Sunday, September 5, 2010

Web Laundry (In)Security

Disclaimer: This article is for informational purposes only. The author shall not be liable for any misuse or misconduct resulting from the use of the information provided within.


My apartment building recently switched from coin-op laundry machines to a stored value system using smartcards. The way it works is they have a central dispensing machine that you can use to purchase a card as well as fill up existing cards using a credit card. Each washer/dryer then has a reader interface that will decrement the stored value after starting the machine.

Being the curious type I stuck the card into my smartcard reader to see what chip they were using. A quick google search of the ATR revealed it was a member of the Atmel CryptoMemory family, AT88SC0404C. After pulling the datasheet from Atmel. I began exploring the security mechanisms they had in place.

Before I go any further I should explain that the remaining portion of this article doesn't explain an attack on the Atmel CryptoMemory parts in any way. If that is what you're after I recommend reading Tarnovsky's blog or an attack on the CryptoMemory algorithm here. With that out of the way let's forge on.

After reading through the datasheet I found that this card had a configuration page and 4 user-pages each consisting of 128bytes. I dumped the config using the following APDU. 

After spending some time hand parsing the response I came up with this config.
By looking at the above we can pick out a few things. First of all the 0x27 fill is probably a security measure because we haven't authenticated in any way. Secondly, bit 4 of the DCR byte tells us that we only have 4 attempts to verify any of the eight passwords before we're locked out. Also, by looking at AR registers [0,3] we can see that all user pages do not require a password but they do require authentication. Here is another interesting tidbit from the datasheet:


Seems simple enough, verify the write 7 password, program the configuration, then blow a one time programmable fuse to prevent anyone from changing the data. So, let's read the fuse byte!


This is where things start to fall apart. According to the datasheet a fuse byte of 0x27 means only the SEC bit is blown which is done by Atmel during manufacturing to lock the lot code. With the proper write 7 password we can change the configuration (HINT: maybe removing the authentication enable bits from AR bytes?)

Ok, now we just need to guess the write 7 password. The password is 24 bits... That gives us 16,777,216 attempts to brute force it. At 4 attempts per card that will take 4,194,304 cards or 2,097,152 cards on average... There must be an easier way... My next idea was to sniff the traffic between the reader and card to get an idea of what kind of data is being passed back and forth, then after wading through the paper above, implement the algorithm to crack the cipher itself. Then I found this little diddy in the datasheet:
.
                    
Surely you would think the engineer(s) implementing this weren't negligent enough to leave the default password... you would be wrong.























Now that we can read/write the config page all we have to do is set AR bits 4-7 to disable the password and authentication check then we can dump the user pages. I found a few things by dumping the user pages. Page 0 contains some string constants and doesn't look to be related to the stored value in any way. Page 1 looks to have all the goodies. By dumping the card before and after use I can see the bytes that change. There appears to be a sequence of 36 bytes that differ between dumps starting at 0x5c. There is also a 1 byte counter that increments by 1 as the stored value is decremented. I've yet to decode how the stored value is encoded on the card so I'll leave that as an exercise for the reader.

At this point an attacker could fill up the card and dump the contents. Then after using the card until there is no value left they could restore the dump rather than paying to refill the card. I don't want to promote fraud (or get sued) so I will not provide dumps of the user pages. Below is a proof of concept video to prove how easily it can be done.

I wrote the application below in C# to assist in working with  the Atmel CryptoMemory line. Although I've only tested it on a AT88SC0404C it should work with any chipset in the family. The software provides the ability to dump the config to the terminal, read the fuse byte, and backup and restore the entire card including the config and user pages. Be warned! Since the fuse byte is completely unlocked all fields in the config page are writable. Even the ATR! On a few occasions I overwrote the ATR to all zeros accidentally (due to a bug in the application.) This caused the cards to respond with all zero ATRs which broke ISO-7816-3 compliance so they no longer work in my reader. It may be possible to recover them using the synchronous 2-wire serial interface but I haven't tried yet. The software should work with any compatible PC/SC reader.



Web Laundry claims 40,000 installations on there website. I can only assume that there are millions of cards in service with the same configuration. I'm unsure why they would pay ~$1.05/pc (qty 5k) for a part that has moderate security measures but then leave the default password set when you could buy an SLE4442 for $0.39/pc (qty 10k). Furthermore, the cost to change the password is effectively nothing since they are writing the ID (+0x19) bytes when they dispense the card from the machine. I can only imagine it was the marketing department that came up with the slogan on the card: "Unmatched Security and Cutting Edge Technology".


video


THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

AtmelCrypto.zip

This software is provided free of charge under the creative commons license. If you find this software useful please consider making a secure donation using the link to the right to support future research.

44 comments:

  1. That's a nice piece of work :)
    But tell a newbie one thing, how do you manage to find which chip it was using?
    What kind of software do you use to explore the card? ToolSet Pro ???
    Thanks.
    Keep up the good work.

    ReplyDelete
  2. Out of curiosity, how would one run the software that you had posted yesterday?

    ReplyDelete
  3. So does the fuse byte "blow" the fuse when set to something, or is it merely an indicator of whether the fuse has been physically blown?

    ReplyDelete
  4. Don't answer my first post.
    RTFM I know :D
    Is this the right APDU command?
    80 C0 02 A4 0D Chip Inf | GEMPLUS MPCOS-EMV | Get Info
    ? thnx

    @mad engineer: Compile, download visual C# Studio Express 2010 <- NOT 2008, it will give errors

    ReplyDelete
  5. @YaBa - Yeah I used Toolset pro to do the initial analysis and proof of concept. After sticking the card in the reader scard toolset pro will show the ATR, 3b b2 11 00 10 80 00 04. Googled that to get the family (Atmel CryptoMem) then pulled the datasheet.

    @haywire - The fuse byte can both be read or written. When writing it (1->0) it will blow and cannot effectively be reversed. I recommend the tarnovsky blog link above. He was able to reset the fuse (0->1) by decapping and using UV light (on another chipset in this family).

    @mad - YaBa is right, i used c# vs express 2010.

    ReplyDelete
  6. Can you publish an executable version also?

    ReplyDelete
  7. This might help some people:
    smartcard-atr.appspot.com
    Given the ATR, it will help to identify the card.

    ReplyDelete
  8. @troll - I won't publish the binary for liability reasons. I'm currently trying to figure out if I can safely publish the source which is why I took it down. This is all new to me :) You shouldn't have any trouble compiling in visual studio express 2010 though.

    ReplyDelete
  9. Hans Viksler Can i get the source please? thanks

    ReplyDelete
  10. Added the source back by popular demand :)

    ReplyDelete
  11. @Hans
    You can't just give the candy and then take it back :D lol ;)

    ReplyDelete
  12. /* Look for smartcard reader */
    string[] readers = iCard.ListReaders();

    "Exception was unhandled: SCardEstablishContext error: -2146435043"

    If you are going to release the source make sure it compiles as is first.

    ReplyDelete
  13. @markermanx5 - It does compile, that is a run-time error. Is your reader plugged in and PC/SC compatible? Please read the blob above about NO expressed or implied warranties. In other words, no support :) However, if you want to provide better error handling I'd be happy to pick up the changes and re-post?

    ReplyDelete
  14. Some people never learn...
    U get this for free, and still complain?!?! duh

    @Hans, are you familiar with Bus Pirate!? It can read those kind of cards too, among other stuff.

    ReplyDelete
  15. @YaBa - Yeah, I own a bus pirate. I've used it to read the synchronous memory cards like the stored value card from fedex/kinkos. I haven't tried reading this card in sync mode though.

    Also, I found an old card that was originally sent from Web Laundry when they installed it and it was properly locked down with the fuse set to 0x20. Seems like it is just the cards stocked in this machine that aren't properly configured.

    ReplyDelete
  16. @Hans - I need your help, i've spent the last 2 hours looking for the technical specs of Gemplus GemClub Memo card.
    I just know a few APDU commands. I would like to learn more about this type of card.
    Any help would be great.
    (Note: The card is in user mode, I don't know how to auth)
    I'm considering in buying a season 2 interface to study, but some PDF would really be great.
    Thanks in advance.

    ReplyDelete
  17. I'm getting an odd error.

    I've got a computer with a "Broadcom Corp Contacted SmartCard reader". I can read the config. When I try to backup, I get "SCardTransmit error: -2146435025".

    ReplyDelete
  18. @YaBa - http://jwamicha.files.wordpress.com/2010/09/gemclubmemo.pdf

    Hope this helps! Have you found a nice season 2 interface? I was looking for one some time back but couldn't find what I wanted. Ideally I'd like a board with a passthrough to a card slot with a pic micro attached to the CLK RST DAT lines to sniff traffic as well as drive the lines (if there is no card inserted). From what I've seen it sounds like I'll need to roll my own...

    ReplyDelete
  19. @dividebyzerowned - Step through each APDU sent using visual studio express. By looking at the return code from the card you can get a good idea of what might be failing.

    ReplyDelete
  20. @Hans: Thanks a lot, but, I insisted on Google, and found a DocStoc version. And then, asked on that blog about the file, the author posted it today. But hey, I really apreciate your help and work.
    Regarding Season 2, i'm still looking around in sat foruns and shops (electronicasuiza.com might help).
    However... my "tests" card is now almost dead, i've locked CSC0, CSC1 and CSC2 :| :| :|
    Can read it, but nothing else.
    Can it be unlocked with some mumbo jumbo magic code? or is it trashed forever?
    thnx

    ReplyDelete
  21. @Hans

    The controller for the card reader I'm using is actually integrated into this computer's TPM; apparently it's not fully PC/SC compliant.

    Reading the config is fine, but the data pages are 128-byte strings of null bytes.

    ReplyDelete
  22. My card has all four fuses blown (security byte 0x20). Wondering if you could help me understand the authentication process and how does one compute the challenge and get a good verify crypto command going? If it isn't possible and its just a fancy name for a password please tell me... I've been trying to understand ATMEL's idea of authentication, but cannot seem to get a good grasp on it.

    Thanks in advance!

    ReplyDelete
  23. This comment has been removed by the author.

    ReplyDelete
  24. So i have the problem of always getting SW=6E00 (command class is not supported). I get it with your application as well as my c# ports of SMACADU and my APDU scanner. Now matter what value I use for the class I always get the same SW=6E00 response. Have any of you ran into this problem or any ideas on something I may be over looking?

    ReplyDelete
  25. The fill byte (for bytes not allowed to be accessed) equals the fuse byte. So as soon as you see a $27 as the fill byte, you know your fuse is good to go. ;)

    ReplyDelete
  26. Well I have a problem. When I use gscriptor default password is working fine. But when I use your program it gives me "Access Denied" Ans Fuse shows "20"
    Any help?

    ReplyDelete
  27. If somebody has a working HexDump of Web laundry card could you send it to kolob at ukr.net
    Thanks a lot

    ReplyDelete
  28. My card looks same as yours but ATR revealed it's a Gemplus GemClub Memo.

    I compile your app but it won't select the card; has an error Failed to get ATR: SW=6D00. I read the PDF specs on my card, but it's like Greek to me. I even got the ToolSet pro demo. Am I supposed to do a scan to get the hex values? Kinda hard with a demo version. I'm trying to see if they left the default password and fuse unblown like yours.

    And then would I modify your AtmelCryptoMem.cs file for my card?

    I'm so lost... yet I feel I'm walking down the right path. It would probably help if I had basic knowledge of smart card technology.

    ReplyDelete
    Replies
    1. Hey, just curious. Did you ever find a solution to this? I have the same type of card and am trying to see if I can accomplish this.

      Delete
  29. what is the program you used?

    ReplyDelete
  30. @Hans Viksler

    Hi!
    Why don't you blow only the FAB and CMA fuses so you won't overwrite the ATR and FAB configuration?

    Thanks for this article

    ReplyDelete
  31. I am getting this error..

    SCardConnect error: -2146434970

    ReplyDelete
  32. When I compile and try to install, it keeps throwing errors on Windows. It compiles fine without errors, and installs fine as well, but will not run for the life of me. I've tried on Windows 7 64 and XP 32 with no luck. Using Visual C# 2010. If anyone is willing to share the executable please contact me runfrugal at gmail.com

    ReplyDelete
  33. @Hans, awesome work on this and thanks for the utility.

    Like a few others, I have multiple cards and they all have a fuse state of 0x20 (totally blown).

    I've found a company where I can buy a few SCs with the exact same chipset and I'm wondering what your thoughts are on finding a dump of a card and loading it onto one of these empty cards. Do you see any problems with this working? The idea is to build-a-card that I can start playing around with.

    If so and you're not too busy, would you mind sending me one of your dumps?

    Thanks for your time!

    ReplyDelete
  34. Has anyone been able to get this software to work with a fuse of 20?

    I'm getting an 'Access denied'.

    kevincfunk at gmail

    ReplyDelete
  35. @Kevin, after sending that message a few months back I messed around with it but never got anywhere.

    Lately I've been trying to find / buy someone's older card with the unblown fuse (all the new ones at my complex are blown).

    If you make any headway hit me up-- I think we're in the same boat.

    knksmith57 [at] gmail

    ReplyDelete
  36. It compiles with success only on winxp 32 bits visual C# express 2010 and the compile version works in all platforms .

    The question is : how you have to deal with the non-iso compliant C8 pin ?

    ReplyDelete
  37. could readd the compiled exe again

    ReplyDelete
  38. anyone know anything about the smart city coinamatic smart card systems?

    ReplyDelete
  39. i think i see the problem that im facing. i see that the program uses GEMCARD info. i have been using a normal iso programmer 3.68 i guess that will not work and i need to get a programmer like the ones in the video ?

    ReplyDelete
  40. Excellent post! I must thank you for this informative read. I hope you will post again soon.Laundry Machine Manufacturers In Hyderabad

    ReplyDelete