RFDUMP

What is RFDump

RFDump is a backend GPL tool to directly interoperate with any RFID ISO-Reader to make the contents stored on RFID tags accessible.

This makes the following types of audits possible:

Test robustness of data-structures on the reader and the backend-application
Proof-of-concept manipulations of RFID tag contents
Clone / copy & paste User-Data stored on RFID tags
Audit tag-security features

If you are interested in RFID this link helps you!

RFDump was first presented at the Blackhat Conference 2004 in Las Vegas (check out the slides from our presentation) and since then we have been striving to turn this web site into a portal for information exchange regarding RFID technology.

RFDump is a tool to detect RFID tags and show their meta information: Tag ID, tag type, manufacturer etc. The user data of a tag can be displayed and modified using either a Hex or an ASCII editor. In addition, the integrated cookie feature demonstrates how easy it is for a company to abuse RFID technology to spy on their customers. RFDump works with the ACG Multi-Tag Reader or similar card reader hardware.

"[Grunwald] is doing what RFID is supposed to do," said security author and Counterpane Internet Security Inc. Chief Technology Officer Bruce Schneier. "This is serious. He didn't hack anything. RFID technology originally was designed to be completely open; that's its problem. He went to the spec, read it and followed it. If you query the chip, you will get this info. If there were security countermeasures on the chip that were thwarted, then we could talk about hacking."

Source: Computerworld USA 2004

RFDump is available in different versions:

As Gtk application for Linux/Unix with a GUI
As rudimentary Perl script for Linux (PC or PDA) with a console-based interface

RFDump features (Gtk Application):

Runs on Linux, Windows
Supports ACGs PCMCIA/CF Multi-Tag Readers
Decodes the tag type, tag ID and manufacturer
Displays tag memory in Hex and ASCII encoding
Allows to write memory using Hex or ASCII editor
NEW: Full 14443 a/b Support
NEW: Support for Mifare sector keys
NEW: Cookie feature using arbitrary cookie ID and automatically incrementing counter
NEW: Brute-Force cracking of access control cards (sector keys)
NEW: Audit of encrypted RFID tags check for "default" Shipping Keys
NEW: Save and restore of Mifare Cards incl. Sector-Keys
NEW: Multi baudrate reader support, RFDump can set boud rate
NEW: Scan-Option
NEW: Config-Menus

Recommended Hardware:

Linux/Windows PC or HP iPAQ PDA with Linux
ACG Multi-Tag Reader, in a CF-Flash Socket or PCMCIA Adapter
13.56 MHz Tags for testing

Legacy Screenshots

RFDump 1.4 GTK Linux Application

RFDump 1.4 GTK Linux Application

Original screenshots preserved from the legacy project (hosted on rf-dump.org mirror).

Frequently Asked Questions

What Hardware is supported and working with RFDump?

Please go to our hardware page! You will find a list of working reader incl. the working reader firmware, as well the configuration of the reader parameter to use it with RFDump.

What is the latest version of RFDump?

Version 1.4 is the last one, you can compile it on your machine using any UNIX like OS with the GTK+ Libs, or use a pre-compiled binary version from our download section.

What Linux-Distribution are including RFDump?

Binaries and portage will come for Debian Linux and Gentoo, other RPM-Distributions are not planned right now.

Where can I obtain a card reader that works with RFDump?

We are currently working on providing detailed information about this matter here very soon.

I am using Microsoft Windows, can i run RFDump with it?

A VMWare image was historically provided to run RFDump on Windows/Linux hosts without installation.

My RFID reader is not supported, what can i do?

RFDump offers a API for integrating new reader quick, if you want us to integrate your hardware, send / donate us one of your reader (YOU WILL NOT GET IT BACK), and if we have time, we will probably integrate it into the next version. If you pay for this work, this will speed it up :-)

Is it possible to clone a RFID ePassport (MRTD) with RFDump?

No not with this out-of-the Box GPL Version that is public available and free software!

Press Releases / RFDump in the News

slashdot thread - RFID More Hackable Than Retailers Think?

Downloads - Legacy Archives

All software is published under the GPL. Links are historical and may require archiving if broken.

Anonymous CVS Access

export CVSROOT=:pserver:anoncvs@cvs.dn-systems.org:/anoncvs
cvs login (password: empty)
cvs checkout rfdump

RFDump V1.6 Sources

Debian package of RFDump

Historical: apt-get install rfdump (unstable repo)

Old RFDump Versions

Donations

You can Donate Money, RFID Hardware or Code to the RFDump Project.

If you wish to contribute financially to the RFDump project you can make donations through Bitcoin or ask at account donate at rfdump.org

For more details and information please send us an email.

We are interested to extend the supported Readers of RFID, if you are a vendor, you can supply us a SDK incl. Reader and API/Hardware Documentation.

List of Sponsors of RFDump:

$5000 from DN-Systems Enterprise Internet Solution GmbH - legal fees for the Black Hat Demonstration
$2000 from DN-Systems Enterprise Internet Solution GmbH for the flight to the Black Hat

If your name is missing here, send a short note with your transaction ID to donate at rfdump.org and you will be listed here.

Contact

Mailing address

RFDump.org
DN-Systems Enterprise Internet Solutions GmbH
c/o Lukas Grunwald
Hornemannstr. 12
31137 Hildesheim
Germany

PR and press-relations

press at rfdump.org

Coders

lukas at rfdump.org
boris at rfdump.org
doj at rfdump.org

Patches and license-questions

gpl at rfdump.org

For technical-support use the FAQ, we do not answer any technical questions via mail.