I believe I need to alter the MAC algorithm and do the 24 zeroes in one go, or something. It's an interesting problem, for sure..

Offline

#103 2015-02-23 00:18:38

carl55
Contributor
From: Arizona USA
Registered: 2010-07-04
Posts: 175

Re: iClass is coming...

Holiman,
The Inside Secure datasheet states that the PicoPass transponder (used in iclass cards) responds to a "SELECT" authentication command with its calculated MAC in 330 microseconds. I had tried (unsuccessfully)a few months ago to build an iclass simulation/spoofer circuit. I couldn't get it to work since my microcontroller took around 3 milliseconds to calculate the MAC which was longer than the iclass reader was willing to wait for the response.

I have since redesigned my circuit to use a CPLD to perform the cipher algorithm which brought my MAC calculation time down to approximately 4 microseconds. My simulation/spoofer circuit now works properly and is able to interract with an iclass reader just like a standard iclass card/fob.

After reading your post above, I decided to run several test cases today with my circuit whereby I varied the authentication response time. My testing indicated that a Revision C R10 iclass reader allowed a response time of up to approximately 2.4 milliseconds before it stopped working.

Bottom Line: If you got the Proxmark3 ARM calculation time down to 2 milliseconds then it looks like that should be acceptable. Nice Work!!

Offline

#104 2015-02-25 22:11:50

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: iClass is coming...

carl55 wrote:

Bottom Line: If you got the Proxmark3 ARM calculation time down to 2 milliseconds then it looks like that should be acceptable. Nice Work!!

That's great! Looks like we'll have full simulation on proxmark then! I'm at a ski resort now, coding a bit in the evenings. I have created an optimized version of the MAC-calculation which runs in about 1/3 of the time compared to the original, and is more easily embeddable. I haven't compared in on ARM, only on my laptop. And I haven't measured the pm3 with a DSO either, that'll have to wait until I'm back at home. The new code is in github/loclass at the moment, not yet implemented in pm3 .

Offline

#105 2015-02-26 21:13:19

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: iClass is coming...

I've now done some measurements on the ARM-side. Purely doing the old MAC calculation before optimizations took 1832 uS per MAC, so 1.8 ms. The optimized version runs in 562 us, so I estimate that we could get a response out  within 700 us at least.

Edit: This has now been committed to github. I haven't tested the simulation with the new code yet, it'll have to wait a few more days.

Last edited by holiman (2015-02-26 21:27:15)

Offline

#106 2015-03-02 01:18:02

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: iClass is coming...

More progress.. After the timing was removed as a potential issue, I had a doh-moment where I realized that I've been using the wrong MAC-calculation. The tag needs to feed an additional 32 zeroes into the cipher - I hadn't done that, trying to use the reader-MAC instead of the tag-MAC.

I added another MAC-calculation function into loclass for that, will commit to proxmark also soon. I also figured that for the tag-mac, I can perform the MAC calculation in two steps, first feeding the cipher with the tag challenge (which I know as soon as we start simulating), then reusing the cipher state and feeding the reader nonce and the 32 zeroes in real time.

On my computer, I get these numbers:

Std: 0.433230
Opt: 0.117461
----
[+] Testing tag MAC
[+] opt tag-mac calc equals tag-mac calc : OK!
[+] 2-step opt tag-mac calc equals tag-mac calc : OK!
1-step tag MAC std = 5aa2af92
1-step tag MAC opt = 5aa2af92
2-step tag MAC opt = 5aa2af92

Std:    0.543462
Opt:    0.142796
2s-Opt: 0.084912

The function which gave ~2ms on ARM was Std (0.43ms on my laptop). It increased to 0.54 ms with the additional zeroes, but the two-step version went down to 0.08ms, so the execution time is down to a fifth of the original.

I'll test the sharp code against a reader tomorrow.

Offline

#107 2015-03-02 10:48:49

iceman
Administrator
Registered: 2013-04-25
Posts: 9,497
Website

Re: iClass is coming...

You are good, Holiman!

Offline

#108 2015-03-02 22:21:54

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: iClass is coming...

Finally...

#./proxmark3 /dev/pm3-1 
proxmark3> hf iclass eload f iclass_tagdump-f3162e00f8ff12e0.bin 
	Mode: Application [Locked]          
	Coding: ISO 14443-2 B/ISO 15693          
	Crypt: Secured page, keys not locked          
	RA: Read access not enabled          
	Mem: 2 KBits ( 32 * 8 bytes)          
	AA1: blocks 6-18          
	AA2: blocks 19-          
Sent 256 bytes of data to device emulator memory          
proxmark3> hf iclass sim 3
#db# Simulating CSN f3162e00f8ff12e0                 
#db# Button pressed                 
#db# Done...        

.... And BEEP goes the reader, flashing the green led.


Committed to master : https://github.com/Proxmark/proxmark3/c … 42ddfe5d79

Offline

#109 2015-03-03 09:19:14

asper
Contributor
Registered: 2008-08-24
Posts: 1,409

Re: iClass is coming...

N.1 !

Offline

#110 2015-03-03 09:56:43

iceman
Administrator
Registered: 2013-04-25
Posts: 9,497
Website

Re: iClass is coming...

übermaster!

Offline

#111 2015-03-03 18:07:08

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: iClass is coming...

Thank you!

Offline

#112 2015-04-01 15:13:47

marshmellow
Contributor
From: US
Registered: 2013-06-10
Posts: 2,302

Re: iClass is coming...

Great work with all the iclass stuff holiman.  thanks.

quick question, when simulating what does "Unknown command from reader (len=4): c 5 de 64 44 44 44 44 44 mean?

that is all i get from one iclass reader when attempting a sim.  if i try a serial number outside xxxxxxxxCxFF12E0 it doesn't respond at all, but with one that matches that mask it gives the above output.

Offline

#113 2015-04-01 16:03:27

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: iClass is coming...

What 'sim' operation are you using ?
The 'unknown command' is a misnomer, it's more like "unhandled command". If you're simming csn, and not fullsim, it will say this when e.g. the reader tries to authenticate or read data.
Here's an excerpt from one of my readings:

     19008 |     19008 | Rdr | 0c  01  fa  22                           |     | READ(1)
     22064 |     22064 | Tag | 12  ff  ff  ff  7f  1f  ff  3c  8c  87   |     |
     22064 |     22064 | Rdr | 0c  02  61  10                           |     | READ(2)
     25120 |     25120 | Tag | fe  ff  ff  ff  ff  ff  ff  ff  55  74   |     |
     25120 |     25120 | Rdr | 0c  03  e8  01                           |     | READ(3)
     28176 |     28176 | Tag | ff  ff  ff  ff  ff  ff  ff  ff  ea  f5   |     |
     28176 |     28176 | Rdr | 0c  04  57  75                           |     | READ(4)
     31232 |     31232 | Tag | ff  ff  ff  ff  ff  ff  ff  ff  ea  f5   |     |
     31232 |     31232 | Rdr | 0c  05  de  64                           |     | READ(5)

What you're seeing is READ(5) (0C: read,  05: block, DE 64: CRC)

Last edited by holiman (2015-04-01 16:05:08)

Offline

#114 2015-04-01 16:06:08

marshmellow
Contributor
From: US
Registered: 2013-06-10
Posts: 2,302

Re: iClass is coming...

Cool. Thanks.  BTW I believe the serial number mask is as I outlined above.

Offline

#115 2015-04-11 16:47:06

joe
Contributor
Registered: 2013-08-15
Posts: 126

Re: iClass is coming...

pentura_prox wrote:

Sneak preview of what I've been working on....

> hf iclass reader 0
#db#      Selected CSN: 90 e9 74 01 f7 ff 12 e0                 
#db# Readcheck on Sector 2                 
#db#      CC: fa f7 ff ff ff ff ff ff                 
#db# Authenticate                 
#db#      CC: c5 8e a4 00                 
#db# Dump Contents                 
#db#      00: xx xx xx xx f7 ff 12 e0                 
#db#      01: 12 ff ff ff e9 7f ff 3c                 
#db#      02: fa f7 ff ff ff ff ff ff                 
#db#      03: ff ff ff ff ff ff ff ff                 
#db#      04: ff ff ff ff ff ff ff ff                 
#db#      05: ff ff ff ff ff ff ff ff                 
#db#      07: d2 5e ea ba ab 2c 7a 93                 
#db#      08: 2a d4 c8 21 1f 99 68 71                 
#db#      09: 2a d4 c8 21 1f 99 68 71                 
#db#      0a: ff ff ff ff ff ff ff ff                 
#db#      0b: ff ff ff ff ff ff ff ff                 
#db#      0c: ff ff ff ff ff ff ff ff                 
#db#      0e: ff ff ff ff ff ff ff ff                 
#db#      0f: ff ff ff ff ff ff ff ff 

Why my output are totally different with..  ?? any one can help. thanks.


proxmark3> hf iclass reader 0
#db# Failed to dump config block                 
Readstatus:16         
CSN: 22 0d 99 01 f9 ff 12 e0           
CC: ff ff ff ff 4d fa ff ff           
#db# Failed to dump config block                 
Waiting for a response from the proxmark...         
Don't forget to cancel its operation first by pressing on the button         
Command execute timeout         
#db# Failed to dump config block                 
#db# Failed to dump config block                 
Waiting for a response from the proxmark...         
Don't forget to cancel its operation first by pressing on the button         
#db# Failed to dump config block                 
Command execute timeout         
#db# Failed to dump config block                 
#db# Trace full                 
Readstatus:00         
Quitting...         
proxmark3>
proxmark3> hf iclass reader 0
Readstatus:0e         
CSN: 22 0d 99 01 f9 ff 12 e0           
CC: 8c 87 ff ff 4d fa ff ff           
  Mode: Application [Locked]         
  Coding: ISO 14443-2 B/ISO 15693         
  Crypt: Secured page, keys not locked         
  RA: Read access not enabled         
  Mem: 2 KBits ( 32 * 8 bytes)         
  AA1: blocks 6-18         
  AA2: blocks 19-         
Waiting for a response from the proxmark...         
Don't forget to cancel its operation first by pressing on the button         
Command execute timeout         
Waiting for a response from the proxmark...         
Don't forget to cancel its operation first by pressing on the button         
Command execute timeout         
Readstatus:00         
Quitting...         
proxmark3>

Offline

#116 2015-04-11 23:48:14

midnitesnake
Contributor
Registered: 2012-05-11
Posts: 151

Re: iClass is coming...

Thats because he cracked the HID Application Key 1 (with a bit of guidance).  The keys are protected by HID Global lawyers.
He hard-coded the key into his code, but removed the key from public postings - to avoid a legal dilemma; but a bunch of us (who have individually cracked the keys) have banded together to clean/enhance the code and ultimately the proxmark3.  Some of us have busy schedules and personal lives at the moment....

The 'heart of darkness' paper from Milosch was used to obtain App Key 1; you need to follow that paper to proceed.  If your googling foo is strong, you can also find the key that way also  tongue

Last edited by midnitesnake (2015-04-11 23:49:08)

Offline

#117 2015-04-12 15:20:35

joe
Contributor
Registered: 2013-08-15
Posts: 126

Re: iClass is coming...

midnitesnake wrote:

Thats because he cracked the HID Application Key 1 (with a bit of guidance).  The keys are protected by HID Global lawyers.
He hard-coded the key into his code, but removed the key from public postings - to avoid a legal dilemma; but a bunch of us (who have individually cracked the keys) have banded together to clean/enhance the code and ultimately the proxmark3.  Some of us have busy schedules and personal lives at the moment....

The 'heart of darkness' paper from Milosch was used to obtain App Key 1; you need to follow that paper to proceed.  If your googling foo is strong, you can also find the key that way also  tongue


You means standard iclass or high security iclass ?? they are few types in the market.

Offline

#118 2015-04-12 15:24:02

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: iClass is coming...

He means standard. For elite, you can attack the reader with pm3. Please read through this thread, and my blogposts and you will get a better understanding

Offline

#119 2015-04-19 11:12:24

Gusto-the-bun
Contributor
Registered: 2015-04-19
Posts: 16

Re: iClass is coming...

I am just starting with proxmark, its so powerful, anyway i do have questions, to read card elite contents, first i have to get mac number by hf iclass sim 2 then get the antenna to get the mac number? I have tried it with omnikey 5321 reader i didnt get mac number what did i do wrong?

Offline

#120 2015-04-19 14:20:54

midnitesnake
Contributor
Registered: 2012-05-11
Posts: 151

Re: iClass is coming...

@Gusto-the-bun: Your going to need the key;  to do this you need to perform the reader attack, via card emulation.  Once you have the key, you can then read your card.

Offline

#121 2015-04-19 14:24:42

Gusto-the-bun
Contributor
Registered: 2015-04-19
Posts: 16

Re: iClass is coming...

Bow do i do that please tell me

Offline

#122 2015-04-19 15:13:20

Gusto-the-bun
Contributor
Registered: 2015-04-19
Posts: 16

Re: iClass is coming...

smile please tell me how to get the key

Offline

#123 2015-04-19 16:33:45

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: iClass is coming...

@gusto:

holiman wrote:

For elite, you can attack the reader with pm3. Please read through this thread, and my blogposts and you will get a better understanding

If std then find global std key. If elite: attack reader.
Edit: saw that it was elite specified in the question

Last edited by holiman (2015-04-19 16:35:30)

Offline

#124 2015-04-19 23:59:05

Gusto-the-bun
Contributor
Registered: 2015-04-19
Posts: 16

Re: iClass is coming...

Bow do i do that please tell me

Offline

#125 2015-04-20 14:24:08

Gusto-the-bun
Contributor
Registered: 2015-04-19
Posts: 16

Re: iClass is coming...

thank you, holiman, I just read the paper on dismantling.iClass and this thread, i get a little more understanding.

Offline

#126 2015-04-22 14:38:13

et4
Contributor
Registered: 2015-04-22
Posts: 12

Re: iClass is coming...

Hey guys,

Firstly wow! Such impressive work here, congrats.

I got myself an pm3 and after some firmware frustrations (damn Windows!) I managed to get the key from a reader and can then obviously decrypt an elite card. I do have a stupid question though - how do I get the data onto another card, in the correct (encrypted) format to appear legit?

Many thanks,
Sam.

Offline

#127 2015-04-22 15:48:13

Gusto-the-bun
Contributor
Registered: 2015-04-19
Posts: 16

Re: iClass is coming...

et4 wrote:

Hey guys,

Firstly wow! Such impressive work here, congrats.

I got myself an pm3 and after some firmware frustrations (damn Windows!) I managed to get the key from a reader and can then obviously decrypt an elite card. I do have a stupid question though - how do I get the data onto another card, in the correct (encrypted) format to appear legit?

Many thanks,
Sam.

How did u do that can u please it with me, I first hf iClass sim 2 then hf iClass loclass f iClass-attack-mac.bin
Then I lost

Offline

#128 2015-04-22 23:52:08

et4
Contributor
Registered: 2015-04-22
Posts: 12

Re: iClass is coming...

This very informative page should help:
http://martin.swende.se/blog/PM3-development.html

Offline

#129 2015-04-23 10:02:46

Gusto-the-bun
Contributor
Registered: 2015-04-19
Posts: 16

Re: iClass is coming...

et4 wrote:

This very informative page should help:
http://martin.swende.se/blog/PM3-development.html

thank you, i think i got to the dump key e, but I think I need the key on the blank card, do you know anything about it?,
gustothebun@gmail.com

Offline

#130 2015-04-23 10:10:45

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: iClass is coming...

It is possible to write to a blank card, but you'll need to use an omnikey for the write operation. See http://www.proxmark.org/forum/viewtopic.php?pid=15616#p15616 .

Offline

#131 2015-04-23 10:14:27

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: iClass is coming...

et4 wrote:

I got myself an pm3 and after some firmware frustrations (damn Windows!) I managed to get the key from a reader and can then obviously decrypt an elite card.

Hm, are you sure? See, there are two things with iclass: authentication is one, encryption another. PM3 attacks authentication, so you get the elite authentication key. Then the data on the tag may or may not be encrypted. There is a HID encryption key 'out there', which is used for iclass standard, but it's definitely not included in the proxmark source code.

I suspect that your elite card is not encrypted, as the one I have wasn't (only the std tags I've seen are). Am I correct?

Offline

#132 2015-04-23 14:42:18

Gusto-the-bun
Contributor
Registered: 2015-04-19
Posts: 16

Re: iClass is coming...

one question holiman, to update the new elite key I need to know the contents on block3 which is the key (master key) on blank non program standard card in order to update to elite k1 right?

Offline

#133 2015-04-23 15:38:13

carl55
Contributor
From: Arizona USA
Registered: 2010-07-04
Posts: 175

Re: iClass is coming...

Yes, you do need to know the value of the key stored in Block 3 before you can change it to use an Elite key.

To be clear ...
The master authentication key is NOT stored on an iclass card. The key that is stored in Block 3 of the iclass card is a key that is "diversified" from the authentication key. The diversified key is then used by both the reader and the card to calculate the message authentication code (MAC) that is exchanged during mutual authentication.
Since the diversified key is calculated using the cards CSN, it is "unique" for each card.
A blank card that comes directly from the factory will have a key that has been diversified using the PicoPass "default" authentication key. 
A preprogrammed card that has been initialized by HID will contain a key that has been diversified using the HID Master authentication key.

Regarding encryption ...
From what I have been able to learn, iclass cards that are purchased as "initialized" (not programmed), have encryption disabled. Cards that are sold pre-programmed (by HID) have encryption enabled. As a result, the cards that are programmed in the field using the HID programmer do not appear to use encryption whereas cards programmed by HID do seem to use encryption.

Offline

#134 2015-04-24 07:56:39

et4
Contributor
Registered: 2015-04-22
Posts: 12

Re: iClass is coming...

holiman wrote:

Hm, are you sure? See, there are two things with iclass: authentication is one, encryption another. PM3 attacks authentication, so you get the elite authentication key. Then the data on the tag may or may not be encrypted. There is a HID encryption key 'out there', which is used for iclass standard, but it's definitely not included in the proxmark source code.

I suspect that your elite card is not encrypted, as the one I have wasn't (only the std tags I've seen are). Am I correct?

I'll double check this afternoon.

Offline

#135 2015-04-24 20:08:37

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: iClass is coming...

Gusto-the-bun wrote:

one question holiman, to update the new elite key I need to know the contents on block3 which is the key (master key) on blank non program standard card in order to update to elite k1 right?

Yes, kind of. If you know the key, you can derive the correct key using the 'dump' command. It will produce output like the following:

CSN: f3 16 2e 00 f8 ff 12 e0 
hash1 = 3e2072474b730421
Pre-fortified 'permuted' HS key that would be needed by an iclass reader to talk to above CSN:
k_sel = dddf56293d6c5897
Pre-fortified key that would be needed by the OmniKey reader to talk to above CSN:
Used key = d961eddeeb1ce6c1
Hash0, a.k.a diversified key, that is computed using Ksel and stored in the card (Block 3):
Div key = e42cd87319895170

So, in this case, 'e42cd87319895170' is what is already stored on block 3. I haven't actually cloned tag to tag myself, as I'm more interested in spoofing using the proxmark. It's very easy to ruin your tag if you don't know what you're doing...

Offline

#136 2015-04-25 09:11:36

et4
Contributor
Registered: 2015-04-22
Posts: 12

Re: iClass is coming...

holiman wrote:

I suspect that your elite card is not encrypted, as the one I have wasn't (only the std tags I've seen are). Am I correct?

It looks like it's not encrypted, with data in locations 6-9.

The legitimate card:

-- deleted by moderator --


A blank card:

-- deleted by moderator --

After this a Proxmark light stays on and I need to remove it, quit, and start again. Fairly consistent in that behaviour.

I wanted to see what would happen if dropping the e:

-- deleted by moderator --

Offline

#137 2015-04-25 09:52:04

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: iClass is coming...

Well, your 'legitimate card' is encrypted. I think encryption starts at block 7, which contains the wiegand data. Is the pm3 unresponsive after the failed read, or can you get a hf iclass list?

Offline

#138 2015-04-25 11:50:26

et4
Contributor
Registered: 2015-04-22
Posts: 12

Re: iClass is coming...

After the hf iclass dump on the legit card the pm3 was responsive. I don't have permanent access to the card so cant try again.

After running the hf iclass dump commands on a blank card (not related at all to the Elite system of the legit card) it starts to get unresponsive.

I'm wondering why you wanted me to put in the auth key when dumping a blank card? The blank cards were purchased online so I'm guessing are either unprogrammed or perhaps iClass standard?

Also, why did you think they are encrypted? Is it because there is nothing in block 3?

Offline

#139 2015-04-25 13:10:53

Robertz
Member
Registered: 2015-04-25
Posts: 3

Re: iClass is coming...

I am a licenced security access control installer.
The data published by user et4 belongs to one of my clients.
The block 07 of the access card that has been published, corresponds to one of the resident in the building.
Whoever you are, you have illegally accessed one of the building card reader. My client has not requested anyone to come and do that...
I also believe that you do not carry the necessary licence for performing such "security activity".
See Part 1, Section 4 of the corresponding legislation.
I took screenshots of your posts and will report this to the NSW Police Force along with CCTV recordings showing you "attacking" a reader.

I am also asking the administrator to kindly remove what the information posted earlier.

Offline

#140 2015-04-25 13:30:44

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: iClass is coming...

@et4, I'll stop answering questions now, unless you can prove that you're legit. And yes, if the dump you posted was a real live system, you did a blunder. However, all you did was expose a custom key, nobody but you know where this system is located. Not really useful info to an attacker, since said attacker can just perform a reader-attack anyway themselves...   

And I doubt that 'attacking' a reader is a crime. Possibly it could be viewed as preparation to commit a crime (intrusion), but I guess that would depend on whether you are a pentester or a burglar... And of course; don't take legal advice from the internet seriously...

Offline

#141 2015-04-25 13:32:27

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: iClass is coming...

and hey, @Robertz was the one who disclosed the country that the system in question is located in smile

Last edited by holiman (2015-04-25 13:32:41)

Offline

#142 2015-04-25 13:42:46

Robertz
Member
Registered: 2015-04-25
Posts: 3

Re: iClass is coming...

holiman wrote:

and hey, @Robertz was the one who disclosed the country that the system in question is located in smile

I just wanted to make sure he knows that I know... This is a pretty big country. This particular High Security key is unique to that building and has never been used anywhere else (I hope so. You never know with HID...)

That is in the Law, you are not authorize to "install, maintain, repair or service, by physical or electronic means: any security equipment". Then if the person had a licence, I guess it is all right. But that is a private residential building and his "service" was unsolicited.

Offline

#143 2015-04-25 13:53:48

Robertz
Member
Registered: 2015-04-25
Posts: 3

Re: iClass is coming...

How do I contact an admin to have this removed? Can someone give me an email address or contact them for me?
I cannot even edit my own posts...

Offline

#144 2015-04-25 14:15:32

et4
Contributor
Registered: 2015-04-22
Posts: 12

Re: iClass is coming...

Yes it seems a few things got mixed up here. Switching between several laptops (needing 32bit windows) and a number of notepad files on the desktop.

If I thought they dumps were from a live system they never would have been posted. I'm not that irresponsible. I can't edit the posts with the forum type so hopefully the admin can do it soon.

I can assure you I know the line between data acquisition and unauthorised access, whether it's our more traditional internal-based work, or physically.

I'm not sure how to prove credibility, without providing information that compromises our work or our client's privacy. Trying to speak generically, if there is a scare or security event at a subsidiary owned by a group, the board may often commission some due diligence to be performed.

Happy to communicate in more detail over PM or email.

I do understand how there would be concern by someone charging for installation of a secure system, knowing of the shortcomings published initially in 2012.

We investigate shortcomings in organisation's assets all the time. This includes their service providers. We're very careful not to cross the line from identification of vulnerability to exploiting it to gain unauthorised access.

Finally, apologies for causing a bit of ruckus within the community. I understand hesitation at providing further assistance. We should still be able to complete what we need to do, it will just take longer through more manual discovery.

Offline

#145 2015-04-25 14:17:47

et4
Contributor
Registered: 2015-04-22
Posts: 12

Re: iClass is coming...

Robertz,
I've reported my post requesting to have it removed. I can't do it myself like other forums. Hopefully it won't take too long. Apologies again for mixing up my test data.

Offline

#146 2015-04-25 15:31:25

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: iClass is coming...

@et4: My contact details https://pgp.mit.edu/pks/lookup?op=vindex&search=0x683B438C05A5DDF0

Last edited by holiman (2015-04-25 15:34:44)

Offline

#147 2015-04-25 15:33:11

holiman
Contributor
Registered: 2013-05-03
Posts: 566

Re: iClass is coming...

And I'm not a moderator, but have emailed one to have the data removed

Last edited by holiman (2015-04-25 15:35:13)

Offline

#148 2015-04-25 16:13:43

et4
Contributor
Registered: 2015-04-22
Posts: 12

Re: iClass is coming...

Emailed.

Thanks.

Offline

#149 2015-04-25 16:24:45

osaka
Member
Registered: 2010-02-12
Posts: 9

Re: iClass is coming...

et4 wrote:

Yes it seems a few things got mixed up here. Switching between several laptops (needing 32bit windows) and a number of notepad files on the desktop.

If I thought they dumps were from a live system they never would have been posted. I'm not that irresponsible. I can't edit the posts with the forum type so hopefully the admin can do it soon.

I can assure you I know the line between data acquisition and unauthorised access, whether it's our more traditional internal-based work, or physically.

I'm not sure how to prove credibility, without providing information that compromises our work or our client's privacy. Trying to speak generically, if there is a scare or security event at a subsidiary owned by a group, the board may often commission some due diligence to be performed.

Happy to communicate in more detail over PM or email.

I do understand how there would be concern by someone charging for installation of a secure system, knowing of the shortcomings published initially in 2012.

We investigate shortcomings in organisation's assets all the time. This includes their service providers. We're very careful not to cross the line from identification of vulnerability to exploiting it to gain unauthorised access.

Finally, apologies for causing a bit of ruckus within the community. I understand hesitation at providing further assistance. We should still be able to complete what we need to do, it will just take longer through more manual discovery.

What a load of crap...

Offline

#150 2015-04-25 17:54:37

iceman
Administrator
Registered: 2013-04-25
Posts: 9,497
Website

Re: iClass is coming...

A new user posts something to be testdata,
another new user claims something is indeed a clients original data,
first new user agrees that the testdata is not testdata
other new users joins in,

What are the probabilty that all thoose claims happens in a very very sleepy forum like PM3...
By the looks at it, it seems like the whole of down under PM3 community knows eachother and hangs here silently.

BUT,
instead of just mailing about it ta a forum moderator,   the second new user actually managed to let people know that its a proper key....  instead of letting everyone here believe it was testdata and everyone would have forgotten about before it was taken away from a forum moderator....

I feel new users can learn from this ...

Last edited by iceman (2015-04-25 17:55:42)

Offline

Board footer

Powered by FluxBB