This repository provides code for interception of smartcard application protocol data unit (APDU) commands by listening and responding to messages received by a virtual smartcard driver. It shows the hexadecimal traces in a hexdump format, logs them, colour-codes the APDU fields, prints the descriptions for the detected inter-industry commands and responses, and provides a hook to manipulate them.
It depends on the Virtual Smart Card library.
To collect APDU traces make sure the smartcard is inserted, pcscd is running, smartcard can be found in pcsc_scan.
Then execute intercept.py using Python interpreter and use OpenSC, GnuPG, or your vendor's smartcard tools to
perform operations on the smartcard.
To perform MITM attack, the method respond_to_message in a class inherited from InterceptAttack
is the point where the attacker can issue commands and manipulate responses.
Virtual smartcard OS'es available using parameter --os:
RelayOSthat relays messages to another smartcard reader specified by--reader.GemaltoOSproviding valid responses to authentication commands issued by Gemaltolibgclib.so/libgck2015x.soCryptoki libraries emulating Gemalto IDClassic 340.
Attack logic available using parameter --attack:
InterceptAttackthat just prints the sniffed APDU traces to stdout andlogs/date-time.log.GemaltoMITMAttackthat calculates parameters of secure messaging agreed between library and card.YubikeyMITMAttackthat intercepts GENERATE ASYMMETRIC KEY PAIR, puts the attackers private key on card, and returns corresponding public key.
The ISO inter-industry command/response descriptions are taken from the apdu-parser project.