Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Announce - Release RFIDIOt ver 0.1n (June 2007)
From: Adam Laurie <adam.laurie () thebunker net>
Date: Wed, 06 Jun 2007 16:44:39 +0100

Folks,

This is a quick and dirty release to try and get some feedback on 
e-passports.

 From the CHANGES:

   v0.n:
   add CLONE mode to 'unique.py'
   make 'mrpkey.py' more intelligent about reading passport contents:
     read all data groups
     extract image from CBEFF block in EF.DG2
     extract public key certificate from EF.SOD (requires openssl 
installation)
     add asn.1 field length encoding rules
   add 'sod.py' tool for brute force finding of certificates in 
EF_SOD.BIN (requires openssl installation)

New release can be downloaded from http://rfidiot.org

Since I only have a couple of passports for testing it would be useful 
to hear from those who have foreign passports if my new code works 
better (should now extract any country's images/data without tweaking), 
or if I've totally broken it!

The other major enhancement is extraction of public key certificates 
from the Security Object. Contents can be quite revealing and I'll post 
all the ones I've got on the website. Please send me any that you manage 
to extract.

Here is example output of the extraction process on a UK passport:

Reading: EF.SOD Document Security Object
File Length: 1925
Reading: 00000
   Stored in /tmp/EF_SOD.BIN
Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number: 1119353116 (0x42b7f91c)
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C=gb, O=UKKPA, CN=Country Signing Authority
         Validity
             Not Before: May 22 12:43:30 2006 GMT
             Not After : Sep 21 01:13:30 2017 GMT
         Subject: C=gb, O=ukps, OU=london, CN=Document Signing Key 35
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
             RSA Public Key: (2048 bit)
                 Modulus (2048 bit):
                     00:b8:00:3e:3d:b3:19:fe:b0:91:3a:4a:87:55:b1:
                     59:46:ec:b4:8d:91:9a:e9:c4:b3:29:a0:1a:ce:bc:
                     7a:21:16:87:42:83:79:fe:62:19:ba:db:41:60:68:
                     0b:25:17:b8:f5:59:e4:15:af:30:cf:f4:fe:c7:5e:
                     0e:27:42:8a:63:ba:3e:16:53:77:ba:23:df:68:fe:
                     45:1c:08:e2:6e:99:c9:12:00:fa:61:a0:3b:3c:a6:
                     c1:46:42:d7:88:64:5f:6c:d3:9d:e9:95:5b:95:eb:
                     be:e2:3c:60:48:e6:48:af:0a:62:55:4b:7e:91:90:
                     de:ad:61:f1:83:27:67:b1:31:15:8e:53:0d:b0:f7:
                     a4:7d:24:9d:20:5d:b6:1c:ea:a7:25:f5:a4:ea:40:
                     78:32:10:07:9c:51:bb:3a:2a:e2:b6:b9:38:26:5d:
                     73:46:3b:2b:3b:28:ef:dc:52:79:a1:d7:ed:d7:5f:
                     72:18:13:86:a9:a2:99:8f:38:6a:f0:ff:63:8d:7e:
                     76:c6:b2:cc:dd:bb:ff:21:34:d4:b1:7a:aa:59:1d:
                     fa:4f:32:8a:c9:cb:ac:e8:d4:2c:6a:5c:8c:5b:fe:
                     12:6b:fa:1a:ca:d3:27:99:b6:94:d2:57:cd:0a:d1:
                     b1:49:2c:54:d1:3e:bd:04:07:75:32:00:86:13:90:
                     16:ad
                 Exponent: 65537 (0x10001)
         X509v3 extensions:
             X509v3 Private Key Usage Period:
                 Not Before: May 22 13:13:30 2006 GMT, Not After: Aug 24 
13:13:30 2006 GMT
             X509v3 Key Usage: critical
                 Digital Signature
             X509v3 CRL Distribution Points:
                 DirName:/C=gb/O=UKKPA/CN=Country Signing Authority/CN=CRL1

             X509v3 Authority Key Identifier:
 
keyid:3B:34:6F:4A:F5:6C:7F:8C:C4:C6:46:5F:F8:24:F8:30:9A:D2:18:C0

             X509v3 Subject Key Identifier:
                 BC:9E:2A:37:08:C6:B3:C4:12:A1:E8:BF:69:44:C1:76:0F:95:43:C5
     Signature Algorithm: sha256WithRSAEncryption
         42:60:0c:94:d7:ce:0e:a6:8d:2d:7c:1a:c2:6d:e6:be:7c:94:
         14:2a:68:27:c2:93:c5:51:8e:77:f2:79:91:1f:5e:27:b6:85:
         7d:78:40:7c:f4:0f:00:34:fa:31:49:f0:72:05:d1:32:3d:89:
         33:82:32:85:86:8e:cd:55:ff:35:62:17:ff:c5:82:15:73:ba:
         13:df:a8:d6:c6:06:08:98:44:bc:10:d8:7d:b3:59:a5:3e:06:
         e4:e3:81:fd:7e:60:87:02:ae:15:f9:50:5f:8d:7f:32:d3:eb:
         d4:ec:42:2f:e8:54:c4:16:85:75:a8:7b:15:3d:66:34:ff:d9:
         cc:57:ed:89:36:d9:32:ab:4b:74:4f:14:64:47:a5:9e:68:09:
         07:21:33:d3:e8:8f:34:1c:e7:c5:c0:41:32:2a:a7:d0:19:0b:
         b9:6f:18:7c:fb:06:5b:57:66:c4:38:fc:1a:02:38:84:5e:1f:
         c3:c7:d6:74:4b:a3:c5:e0:91:11:5e:c0:0f:a9:ff:37:b0:7b:
         60:ec:f0:5d:4b:02:ee:f4:e5:48:ca:06:0d:fb:68:cc:03:b1:
         fd:a6:86:26:27:bf:e1:5a:06:a9:60:88:b5:73:5b:0c:c0:e7:
         58:59:e8:9c:3d:5f:b9:31:c1:79:7e:4f:b2:27:8d:c6:d0:21:
         64:df:2c:5d:0b:db:af:1f:b2:ee:d5:b3:90:b1:b0:cd:a6:6a:
         69:b5:a6:6a:02:d7:f1:ce:26:18:33:f7:c7:15:c8:61:93:8a:
         29:3a:49:71:0d:c2:88:76:2f:c0:79:7e:d6:92:60:2f:5b:14:
         e6:fd:d8:98:a5:93:71:7d:55:45:a3:63:d8:f2:be:97:76:5b:
         c3:70:14:8c:c4:e2:fc:a9:22:2a:7e:d9:a1:0a:47:48:fc:f9:
         36:b7:c6:02:f7:2b:26:07:2c:02:9d:27:e3:3f:03:24:be:79:
         d7:21:f4:b1:07:e2:76:f2:e5:54:ff:8b:f0:cf:87:2c:fb:5c:
         f6:ce:10:3d:ce:76:fb:86:87:0c:4b:86:55:83:85:1b:59:50:
         08:46:53:87:a0:37:60:02:66:38:34:25:a0:3b:7d:d5:de:0d:
         75:71:a5:eb:ae:de:a3:5e:ef:41:19:13:fb:60:46:b5:b8:a4:
         d9:15:c0:e7:e7:64:f0:41:d6:69:9e:14:97:6f:4f:7a:d4:14:
         52:39:66:64:ae:a3:ef:67:46:cf:f2:4f:34:55:f3:04:2d:48:
         98:ab:2d:de:b3:da:7c:a0:62:df:16:d6:ff:0f:da:fa:22:9a:
         f0:5e:96:63:28:c9:50:dd:92:1c:fd:07:56:c6:58:bf:a2:85:
         41:bf:b9:6b:f5:8d:94:1e
-----BEGIN CERTIFICATE-----
MIIE9DCCAtygAwIBAgIEQrf5HDANBgkqhkiG9w0BAQsFADBBMQswCQYDVQQGEwJn
YjEOMAwGA1UEChMFVUtLUEExIjAgBgNVBAMTGUNvdW50cnkgU2lnbmluZyBBdXRo
b3JpdHkwHhcNMDYwNTIyMTI0MzMwWhcNMTcwOTIxMDExMzMwWjBPMQswCQYDVQQG
EwJnYjENMAsGA1UEChMEdWtwczEPMA0GA1UECxMGbG9uZG9uMSAwHgYDVQQDExdE
b2N1bWVudCBTaWduaW5nIEtleSAzNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBALgAPj2zGf6wkTpKh1WxWUbstI2RmunEsymgGs68eiEWh0KDef5iGbrb
QWBoCyUXuPVZ5BWvMM/0/sdeDidCimO6PhZTd7oj32j+RRwI4m6ZyRIA+mGgOzym
wUZC14hkX2zTnemVW5XrvuI8YEjmSK8KYlVLfpGQ3q1h8YMnZ7ExFY5TDbD3pH0k
nSBdthzqpyX1pOpAeDIQB5xRuzoq4ra5OCZdc0Y7Kzso79xSeaHX7ddfchgThqmi
mY84avD/Y41+dsayzN27/yE01LF6qlkd+k8yisnLrOjULGpcjFv+Emv6GsrTJ5m2
lNJXzQrRsUksVNE+vQQHdTIAhhOQFq0CAwEAAaOB5TCB4jArBgNVHRAEJDAigA8y
MDA2MDUyMjEzMTMzMFqBDzIwMDYwODI0MTMxMzMwWjAOBgNVHQ8BAf8EBAMCB4Aw
YwYDVR0fBFwwWjBYoFagVKRSMFAxCzAJBgNVBAYTAmdiMQ4wDAYDVQQKEwVVS0tQ
QTEiMCAGA1UEAxMZQ291bnRyeSBTaWduaW5nIEF1dGhvcml0eTENMAsGA1UEAxME
Q1JMMTAfBgNVHSMEGDAWgBQ7NG9K9Wx/jMTGRl/4JPgwmtIYwDAdBgNVHQ4EFgQU
vJ4qNwjGs8QSoei/aUTBdg+VQ8UwDQYJKoZIhvcNAQELBQADggIBAEJgDJTXzg6m
jS18GsJt5r58lBQqaCfCk8VRjnfyeZEfXie2hX14QHz0DwA0+jFJ8HIF0TI9iTOC
MoWGjs1V/zViF//FghVzuhPfqNbGBgiYRLwQ2H2zWaU+BuTjgf1+YIcCrhX5UF+N
fzLT69TsQi/oVMQWhXWoexU9ZjT/2cxX7Yk22TKrS3RPFGRHpZ5oCQchM9PojzQc
58XAQTIqp9AZC7lvGHz7BltXZsQ4/BoCOIReH8PH1nRLo8XgkRFewA+p/zewe2Ds
8F1LAu705UjKBg37aMwDsf2mhiYnv+FaBqlgiLVzWwzA51hZ6Jw9X7kxwXl+T7In
jcbQIWTfLF0L268fsu7Vs5CxsM2mamm1pmoC1/HOJhgz98cVyGGTiik6SXENwoh2
L8B5ftaSYC9bFOb92Jilk3F9VUWjY9jyvpd2W8NwFIzE4vypIip+2aEKR0j8+Ta3
xgL3KyYHLAKdJ+M/AyS+edch9LEH4nby5VT/i/DPhyz7XPbOED3OdvuGhwxLhlWD
hRtZUAhGU4egN2ACZjg0JaA7fdXeDXVxpeuu3qNe70EZE/tgRrW4pNkVwOfnZPBB
1mmeFJdvT3rUFFI5ZmSuo+9nRs/yTzRV8wQtSJirLd6z2nygYt8W1v8P2voimvBe
lmMoyVDdkhz9B1bGWL+ihUG/uWv1jZQe
-----END CERTIFICATE-----

enjoy,
Adam
-- 
Adam Laurie                         Tel: +44 (0) 1304 814800
The Bunker Secure Hosting Ltd.      Fax: +44 (0) 1304 814899
Ash Radar Station
Marshborough Road
Sandwich                            mailto:adam () thebunker net
Kent
CT13 0PL
UNITED KINGDOM                      PGP key on keyservers

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • Announce - Release RFIDIOt ver 0.1n (June 2007) Adam Laurie (Jun 06)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]