Network Security: Detailed info on Re: [Full-disclosure] SmartCards programming...

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security FullDisclosure

[Top] [All Lists]

Re: [Full-disclosure] SmartCards programming...

from [Michael Holstein] Network Security

[Permanent Link]

Subject:	Re: [Full-disclosure] SmartCards programming...
Date:	Wed, 23 Nov 2005 10:37:56 -0500

I bought 2 Goldcards (one of my teacher advised me to buy a such card to do what I want... but I think a physical attack can allow someone to copy the content of the card or the stored key when the authentication is doing but to begin its perhaps the more simple card I can find ...)

Um .. that's exactly the problem smartcards attempt to address. It's highly unlikey you'll be able to copy the protected contents without resorting to a timing attack or the like (and that has been addressed lately as well).

If you're really patient, you could decapsulate the chip and read the eeprom contents with a microscope .. but that sort of defeats the purporse as you've destroyed the original.

As to your other question, a .hex file is just a binary image.

~Mike.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Full-disclosure] SmartCards programming..., khaalel Re: [Full-disclosure] SmartCards programming..., deepquest Re: [Full-disclosure] SmartCards programming..., Jon Barber RE: [Full-disclosure] SmartCards programming..., Aditya Deshmukh Re: [Full-disclosure] SmartCards programming..., khaalel Re: [Full-disclosure] SmartCards programming..., khaalel Re: [Full-disclosure] SmartCards programming..., Michael Holstein <= Re: [Full-disclosure] SmartCards programming..., Valdis . Kletnieks Re: [Full-disclosure] SmartCards programming..., Michael Holstein RE: [Full-disclosure] SmartCards programming..., Lyal Collins RE: [Full-disclosure] SmartCards programming..., Scott, Patrick Re: [Full-disclosure] SmartCards programming..., InfoSecBOFH RE: [Full-disclosure] SmartCards programming..., Scott, Patrick

Previous by Date:	RE: [Full-disclosure] Hacking Boot camps!, Christopher Carpenter
Next by Date:	Re: [Full-disclosure] Hacking Boot camps!, Exibar
Previous by Thread:	Re: [Full-disclosure] SmartCards programming..., khaalel
Next by Thread:	Re: [Full-disclosure] SmartCards programming..., Valdis . Kletnieks
Indexes:	[Date] [Thread] [Top] [All Lists]