Zaɓi Harshe

NFCGate: Kayan Aiki na Wayar Hannu don Bincike da Nazarin Tsaro na NFC mai zurfi

Nazarin NFCGate, kayan aiki na Android da aka tsawaita don nazarin ka'idojin NFC, yana da fasalin gyara zirga-zirgar cikin jirgi, mika sako, hare-haren sake kunnawa, da nazarin misali akan makullin NFC na kamfani.
contact-less.com | PDF Size: 0.2 MB
Kima: 4.5/5
Kimarku
Kun riga kun ƙididdige wannan takarda
Murfin Takardar PDF - NFCGate: Kayan Aiki na Wayar Hannu don Bincike da Nazarin Tsaro na NFC mai zurfi
Duba Takardar PDF Zazzage PDF Fassara PDF
Gida » Takaddun » NFCGate: Kayan Aiki na Wayar Hannu don Bincike da Nazarin Tsaro na NFC mai zurfi

1. Gabatarwa

Sadarwar Kusa da Filaye (NFC) ta zama muhimmiyar sashi ga aikace-aikacen tsaro kamar sarrafa shiga da biyan kuɗi. Duk da haka, nazarin ka'idojin NFC a al'ada yana buƙatar kayan aiki masu tsada, na musamman, wanda ya haifar da cikas ga masu binciken tsaro. Tabbacin ra'ayi na asali na NFCGate (2015) ya nuna yuwuwar amfani da wayoyin hannu na Android na yau da kullun don wannan manufa. Wannan takarda ta gabatar da sigar kayan aikin NFCGate da aka tsawaita kuma aka inganta sosai, ta mai da wayoyin hannu na kasuwanci zuwa dandamali masu ƙarfi, masu hankali, da araha na binciken NFC waɗanda ke iya nazari/gyara zirga-zirgar cikin jirgi, mika sako, da hare-haren sake kunnawa.

2. Bayanan Baya

Wannan sashe ya ƙunshi fasahohin ginshiƙi waɗanda ke ba da damar NFCGate.

2.1 Ka'idojin NFC

Tsarin NFC na Android yana goyan bayan nau'ikan fasaha guda huɗu na asali: NFC-A (ISO/IEC 14443 Nau'in A), NFC-B (ISO/IEC 14443 Nau'in B), NFC-F (FeliCa), da NFC-V (ISO/IEC 15693). An ayyana sadarwa tsakanin Katin Lantarki mai Haɗaka Kusa (PICC - alama/kati) da Na'urar Haɗawa Kusa (PCD - mai karantawa).

3. Tsarin Kayan Aikin NFCGate

NFCGate yana aiki ta hanyar kama da sarrafa tsarin NFC na Android. Yana amfani da dabarun kama ayyuka don samun kulawa mai zurfi akan sadarwar NFC, yana zaune tsakanin manyan API na aikace-aikacen Android da Layer na mai sarrafa NFC (NCI) na musamman na kayan aiki. Wannan yana ba shi damar yin aiki azaman ƙarshen NFC mai shirye-shirye, yana kwaikwayon alamomi, masu karantawa, ko aiwatar da ayyukan tsaka-tsaki.

4. Siffofi na Asali & Aiwar Fasaha

Ƙarfin kayan aikin yana cikin yanayin aikinsa.

4.1 Yanayin Mika Sako & Hare-haren Ramin Tsutsa

Wannan yanayin yana kafa gada mai jinkiri kaɗan, mai jinkiri kaɗan tsakanin ma'amalolin NFC guda biyu waɗanda suka rabu a zahiri. Yana iya tsawaita "ramin tsutsa" akan haɗin yanar gizo (misali, Wi-Fi, Bluetooth), yana ba da damar hare-hare inda katin wanda aka azabtar da mai karantawar manufa suke cikin wurare daban-daban.

4.2 Yanayin Sake Kunnawa da Kwafi

Sake Kunnawa: Yana aiwatar da jerin sadarwar NFC da aka yi rikodin a baya. Kwafi: Yana kwafin mai gano guda (UID) da bayanan alamar/katin NFC da aka yi niyya akan wayar hannu, yana barin ta ta yi kama da na'urar ta asali don fasahohi kamar NFC-A da NFC-V.

4.3 Tsarin Plugin na Python

Wani sabon abu mai mahimmanci shine tsarin plugin wanda ke ba masu bincike damar rubuta rubutun Python don nazari mai ƙarfi. Waɗannan rubutun na iya duba, gyara, sauke, ko allurar fakitoci a cikin rafin sadarwar NFC a ainihin lokacin, yana ba da damar gwajin ka'idoji da gwajin dabaru ta atomatik.

5. Nazarin Misali: Nazarin Makullin NFC na Kamfani

Takardar ta nuna ingancin NFCGate ta hanyar nazarin makullin NFC na Turai na kasuwanci, wanda ya sami lambar yabo. Ta amfani da ikon kayan aikin na kwaikwayon ka'idojin mallakar da Android na yau da kullun ba su goyan baya ba, masu bincike sun gano kurakurai da yawa na tsaro, gami da raunin tabbatar da asali da saukin kamuwa da hare-haren mika sako. An bayyana waɗannan binciken ga mai sayar da kayan cikin ladabi.

6. Kimanta Aiki & Nazarin Jinkiri

Ma'auni mai mahimmanci don yuwuwar harin mika sako shine ƙarin jinkiri. Takardar tana kimanta jinkirin da NFCGate ya gabatar a cikin saituna daban-daban (misali, mika sako na gida da harin ramin tsutsa ta hanyar yanar gizo). Fahimtar wannan jinkiri yana da mahimmanci don haɓaka maganganun kariya masu tushen lokaci.

7. Nazari na Asali: Fahimta ta Asali & Zargi

Fahimta ta Asali: NFCGate ba wani kayan aikin hacking kawai ba ne; yana da mulkin dimokuradiyya na dabarun binciken tsaro na NFC. Ta hanyar canza kayan aikin da ake buƙata daga mai nazari na musamman na $10,000 zuwa wayar hannu ta $300, yana canza yanayin barazana da kayan aikin mai bincike gaba ɗaya. Wannan yayi daidai da canjin tsarin da aka gani a wasu fagage, kamar sakin tsarin kamar Metasploit don cin zarafi ta hanyar yanar gizo ko Frida don kayan aikin kuzari, waɗanda suka rage cikas da haɓaka gano raunin.

Kwararar Hankali: Hujjar takardar tana da gamsarwa: 1) NFC ya yadu a cikin tsarin mahimmanci. 2) Binciken yana hana shi ta hanyar farashi/sarƙaƙiyar kayan aiki. 3) NFCGate ya magance wannan. 4) Ga hujja ta hanyar nazarin makulli na ainihin duniya. Hankali yana da kyau, amma zato a ɓoye shine cewa ƙarin masu bincike suna binciken NFC abu ne mai kyau mara lahani. Dole ne mutum ya yi la'akari da yanayin amfani biyu: yana ƙarfafa masu tsaro da masu kai hari masu ƙarancin ƙwarewa.

Ƙarfi & Kurakurai: Ƙarfin kayan aikin shine aikinsa na aiki da tsarin plugin, yana haɓaka faɗaɗawa. Duk da haka, babban aibin takardar shine ɗanɗanon maganganun kariya. Yayin da aka tattauna jinkiri, maganganun zamani kamar ka'idojin iyakance nisa (misali, tsarin Hancke da Kuhn) ko tabbatar da asali mai sanin mahallin an yi ishara ne kawai. Zurfafa cikin yadda za a iya amfani da ma'auni na NFCGate da kansa don ƙirƙirar ingantattun maganganun kariya zai ƙarfafa gudunmawar. Bugu da ƙari, dogaro da iyawar guntu na NFC na Android na musamman (misali, na Broadcom) na iya iyakance haɗin kai, wani batu da ba a jaddada shi ba.

Fahimta mai Aiki: Ga ƙungiyoyin tsaro na samfur, wannan kiran farkawa ne: ɗauka cewa za a yi nazarin ka'idar NFC ta mallakar ku za a yi ta amfani da kayan aiki irin wannan. Dole ne tsaro ya motsa sama da "tsaro ta hanyar ɓoyewa." Aiwatar da iyakance nisa, ƙalubale-martani tare da ƙananan tagogin lokaci (ƙasa da mili ɗaya), da amfani da abubuwa masu tsaro. Ga masu bincike, hanya a bayyane take: yi amfani da NFCGate don duba tsarin ainihin duniya, amma ba da gudummawar alamun ganowa ko kayan aikin kariya ga al'umma. Masu tsara dokoki yakamata su yi la'akari da tilasta juriya ga hare-haren mika sako don aikace-aikacen NFC masu daraja, kama da buƙatun EMV don biyan kuɗi mara lamba.

8. Cikakkun Bayanan Fasaha & Tsarin Lissafi

Yuwuwar harin mika sako ya dogara ne akan jimillar lokacin tafiya da dawowa ($T_{total}$) ya kasance ƙasa da bakin lokacin tsarin ($T_{max}$). Ana iya ƙirƙira $T_{total}$ kamar haka:

$T_{total} = T_{propagation} + T_{processing}$

Inda $T_{propagation}$ shine lokacin tafiyar siginar akan tashar mika sako, kuma $T_{processing}$ shine jinkirin da software na kayan aiki da kayan aikin wayar hannu suka gabatar. Don harin ramin tsutsa akan yanar gizo, $T_{propagation}$ ya zama mahimmanci. Ka'idar iyakance nisa mai sauƙi tana auna lokacin tafiya da dawowa ($t_{round}$) don musayar ƙalubale-martani. Idan lokacin da aka auna ya wuce lokacin da ake tsammani don tafiyar haske akan nisan da aka yi iƙirari ($2 \cdot d / c$, inda $c$ shine saurin haske), ana zargin harin mika sako. Jinkirin da aka auna na NFCGate yana ba da tushen $T_{processing}$ da ake buƙata don ƙididdige kewayon harin mai tasiri.

9. Sakamakon Gwaji & Bayanin Ginshiƙi

Takardar ta ƙunshi ma'aunin jinkiri don ayyukan NFCGate. Yayin da ba a sake fitar da ainihin ginshiƙin a nan ba, sakamakon da aka bayyana yawanci yana nuna:

  • Yanayin Mika Sako na Gida: Jinkiri a cikin kewayon ƴan millisecond (misali, 2-5 ms), wanda galibi yana ƙasa da bakin ganowa na tsarin sauƙi da yawa.
  • Mika Sako ta Yanar Gizo (Ramin Tsutsa): Jinkiri yana ƙaruwa sosai tare da tsalle-tsalle na yanar gizo, yana iya kaiwa ga dubunnan millisecond. Wannan zai bayyana a cikin ginshiƙi kwance kwance wanda ke kwatanta yanayin "Kai tsaye," "Mika Sako na Gida," da "Ramin Tsutsa (Wi-Fi)".
  • Tasiri akan Nasarar Hari: Wataƙila zane zai zana ƙimar nasarar harin mika sako da aka kwaikwaya da jinkirin da aka gabatar, yana nuna faɗuwar kaɗan bayan wani bakin jinkiri (misali, > 10 ms), yana nuna taga na rauni.

Waɗannan sakamakon sun nuna a zahiri cewa hare-haren mika sako na gida suna da yuwuwa sosai, yayin da hare-haren ramin tsutsa mai nisa za a iya gano su ta hanyar maganganun kariya masu tushen lokaci.

10. Tsarin Nazari: Misalin Lamari

Yanayi: Nazarin sabon tsarin baji na ma'aikata mai tushen NFC.

  1. Bincike (Yanayin Kwafi): Yi amfani da NFCGate don kwafin UID na baji na halal da bayanan tsaye.
  2. Kama Zirga-zirga (Yanayin Na'ura): Yi rikodin ma'amala mai nasara na tabbatar da asali tsakanin baji na halal da mai karantawa.
  3. Nazarin Ka'idoji (Plugin na Python): Rubuta plugin don rarrabe bayanan da aka kama, gano tsarin umarni/martani, da ware jerin tabbatar da asali. 
    # Misalin rubutun plugin pseudocode
def process_packet(data, direction):
    if data.startswith(b'\x90\x00'):  # Yuwuwar umarnin auth
        log(f"An sami umarnin auth: {data.hex()}")
        # Cire yuwuwar ƙalubale/nonce
        challenge = data[2:6]
        # Kwaikwayi nazarin martani mai rauni
        if challenge == b'\x00\x00\x00\x00':
            log("GARGADI: An gano ƙalubale mai tsayi ko mara amfani.")
    return data  # Tura ba a gyara ba a yanzu
  4. Gwaji mai Ƙarfi (Sake Kunnawa/Gyara): Sake kunna jerin auth da aka kama. Sa'an nan, yi amfani da plugin don gyara ƙalubale ko martani a ainihin lokacin don gwada raunin ɓoyayyen rubutu ko rashin sarrafa jihar.
  5. Gwajin Mika Sako: Yi ƙoƙarin harin mika sako don ganin ko tsarin yana duba kusancin jiki.

11. Aikace-aikace na Gaba & Hanyoyin Bincike

  • Tsaro na IoT & Motoci: Gwajin buɗe ƙofofin mota na tushen NFC, tsarin kunna mara maɓalli, da haɗa na'urorin IoT.
  • Tsaro na Na'urar Kiwon Lafiya: Nazarin na'urorin likita masu amfani da NFC (misali, famfunan insulin, na'urorin lura da marasa lafiya) don raunuka.
  • Haɗawa da Tsarin Fuzzing ta Atomatik: Haɗa tsarin plugin na Python tare da fuzzers kamar AFL++ don gano rauni ta atomatik a cikin tsarin NFC.
  • Shirye-shiryen Rubutun Sirri Bayan Quantum: Yayin da tsarin NFC suka karɓi sabbin ka'idojin ɓoyayyen rubutu, kayan aiki kamar NFCGate za su zama mahimmanci don gwada tsaronsu na ainihin duniya.
  • Daidaituwar Gwajin Maganganun Kariya: NFCGate na iya zama kayan aikin ma'auni don ba da takaddun shaida ga na'urori akan hare-haren mika sako da sauraro.

12. Nassoshi

  1. Klee, S., Roussos, A., Maass, M., & Hollick, M. (2020). NFCGate: Opening the Door for NFC Security Research with a Smartphone-Based Toolkit. arXiv preprint arXiv:2008.03913.
  2. Maass, M., et al. (2015). NFCGate: An NFC Relay Attack Demo. Demo at ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec).
  3. Hancke, G. P., & Kuhn, M. G. (2005). An RFID Distance Bounding Protocol. IEEE International Conference on Security and Privacy for Emerging Areas in Communications (SecureComm).
  4. ISO/IEC 14443. Identification cards -- Contactless integrated circuit cards -- Proximity cards.
  5. Francis, L., et al. (2020). A Survey on NFC and RFID Security. ACM Computing Surveys.
  6. Android Open Source Project. NFC Documentation. Retrieved from source.android.com/docs/core/connect/nfc.