Shulou(Shulou.com)05/31 Report--

What this article shares with you is about how to use NFCGate to conduct NFC security research on Android. The editor thinks it is very practical, so I share it with you. I hope you can get something after reading this article.

NFCGate

NFCGate is a security audit tool for Android applications, which is designed to help researchers capture, analyze and modify NFC traffic on the Android platform. In essence, NFCGate is a security research tool that can help us reverse engineer the protocol, or evaluate and audit the security of the protocol.

It should be noted that the development of this tool is for security research purposes only, please do not use it for malicious purposes.

Function introduction

Capture within the device: capture NFC traffic sent and received by other applications running on the device.

Relay: use a server to relay NFC traffic between two devices. One device runs as a "card reader" to read NFC tags, and the other uses host card emulation (HCE) to emulate NFC tags.

Replay: replays previously captured NFC traffic in Card Reader or Mark mode.

Clone: clone the initial label information (such as ID).

NFC traffic captured by pcapng export, which is readable by Wireshark.

Specific module dependency

NFC support

Android 4.4 + (API Level 19 +)

EdXposed or Xposed, in-device capture, relay label mode, playback label mode and clone mode

ARMv8-An and ARMv7: relay label mode, playback label mode, and clone mode

HCE: relay label mode, playback label mode, and clone mode

Tool download

Researchers can use the following commands to clone the source code of the project locally:

The git clone https://github.com/nfcgate/nfcgate.git tool is built using code

Initialize the submodule:

Git submodule update-init

Next, use Android Studio or Gradle to complete the code build.

Operation mode

For each operation mode, we provide detailed instructions in the doc/mode/ directory within the project:

In-device capture

Relay

Replay

Clone

In-device capture mode

Switch to "Capture Mode" (capture mode) in the navigation bar

Press "Begin Capture" button to start capturing and recording NFC traffic

Switch to the target third-party application

Use the NFC features of third-party applications

Switch back to NFCGate

Press the "Stop Capture" button to stop capturing NFC traffic

The captured NFC traffic can be found in Logging, where we can export it in pcapng file format.

Relay mode

Enter the "Settings" settings interface in the navigation bar

Specify hostname, port, and session

Ensure that the server application is running and accessible over the network

Switch to "Relay Mode" (trunk mode) in the navigation bar

Click "Reader" or "Tag", one device is "Reader mode" and the other is "Tag mode"

After the connection is successfully established, the application will display a green status indicator

The recorded NFC traffic can be seen in Logging and can be used for subsequent analysis.

Playback mode

Switch to "Replay Mode" (playback mode) in the navigation bar

Select the session that needs to be replayed

Click "Reader" or "Tag" to replay the corresponding session traffic

New NFC traffic can be seen in Logging and can be used for subsequent analysis.

Clone mode

Switch to "Clone Mode" (clone mode) in the navigation bar

Scan a label

The phone will clone the tag information.

When read by another Reader, the phone will respond with cloned tag information

Tag information can also be saved and used for subsequent analysis.

Pcapng export

Captured traffic can be exported or imported in pcapng file format, for example, we can also use Wireshark to further analyze the captured NFC traffic.

Code base used

XHook coach

Xposed Bridge

LibNFC-NCI

Protobuf

Android About Page Android Device Names

Android Support library-preference v7 bugfix

Android Room

Android Lifecycle

The above is how to use NFCGate to conduct NFC security research on Android. The editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.