digipass instrumentation for fun and profit - defcamp 2012
DESCRIPTION
TRANSCRIPT
About me
PhD in information security, CEH
Penetration tester at KPMG Romania
Web apps
Infrastructure
Mobile apps
Source code reviews
+ some other annoying stuff
Always like to prove my point…
2
What is this all about?
3
The FUN part
What is this all about?
4
Our subject(s)
5
Our subject(s)
Digipass = security token
Disconnected, display, keypad
Used for:
User authentication (2nd factor) - OTP
Transaction signing (e.g. Internet Banking)
Vendors: Vasco, CryptoCard, RSA, etc
6
What is this all about? (still the fun part)
7
A machine that simulates human behavior when using a digipass
Brains • Command the machine
• Keep track of the logic
state
• Select the desired muscles
and send the necessary
signals
• Read an image from the
eyes
• Interpret the image and
make the next move
Neurons
• Transport the signal from
the brain to muscles
• Give the muscles the
necessary power/energy to
action
Muscles
• Push when powered on
• Release when powered
off
Eyes
• Provide images for
the brain
• Tell the brain what
is happening outside
OK… But why?
Motivation
8
The profit part
Remember the old rounding attacks against Internet Banking apps?
When working with two decimals most banks do the rounding to the closest value
8.3478 EUR ~= 8.35 EUR
8.3436 EUR ~= 8.34 EUR
max profit = 0.005 EUR
About rounding attacks:
“Assymetric Currency Rounding” by M'Raïhi, Naccache and Tunstall of Gemalto – 2001 - http://tinyurl.com/d5akdkk
“Is Your Online Bank Vulnerable To Currency Rounding Attacks?”, Mitja Kolsek of ACROSSecurity - 2012 – http://tinyurl.com/6wpg7ew
9
Rounding in currency exchange (1)
10
Use the Internet Banking application to transfer money between your own
accounts (e.g. RON -> EUR)
RON EUR EUR
(rounded)
Exchange rate
(RON / EUR rounded)
4.40 1 1.00 4.40 Official
2 0.4545 0.45 4.44
1 0.2272 0.23 4.34
0.5 0.1136 0.11 4.54
0.05 0.0113 0.01 5
0.03 0.0068 0.01 3
0.023 0.0052 0.01 2.3 The best
0.02 0.0045 0.00 not good
100 * (0.023 RON -> 0.01 EUR) => 2.3 RON = 1 EUR
Rounding in currency exchange (2)
11
The Bank said…
Known issue but we have the digipass to protects us:
1. User initiates currency exchange in IB application
2. Application sends challenge code to user
3. User inputs code into digipass
4. User reads digipass response
5. User sends the response to IB application
6. Application finalizes the transaction
12
The Bank said…
Known issue but we have the digipass to protects us:
1. User initiates currency exchange in IB application
2. Application sends challenge code to user
3. User inputs code into digipass
4. User reads digipass response
5. User sends the response to IB application
6. Application finalizes the transaction
13
Now automated!
We can make lots of transactions automatically
How much?
C1 = minimum amount of currency 1 (e.g. 0.023 RON)
C2 = minimum amount of currency 2 (e.g. 0.01 EUR)
Ex_b = exchange rate for buying C2 with microtransactions (e.g. 2.3). Ex_b = C1 / C2
Ex_s = exchange rate for selling C2 (e.g. 4.4) – real exchange rate – fixed by the Bank
Ex_b Ex_s
x RON y EUR z RON
14
z = y * Ex_s = (x / Ex_b) * Ex_s = x * (Ex_s / Ex_b)
multiplication rate = Ex_s / Ex_b
transactions required = x / C1
Currency 1 Multiplication
rate
Initial
amount (x)
Final
amount (y)
Gain Transactions
required
RON 4.4 / 2.3 = 1.9 100 RON 190 RON 90 RON ~ 20 EUR 100 / 0.023 = 4347
How the Banks should protect themselves
Limit the number of transactions that can be performed in a given time
Limit the minimum currency amount that can be exchanged in a transaction
Monitor for suspicious transactions (very small amounts)
State in the contract that such transactions are illegal
Introduce a small fee for currency exchange operations (e.g. 0.01 EUR)
15
Behind the curtains…
16
Back to the FUN part
External vs Internal instrumentation
Internal instrumentation (direct electrical connections):
Pros:
more reliable and faster
almost error free
Cons:
might not be always possible – some digipasses
deactivate if opened
must know the pinout of LCD screen (lots of pins!)
sensitive soldering required
mistakes can lead to deactivation
External instrumentation:
Pros:
No interference with digipass’s internals
Can be applied to any digipass model
Cons:
Pretty slow (but good for the “low and slow” approach)
Some (mechanics) errors occur on pressing buttons (resolvable by a more professional construction)
OCR process needs special (lightning) conditions to produce correct results
17
Electric diagram
18
D3 D2 D1 D0 Sx Digipass
key
0001 S1 0
0010 S2 1
0011 S3 2
0100 S4 3
0101 S5 4
0110 S6 5
0111 S7 6
1000 S8 7
1001 S9 8
1010 S10 9
1011 S11 =
1100 S12 S
1101 S13 ON/OFF
Optical Character Recognition
19
Original Cleared
background
Blurred Threshold applied OCR-ized
gocr / ocrad
7169309
-_16g309
1757450
1_5_G50
043i __ i_ì
OG3i _i_i
9a__641 4
9__6G1G
10 transactions / minute (6 seconds / transaction)
max 21600 transactions / day
enter PIN, type challenge code, read response image, do OCR
Our previous example:
100 RON 190 RON (gain ~20 EUR)
=> 4347 transactions * 6 sec/trans = 26082 sec = 7h:14m:42 s
Maximum amount to multiply per day:
21600 * 0.023 RON = 496.8 RON => final: 943.9 RON
gain 447 RON ~= 101 EUR/day
Money making machine?
Current performance
20
Photo gallery
21
The first POC
22
Development stages (1)
23
Development stages (2)
24
Development stages (3)
25
Development stages (4)
26
Final version - back
27
Final version - front
28
Demo
29
Thank you!
QUESTIONS ?
30
Adrian Furtunǎ, PhD, CEH
http://pentest-tools.com