RFDump is a backend GPL tool to directly interoperate with any RFID ISO-Reader to make the contents stored on RFID tags accessible. This makes the following types of audits possible:
If you are interested in RFID this link helps you!
RFDump was first presented at the Blackhat Conference 2004 in Las Vegas (check out the slides from our presentation) and since then we have been striving to turn this web site into a portal for information exchange regarding RFID technology. The intention is to provide a forum where all people interested or concerned about RFID technolgy can discuss and exchange their opinion in an open environment.
RFDump is a tool to detect RFID tags and show their meta information: Tag ID, tag type, manufacturer etc. The user data of a tag can be displayed and modified using either a Hex or an ASCII editor. In addition, the integrated cookie feature demonstrates how easy it is for a company to abuse RFID technology to spy on their customers. RFDump works with the ACG Multi-Tag Reader or similar card reader hardware.
"[Grunwald] is doing what RFID is supposed to do," said security author and Counterpane Internet Security Inc. Chief Technology Officer Bruce Schneier. "This is serious. He didn't hack anything. RFID technology originally was designed to be completely open; that's its problem. He went to the spec, read it and followed it. If you query the chip, you will get this info. If there were security countermeasures on the chip that were thwarted, then we could talk about hacking." Source: Computerworld USA 2004
We have a mailing-list "rfdump" you can subscribe to via http://lists.dn-systems.net/mailman/listinfo/rfdump or by sending a mail to rfdump-request@lists.ezisp.de with "subscribe" in the body.
RFDump is a backend GPL tool to directly interoperate with any RFID ISO-Reader to make the contents stored on RFID tags accessible. This makes the following types of audits possible:
If you are interested in RFID this link helps you!
RFDump was first presented at the Blackhat Conference 2004 in Las Vegas (check out the slides from our presentation) and since then we have been striving to turn this web site into a portal for information exchange regarding RFID technology. The intention is to provide a forum where all people interested or concerned about RFID technolgy can discuss and exchange their opinion in an open environment.
RFDump is a tool to detect RFID tags and show their meta information: Tag ID, tag type, manufacturer etc. The user data of a tag can be displayed and modified using either a Hex or an ASCII editor. In addition, the integrated cookie feature demonstrates how easy it is for a company to abuse RFID technology to spy on their customers. RFDump works with the ACG Multi-Tag Reader or similar card reader hardware.
"[Grunwald] is doing what RFID is supposed to do," said security author and Counterpane Internet Security Inc. Chief Technology Officer Bruce Schneier. "This is serious. He didn't hack anything. RFID technology originally was designed to be completely open; that's its problem. He went to the spec, read it and followed it. If you query the chip, you will get this info. If there were security countermeasures on the chip that were thwarted, then we could talk about hacking." Source: Computerworld USA 2004
We have a mailing-list "rfdump" you can subscribe to via http://lists.dn-systems.net/mailman/listinfo/rfdump or by sending a mail to rfdump-request@lists.ezisp.de with "subscribe" in the body.
Questions: What Hardware is supported and working with RFDump?
Answer: Please go to our hardware page!
You will find a list of working reader incl. the working reader firmware, as well the configuration
of the reader parameter to use it with RFDump.
Questions: What is the latest version of RFDump?
Answer: Version 1.4 is the last one, you can compile it on your machine useing any UNIX like OS with the GTK+ Libs, or use a pre-compiled binary version from our download section.
Questions: What Linux-Distribution are including RFDump?
Answer: Binaries and portage will come for Debian Linux and Gentoo, other RPM-Distributions are not planned right now.
Questions: Where can I obtain a card reader that works with RFDump?
Answer: We are currently working on providing detailed information about this matter here very soon.
Questions: I am using Microsoft Windows, can i run RFDump with it?
Answer: There is a a VMWare Image that starts RFdump, you can use it with any VMWare Player (Linux/Windows) without installing RFDump on your machine. You can download the Live-Image here.
Questions: My RFID reader is not supported, what can i do?
Answer: RFDump offers a API for integrating new reader quick, if you want us to integrate your hardware, send / donate us one of your reader (YOU WILL NOT GET IT BACK), and if we have time, we will probably integrate it into the next versionr. If you pay for this work, this will speed it up ,-)
Questions: Is it possible to clone a RFID ePassport (MRTD) with RFDump?
Answer: No not with this out-of-the Box GPL Version that is public available and free software!
All downloads via http protocol.
Note: All software written and distributed rfdump.org is published under the GPL Licence. The Java application requires certain additional libraries and packages, some of them published under different licences. See additional licence files for details.
In order to access CVS, you will need to first set up some environment variables. Anonymous CVS is only via pserver available and reflect a mirror of the developers-CVS synced each hour.
export CVSROOT=:pserver:anoncvs@cvs.dn-systems.org:/anoncvs
If you do not use a SH or BASH use setenv, or read your shell manual.
cvs login Logging in to :pserver:anoncvs@cvs.dn-systems.org:2401/anoncvs CVS password:
Just hit return for a empty password
cvs checkout rfdump
You have now a developer version of RFDump.
If you are running debian, you need to switch to unstable and can install RFDump by:
apt-get install rfdump
If you are running Windows, or like to test it, you can download a live-image from a couple of mirrors.
You need VMWare 5.0 if you do not have a VMWare license you can run this live-Image by useing the free VMWare player for Windows or Linux.
The host operating system must provide the guest OS a serial port to access to the RFID reader hardware, you need to connect this reader from your host PC to the guest image, or it WILL NOT WORK AT ALL.
You can Donate Money, RFID Hardware or Code to the RFDump Project.
If you wish to contribute financially to the RFDump project you can make donations through Bitcoin or ask at account donate at rfdump.org
Do donate money just click on the donate-buttion on the buttom of this page!
For more details and information please send us an email us.
We are interested to extend the supported Readers of RFID, if you are a vendort, you can supply us a SDK incl. Reader and API/Hardware Dokumentation.
If your name is missing here, send a short note with your transaction ID to donate at rfdump.org and you will be listed here.
RFDump.org
c/o Lukas Grunwald
Hornemannstr. 12
31137 Hildesheim
Germany
For technical-support use the mailing-list or FAQ, we do not answer any technical questions via mail.