DefCamp 2012
Adrian Furtunǎ, PhD, CEH
(adif2k8@gmail.com)

About me
 PhD in information security, CEH
 Penetration tester at KPMG Romania
 Web apps
 Infrastructure
 Mobile apps
 Source code reviews
 + some other annoying stuff
 Always like to prove my point…
2

What is this all about?
The FUN part
3

What is this all about?
4

Our subject(s)
5

Our subject(s)
 Digipass = security token
 Disconnected, display, keypad
 Used for:
 User authentication (2nd factor) - OTP
 Transaction signing (e.g. Internet Banking)
 Vendors: Vasco, CryptoCard, RSA, etc
6

What is this all about? (still the fun part)
 A machine that simulates human behavior when using a digipass
Brains Neurons Muscles Eyes
• Command the machine
• Keep track of the logic • Transport the signal from • Push when powered on • Provide images for
state the brain to muscles the brain
• Select the desired muscles • Release when powered
and send the necessary • Give the muscles the off • Tell the brain what
signals necessary power/energy to is happening outside
• Read an image from the action
eyes
• Interpret the image and
make the next move
7

OK… But why?
Motivation
8

The profit part
 Remember the old rounding attacks against Internet Banking apps?
 When working with two decimals most banks do the rounding to the
closest value
 8.3478 EUR ~= 8.35 EUR
 8.3436 EUR ~= 8.34 EUR
max profit = 0.005 EUR
 About rounding attacks:
 “Assymetric Currency Rounding” by M'Raïhi, Naccache and Tunstall of
Gemalto – 2001 - http://tinyurl.com/d5akdkk
 “Is Your Online Bank Vulnerable To Currency Rounding Attacks?”, Mitja
Kolsek of ACROSSecurity - 2012 – http://tinyurl.com/6wpg7ew
9

Rounding in currency exchange (1)
 Use the Internet Banking application to transfer money between your own
accounts (e.g. RON -> EUR)
RON EUR EUR Exchange rate
(rounded) (RON / EUR rounded)
4.40 1 1.00 4.40 Official
2 0.4545 0.45 4.44
1 0.2272 0.23 4.34
0.5 0.1136 0.11 4.54
0.05 0.0113 0.01 5
0.03 0.0068 0.01 3
0.023 0.0052 0.01 2.3 The best
0.02 0.0045 0.00 not good
100 * (0.023 RON -> 0.01 EUR) => 2.3 RON = 1 EUR
10

Rounding in currency exchange (2)
11

The Bank said…
 Known issue but we have the digipass to protects us:
1. User initiates currency exchange in IB application
2. Application sends challenge code to user
3. User inputs code into digipass
4. User reads digipass response
5. User sends the response to IB application
6. Application finalizes the transaction
12

The Bank said…
 Known issue but we have the digipass to protects us:
1. User initiates currency exchange in IB application Now automated!
2. Application sends challenge code to user
3. User inputs code into digipass
4. User reads digipass response
5. User sends the response to IB application
6. Application finalizes the transaction
We can make lots of transactions automatically
13

How much?
C1 = minimum amount of currency 1 (e.g. 0.023 RON)
C2 = minimum amount of currency 2 (e.g. 0.01 EUR)
Ex_b = exchange rate for buying C2 with microtransactions (e.g. 2.3). Ex_b = C1 / C2
Ex_s = exchange rate for selling C2 (e.g. 4.4) – real exchange rate – fixed by the Bank
Ex_b Ex_s
x RON y EUR z RON
 z = y * Ex_s = (x / Ex_b) * Ex_s = x * (Ex_s / Ex_b)
 multiplication rate = Ex_s / Ex_b
 transactions required = x / C1
Currency 1 Multiplication Initial Final Gain Transactions
rate amount (x) amount (y) required
RON 4.4 / 2.3 = 1.9 100 RON 190 RON 90 RON ~ 20 EUR 100 / 0.023 = 4347
14

How the Banks should protect themselves
 Limit the number of transactions that can be
performed in a given time
 Limit the minimum currency amount that can be
exchanged in a transaction
 Monitor for suspicious transactions (very small
amounts)
 State in the contract that such transactions are
illegal
 Introduce a small fee for currency exchange
operations (e.g. 0.01 EUR)
15

Behind the curtains…
Back to the FUN part
16

External vs Internal instrumentation
 Internal instrumentation (direct electrical connections):
 Pros:
 more reliable and faster
 almost error free
 Cons:
 might not be always possible – some digipasses
deactivate if opened
 must know the pinout of LCD screen (lots of pins!)
 sensitive soldering required
 mistakes can lead to deactivation
 External instrumentation:
 Pros:
 No interference with digipass’s internals
 Can be applied to any digipass model
 Cons:
 Pretty slow (but good for the “low and slow” approach)
 Some (mechanics) errors occur on pressing buttons (resolvable by a more
professional construction)
 OCR process needs special (lightning) conditions to produce correct results 17

Electric diagram
D3 D2 D1 D0 Sx Digipass
key
0001 S1 0
0010 S2 1
0011 S3 2
0100 S4 3
0101 S5 4
0110 S6 5
0111 S7 6
1000 S8 7
1001 S9 8
1010 S10 9
1011 S11 =
1100 S12 S
1101 S13 ON/OFF
18

Optical Character Recognition
Original Cleared Blurred Threshold applied OCR-ized
background gocr / ocrad
7169309
-_16g309
1757450
1_5_G50
043i __ i_ì
OG3i _i_i
9a__641 4
9__6G1G
19

Current performance
 10 transactions / minute (6 seconds / transaction)
 max 21600 transactions / day
 enter PIN, type challenge code, read response image, do OCR
 Our previous example:
 100 RON  190 RON (gain ~20 EUR)
=> 4347 transactions * 6 sec/trans = 26082 sec = 7h:14m:42 s
 Maximum amount to multiply per day:
 21600 * 0.023 RON = 496.8 RON => final: 943.9 RON
 gain 447 RON ~= 101 EUR/day
Money making machine? 
20

Photo gallery
21

The first POC
22

Development stages (1)
23

Development stages (2)
24

Development stages (3)
25

Development stages (4)
26

Final version - back
27

Final version - front
28

Demo
29

Thank you!
QUESTIONS ?
Adrian Furtunǎ, PhD, CEH
adif2k8@gmail.com
http://pentest-tools.com
30