Offline RFID systems rely on data stored within the key to control access and configuration. But what if a key lies? What if we can make the system trust those lies? Well then we can do some real spooky things…
This is the story of how a strange repeating data pattern turned into a skeleton key that can open an entire range of RFID access control products in seconds.
It’s a scrappy but scary hack that spawned from something we noticed whilst trying to duplicate an access card onto a subdermal RFID implant. This covers the discovery of the flaw, how we investigated it, and how significant the flaws ended up being.