ADI Pushing Cracked 125 kHz Access Control
Security distribution giant ADI commonly promotes access bundles featuring vulnerable and cracked 125 kHz card formats. Even worse, they promote these kits as a 'hot deal' in email blasts:
The most confusing aspect of all is that there is no major cost difference in offering these products despite introducing major security risks.
We examine the situation in this note, explain how easy it is to crack the systems using these cards and look at alternatives.
Hikvision's ******* ****** ***
********* ***** ******** ** * '*** deal' *****'* ******* ***** ** ********* ***'* 2-Door ****** ****** ********* * ***** ********** *** *** (cracked) *** *** '*********' *******:
*** *** **** ** ********* **** 25 ********** ***** *****, ** **** users *** ***** ***** *** ****** immediately **** ** ** *********.
**** ****** *********'* ****** ********** ***** ** *** ******* ********** strengths, ********* '**** ********' ******** **** integrated ***** ****** *** ****** ****** support.
*******, *** *** ***** *********, ******* packaging *** ****** **** ***-********, ********** 125 *** ******* ***** *** ****** up ** **** ******** *****.
ADI's *** *** **** ******
*** ********** ***** *** *** ** boxed ****.
******** *** ********* ***** ********, ******* access ******* ******* **** ******* ***********, enclosures, ********, *** ******* *** * few ***** ** * *****-********* *** licensed ***. *** ******** ** *** these **** ** **** *** ******* furnished **** *** ***, *** **.** MHz, *******.
** ************ *****, *** ***'* ********* from ****:
**** *********:
**** **********:
**** ******:
******:
****** ****** ***:
*** ******* ********:
**** **** *** *** ******* ** just ***** ********, *** ***** *** several ******.
** *** ** ***** *****, ****** more **** ** ****** ******* **** ADI ** ****** ** ******** *** install ***** ********** ****** ********.
Cracked *** *** **** ** ****
*** *** *********** **** **** *********** to ***** *** ***** ********** **** * ******, ********* ****** **** **** * cheap $** ****** *** **** ***** cards ** ****** ************ *** ************ copies ** ****.
*** ***** *****, **** *** **** **** ****** ******* **** **** $30 *** ****** **** ****** ****, **** *** ****** ***** *** how ******* * *** ***-***** ****** system *** ** ******* **********:
ADI ******** ******* ******* ***************
** **** ****** ***** ***, ***#* ******** *********** ** *** **, **** *** ******** ** ******* these ********** ***********, **** ******** ** ****** label ******** ****** ** *** ********* types ***** ***** ******-******* '********* *****' ****:
**********, ***** *** ****** '**** *********, fastest ********' *** **** ******* ************* with **** ***-**** *******, **** ** not **** *** ****** ***** *** security *** ******** *** **** ********** of ***** ********.
Most **** **** **** ****** **.** ***
**** **** *********, *** *** ****** vendors ***** ***** ***** **** ********* ********* **.** *** ********* *********** ****** **********.
***** **** *** ** ***** *********** support******* ***/** **** **** ****** ******, ****** ********* ********* ******* ***** be **** *** ********* ** *** same ****** ** *** ******* *** kHz *****.
***** ***** **.** *** **** ********* reduce *** ***** ** ********** **** types *** **** ******* ********* **** ADI ********* ***** ********, ***** ***** encrypted, ****** ********* ***** *** ******* essentially ********** *** ***** ** *** kHz *******.
****'* **** ********. ** *** ******* with *** ***** ****, *** *'** be **** ** ******* *** ***** of ******* **** ****** **** **.** MHz ** *** **** **** ******* with.
** *** ****, ****'** ************ **** difference *** **** **** ********* ****** consider ******** ** ****** ************* ******* *** *** ****-***** ******* especially ******* *** **** **** ****** present * ****** '****** *********' ** exploit.
** ********, *********** ***** *** ** even *** *** ** ******* **** even *** *** ***********,***** ** ** **' ** **' feet.
********* ** *** **** * *** it, *** ** ***** ***** ** clone *** ** ***** *****.
* ***** ********** *** **** *** same **********. ***** ** ** ****** for **** *** ** ****** *****-********** readers *** *** ****'* * ****** easy **** ** **** ** **** add *** *******. *** *********** ********** are ********** *** ********* ************ *** larger *** ********* ******** **** *****. I **** ******* ********* * ****** range ******* ** *** ****** **** IPVM ****** ** **** ********* *** easy ** ***** ** ** *********. Has ****** *** *** ******* **** showing ******* **** *** ********** **** are?
****** *****'* **** ***** * **** point ** ****** ** ** ********* the ********* *******. **** ** *** ******* mentioned ***** *** ******* ** **** doing ********* ***********. *******, ***** *** a ***** *** *** ** ** I **** ** ****** ** *****, enable ********* ***** ** ******* ****** off, **** ** *** ***, ***. The *** ******* ** **** * rarely **** ****** *** * **** no ******** **** ***** *** ** cards * **** *** ********* ******* are ** *** ***** ***** * need ****.
*** *** ******, * ***'* **** about *** *******. * ** *** a ***** ****** *** ** *** commissioned. **** ** *** ******* ******** credentials ********* ****** *** *** ***** revenue ***** ** * *****-**** ****** doesn't *** *** ***** ** ****. I ** **** **** **, ** security *********, ****** ** ****** ***** reasonable ****** ** ******* *** ******* on ********* *****.
**** **** ********* ******* ****: **'* ADI, ** ****** *********?
*** ****** *** *** ******* **** showing ******* **** *** ********** **** are?
**** **** *****, **. * *****'* had *** **** ** ***** ****. I ** **** ** ******** ** in *** ****** **** * **** get **** ***** ****. * *** success *****. *** *** * ******, but ** ****'* ******* *** ******. I ******* ** ** ** **** once * ********** *** *******. * larger ***** ******* ******** ***** **** 125 *** ** * ***** *******. We *** *** **** **** *** scanner ********** ** ****. ** ****** didn't **** ****** ******* *** **** was ** *** ***** **** ** the ****. **** ** ******, *** installation ******* ******* **** *** ** idea. **** ** ******** **** *** scary *********** * ***'* ******* ****** control.
*** ***** **** *** **** ** a ***** *** ****. * ******* someone's **** **** ***** ********* *** had **** *** ** ** ***** work. ** ****** **** ** *****. Now **** **** ****** ******* *** they *** ***** ***** *** *** for ***** ***********. *** ** ***** security ********* ***** ** *** **** out ** ***** **** **. * told **** ****** ***'* ****** **** wanted ***** ****** ***** ********* ** the *****. * *** *** *** person * **** **** ******** **** what * *** *****. ***** *** no ****** *** ** ***** ***** system *** ******** ******* **** ****** to *** ******* **. **** ******* they ***** *** *****, ****** * don't ***** **** *** ******* * don't ******* ****** *** ****** *** credentials.
* **** ******** **** **** **** as * *******. * ******* ******** pool *** * ***** ********* **** the old ****** *** * ****** ** mass ******* ***** *** ***** *********.
**** ** ** ******* ** ****** control ***** **** *** *********** ******* of ********. * *** **** ** cases ***** *** *** **** **** over *** ***** ********* ** *** controlled **** ** *** **** *** enough.
*** **** ***** ** **** ***** in *** ********** ******* ** ****. If *** *** ***** ***** **** for ***********, ********** *******, **** *** should *** * ***** **** **** makes **** *** ********. **** **** help. ** ********* ** *** ********* on *** ***** ***** *** ** maybe ****** **% ** *** ****. Oh *** * **** **** *** HID ********* ******* *** *** ***** to ** **** ******** ***. **** is **** ***** **** * ****** would ******** *** *** *** ** had * ********* **** *********** *** deluge *** ****** **** ***** ***** other ***. ******** ** *** ** shorted *** *** ******. *** ***** silicone *** ****** ** *** **** but **** ***** *** * ***** looking ******* ***** * ******* **** or ***. * **** *** * customer *** *** *** *** ****** you *** ******* *** **** ** your **** ** ** **** **** the ***** ** **** **** **** the ****** *** ****.
****** *** ************ **** *****. *** company *** **** ********* ********** ********* systems *** **** ** ***** ** solve *** ******* ** ************ *** duplication. ** ****** ***** ******* ** the ******** ** ********** ************. * would ***** ***** *** ** *** customer **** *** ****** ****** *** the **** **** **** **** ********* a ********** ****** ** ** **** the ***** ****** **********. * ********* a ******* ****** * ***** *** and ***** **** **** *** ** is ****. *** **** ***** * would ***** *** ** **** ** identity *****. **** ******* ********** **** access **** **** ****** **** ****** level *** ** *** ***** ***** of *** ******* ******** *** **** of *** ****** ********* *** **** is ***.
****, * *** ****** *** *** confusion ** ******/**********/*********** ********** ******* **** *** ********* *** ****** ** exploit, *** *** *** *** ****** system *** ** ******** **** ** eBay *** ***** $**.
**** **** *** ********** ** ******** 125khz ***** **** ********/********* ** ****** creds. ******* **** **** *****-****** ******* would **** *** ** *** ** difficult ** ********** ******** ** ***** over *** ****** ** **.*****
****** *** *** *******!
* **** ****** ** **** *** Banks *** ***** ********* ********* **** migrated **** **** *********** ** ******** 'Chip & ***' ***** **** *** much **** ********* **** *** ********* types **** ****** ******.
** **** *****, **** ***** (********* anti-spendthrifts) ******* *** ******** ***** *** high *** ****** *** *****.
*** *********** **** ********** ** * typical ********** ****** ****** ** **** smaller. **** **** *** **** ** high ******?
** **** *****, **** ***** (********* anti-spendthrifts) ******* *** ******** ***** *** high *** ****** *** *****.
*** *********** **** ********** ** * typical ********** ****** ****** ** **** smaller. **** **** *** **** ** high ******?
* **** ** ****** ** ** all ******** ** * **** *********** they *********. **** ***** **** ***** comes ** ****:
* *** *** ***** ** ** company ****** ********* ********* ** ** mph. *** **** ************ ***** **. The *** ******* *** ***** **** everyone ******* ******. ***, ****** ** initiate * ******? **** *** ****** of ******** ** *** *****, *, multiply ** *** ******** **** ** failure, *, ******** ** *** ******* out-of-court **********, *. * ***** * times * ****** *. ** * is **** **** *** **** ** a ******, ** ***'* ** ***.
****** **** ********* ** *** *******...
****'* *** ****** **** ***** ******* just ****** * **** ***: *****://***.**********.***/****/**/****-*****-*-****-******/
***** **% ******* ** ****** ***'* version.
*** ******* ******** ** ******** *** can ** ******** *** $** ** 5 *******. *****’* ****** **** *** or ***, *********, **** ** *** feq. *** ** *** ****** ******.
********* ****** **** ***** ****** ************ of *** '** *** ******' ******. 125 *** ******* ** **** **** grievous ******* ** *** ** **** without ********* ************ ** *** *** done ******* **** *********.
**'** *** ********* ******* ** ***, and **** ***** **** ***** ** rectify ***** **********, *** **** ** OSDP ** ****, *** *** **** tags *** ** ******.
****** ** *** ********* ********** ** all *****. ** ******* ** *** this ********** ** *******. ***** ************ - * ***** ******* ************ - and **** ** **** *****, *** launched ***** *-****** ******* * **** ago ********* ****-******* ***********. *** ***** website http://www.impro.net/box.
******* * *** ** **** **** the ********* **** ******* **** *** grant *** ****** **** *** *** these *** *** ********
** ******* **** ***** *** *** credentials *** ******* *********'* ****** *** *********** *******.
**** ****** *** *** ***, *** they *** *********** *** ***'* **** with *** *******-******* ******* ** *** kits *****, *** **** **** **** Impro.
**** ** *** ** *** **** reasons ** ****** ******* **** **** pin. *****’* ****** **** ***** **’** using, **** ** **** ** ******* our ********* ** ***. ** ****** what ********** *** *** * **** can ** ******. **’** ***** ********* are **** **** ******** ** **** up **** ***** **** *** *** when ***** ** **** ** ** coworker. *’* *** **** *** **** + *** ***’* **** ******.
** ** *** *** *** *** of **** + *** ** **** systems. ******* ********* ***** ****+*** **** the *** ** *** ********* ** the **** ** ***, *.*. ******/******** hours: ****. ***** ***** ****+***.
**** ** *** ** *** **** reasons ** ****** ******* **** **** pin.
* **** ******* ***** (** ************) the **** **** **** **.***** ***********. IMO ***-****** ** *** *** ** go. *** **** ** **** ****** the *** *********** *** *** **** stolen ** **** **** ******.
** ** **** ** ** **** the ***** **** **** *** ** to ***** ** ***** *** ********* kits **** ****** *******?
****** **** *** ******* *** *** to ***** ********?
****** **** *** ******* ******* *** to ********?
****** **** *** ******* **** *** to ******* ************?
*** **** ***** ** ** *** on.
**** *** ***** **** **** *** is ** ***** ** ***** *** promoting **** **** ****** *******?
***, **** ** *** *****.
*** *** ******* ***** ***** **** their ***** ********** ****** **** **** fixed, ** ***** *** *** ******** known ****.
** *** ********, *** *** ************* has *** **** *****. ********** *** would *** ******** ** **** ** IP ****** **** * ******** ***** backdoor, ***/**? ** **, *** ***** they ******** ** **** ** ****** control ********** **** ** ******* *** unfix(able)?
** ***** ******* ** *** **** to ** ******* **.
*** *** *** ******** *** ***** on ***?
** * ******** *********, *** ********* several ******** ** *** *** ***** security ******, *** ******* ******** ** how *** *** ******* *** ***** on ****. ***** **** *** *** criticize *** *** ******* * ****** product. *** *** *****?
* ** **** *** *** **** a **** ** ****** ***** ****. Do *** **** *** **** ** is ** ****** * ************ ******? Shine * ***** **** **, **** a ****, **** ** **** ****** and ***** **, ***. **** **** mean ** *******'* **** *******?
** * **** *** ** ****** if ******* *** *** ***** ******. For ****, **'* *** **** *******.
** ** ******, ** ***** * small **** **** ******* *******. *** front **** ** * ****** ****, and *** ***** *** **** ****** have *** * *** **** *** years. **** ** ****** *** ** the ******** *****. *** ** * install ** ****** ******* ****** **** 125MHz *******, *** ****** ***** ***** they ***** *** ********** ** * tenant, ** * ***** ***?
*** **** ****** *** ***'* *** write ** ******* ******* ***, **** and *** *** ***** **** ************* for **** ****** * ****** ******...
*** **** ****** *** ***'* *** write ** ******* ******* ***, **** and *** *** ***** **** ************* for **** ****** * ****** ******...
****, *** **************** ** ******** ******** ** ** **** **** ** “why ***’* *** ***** *** **** office *** ********* ****** ******* *** delivery”
***, **** ********, ******.
** *** **** *** **** ** is ** ****** * ************ ******? Shine * ***** **** **, **** * mask
*** *** ***** **** ***** ** it ***** **** *** ******. *** can ******* **** ****** ** ** drops **** * ****. *** *** blow ** **** ************ ****** ** you ***** ** **** * ******.
*** ******** **** **, **** ******** of * ******* ****** * ************ and ****** ** *********** ***?
*** ********** ******* ******** *** *** cards *** *** ******** ** **** gave ** **** *** ****** ** a ****** ** **** *** ************ and ******* ** *** ******** / seller. *** *** *********** **** ******** (originally) ** ** ******. ** ** now *********. *******, **** *** ************ and ******* ******** ** **** ** without ****** ** *** ****** **** warning ** *** ******.
*** **** ****** *** ***'* *** write ** ******* ******* ***, **** and *** *** ***** **** ************* for **** ****** * ****** ******...
**** *****. *** ** ****.
**** ** *** *****? ** *** think *** ** **. ****** ******** to **** ******* *** *** *****?
* ***** **** **** ********** ***** be ****. * ***** ***** **** be * *** *** *** *****, as *** ******* ******** ** ** to **.**.
* ******* *** **** ** **** is **** ***. ** * ** to * ******, ***** **** ******** be ** ***** ********* ** **** is *** ********, *** **** **** about ****, * ***** **** **** do ********. * ***** *** ** it. ****** ****** ** *** **** an ********* ********* *** **** ****** *******.
*** ** ********** ****** **** * school, *************/************ ******** *** *** **** bigger ********.
****** **** ***** ** *******? ****. Maybe **** *** ************'* ************** **** only ** **** ** ****** ********, and *** *** *** ********.
** ********** *** *** **** ******* in: ***: **** ******* ******* *** *** Credentials
**** ****** / ******. *** ****-**************.
* *** **** ** ******* *** client ********* *** *** ****. ** is *****.
**'** ***** ***** **** ***** ******* an ******* ***** ** ****** ******* at *** (*** ***** ** **********) who ***** * ******* **** **** 10 ***** ***. ** **** **** transitioning **** **** ****** *** ******* years. *** **** *** **** ************ is ********** ** *** **** ** only ***** ***** **** ******. ** existing ******* ** **** ******** **** and **** *** ************* ** **** out ** **** ******* *** ******* or ** ***** ******. ** *** change *** *** ******* ** *** multiclass *** *** ******* ***** ******* while ******* **.** *********** ** ******** new.
** **** ****** **********, ***** ****** but ** **** ***** *** ****** will ** *******. * ******** **** Wiegand ***** ***** **** *** ******** and *** **** ** ***** *** still ***** ****? * ***** ******** for ** ** ****** *** **** is * *** *******, ********** ** Toronto. ** ******** ** ****** ******* over *** *** ****** ** ********** there **** **** ******* ** ****** renting *** *** ********'* ***** ****** on *** *** *** ******* "******* club ***********" ***** ****** *** *** credentials.
* ***** **** ********* *** *** are ***** * *** *** ***** for ******** *** ** ******* ** the **** *** *** ** ** advise **** ******* *** **** ***************. If **** ***'*/***'* **** **** ****** then ** ** **.
** *** ******* *** *** ******* insecure ******** * ***** ****'* * bit ** * *****. **** **** boxes ** **** *****. *** ******** are ***** *** **'* ** ** the ****** ****** *** ******* ** understand *** *******'* *********** *** ** determine ** **'* *********** *** *** application. ** **** ** *** *** experience *** ********* ** ** **** to ** *** ***** ***** *** the ********. ********* *** *********** ** do **** ** ***********, *** ** my ****, ***********. *** ***** ** the ***** (****, ****** *** *****) not ****** *********. *** ************ ****** have ********* ********* ** ****** *** install *** ****** ** ********** **** the ********'* ************. *** **** *** "professionals"?
******: **** ******* *** **** ***** to *** *** **********:*** ************ ****** **** ********* ********* To ****** *** ******* *** ****** In ********** **** *** ********'* ************. Are **** *** "*************"?
* **** *** **** ********* *** could **** **** ***** *** ************* of * ********** **** ** ****. You *** *** ******** **** **** should ******* ** * **** ****** product *** **** ***** **** *** they ****** ***'* ****. *** *** drawback ******* ******* ** ****** *** due ** *** ******* **** ***** of *** **.** *** ********** ******** to *** *** ******. * ****** push *** ********* ** ****** *** to ***** **** ******* *** *********** but **** **** ***'* ****. ********* on *** **** * *** **, who ** ***** ***** ** ***** one ** ***** *****.