Hacking

Please Scan My Towel

My friend Scott pointed out the towels in most hotels now have RFID tags to help with inventory control:

Screen Shot 2016-03-01 at 10.21.06 AM

I also knew that my RSA Conference  badge would have an RFID tag in it so it could be scanned on the expo floor:

2016-03-01 09.47.14

Since I never leave home without my Proxmark3 in my assault pack it was time to get to work:

2016-03-01 09.48.25

What I found out next is something I wasn’t expecting that made this whole thing a lot more interesting.

Using the Proxmark I was able to tell the hotel towel and my RSA tag uses the same MIFARE Ultralight C  tags: 

Screen Shot 2016-03-01 at 10.08.41 AM

So from there I was able to clone my RSA pass to my hotel towel since the towel had a re-writeable tag.

I will be demoing the walkthrough of this at  First  in Amsterdam in April. 

So now I am at the point where you can scan my towel and get the same UID.  Which will allow me to have people scan my towel and get the same information they would have gotten off my badge.

Which allows me to quote one of my favorite lines from the Hitchhikers Guide.

towel

 

*No hotel towels have been permanently harmed and  will be returned to my room with the correct UID rewritten to them.