{"guid":"7ee42591-4f4d-481d-884b-44f5e18e1803","title":"In Soviet Russia Smart Card Hacks You","subtitle":null,"slug":"35c3-9346-in_soviet_russia_smart_card_hacks_you","link":"https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9346.html","description":"The classic spy movie hacking sequence: The spy inserts a magic smart card provided by the agency technicians into the enemy's computer, … the screen unlocks … What we all laughed about is possible!\n\nSmartcards are secure and trustworthy. This is the idea smart card driver developers have in mind when developing drivers and smart card software. The work presented in this talk not only challenges, but crushes this assumption by attacking drivers using malicious smart cards.\n\nWe will present a fuzzing framework for *nix and Windows along with some interesting bugs found by auditing and fuzzing smart card drivers and middleware. Among them classic stack and heap buffer overflows, double frees, but also a replay attack against smart card authentication.\n\nSince smart cards are used in the authentication process, a lot of vulnerabilities can be triggered by an unauthenticated user, in code running with high privileges. During the author's research, bugs were discovered in OpenSC (EPass, PIV, OpenPGP, CAC, Cryptoflex …), YubiKey drivers, pam_p11, pam_pkc11, Apple's smartcard-services and others.","original_language":"eng","persons":["Eric Sesterhenn"],"tags":["35c3","9346","Security"],"view_count":2069,"promoted":false,"date":"2018-12-29T00:00:00.000+01:00","release_date":"2018-12-30T01:00:00.000+01:00","updated_at":"2026-03-26T12:45:07.803+01:00","length":2295,"duration":2295,"thumb_url":"https://static.media.ccc.de/media/congress/2018/9346-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2018/9346-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2018/9346-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2018/9346-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/35c3-9346-in_soviet_russia_smart_card_hacks_you","url":"https://api.media.ccc.de/public/events/7ee42591-4f4d-481d-884b-44f5e18e1803","conference_title":"35C3: Refreshing Memories","conference_url":"https://api.media.ccc.de/public/conferences/35c3","related":[{"event_id":6409,"event_guid":"a42e5a4f-fd9b-4571-bf17-483978afecb3","weight":49},{"event_id":6411,"event_guid":"42650545-4394-4455-a5f5-9efad111fedc","weight":73},{"event_id":6474,"event_guid":"f58a2b6d-bde0-483b-a8db-043ea9371cb6","weight":56},{"event_id":6482,"event_guid":"86b96f3f-a6b5-49c0-a189-69912c016916","weight":50},{"event_id":6500,"event_guid":"064a7014-a88c-462a-b06f-7d6de62d622f","weight":44},{"event_id":6503,"event_guid":"d0d6d058-f117-4ccb-ba6a-c41d9290a287","weight":48},{"event_id":6512,"event_guid":"25c54ce3-598c-42ee-8832-52fe9deae7ad","weight":63},{"event_id":6519,"event_guid":"5a8097ad-15c2-492e-8bc4-6b634fd8e963","weight":64},{"event_id":6523,"event_guid":"240fe8a1-ee33-4f07-88d0-34b8bb04db71","weight":109},{"event_id":6525,"event_guid":"955e9c12-cd90-4f48-88f0-b879269a5421","weight":45},{"event_id":6532,"event_guid":"94447a62-a3ba-4f6d-a3b7-b5318a954651","weight":15},{"event_id":6535,"event_guid":"a875f05c-5eeb-4478-9e6f-863fc52b8868","weight":24},{"event_id":6543,"event_guid":"48ed6dea-e67d-4866-8c35-318e9d892363","weight":79},{"event_id":6545,"event_guid":"400622c5-3754-43fd-aaf3-0ca00e9ad551","weight":34},{"event_id":6547,"event_guid":"089b7fec-3ee1-493c-9b90-782c0514ffb4","weight":47},{"event_id":6551,"event_guid":"3a571c21-31ed-453b-886d-7dea7b5751cd","weight":70},{"event_id":6552,"event_guid":"84be4017-78a0-444b-8b6f-5a14089bb0f7","weight":42},{"event_id":6574,"event_guid":"54c671a2-1803-4085-a923-a875ca11723a","weight":55},{"event_id":6575,"event_guid":"07f5d97a-161c-4435-abad-6ef08107df15","weight":49},{"event_id":6586,"event_guid":"362172c1-b637-48e8-ae2a-1fa40391b160","weight":57},{"event_id":6593,"event_guid":"c293b397-9fad-45ff-9ffe-716503c6c095","weight":46},{"event_id":6598,"event_guid":"8bd222ad-34a7-468a-9e83-11767dcfa809","weight":60},{"event_id":6603,"event_guid":"ea00d1e0-a580-415f-a8cf-f02883d939dc","weight":109},{"event_id":6607,"event_guid":"52ce1398-fa9b-4bd3-aa9e-6a49a764ac2c","weight":45},{"event_id":6611,"event_guid":"b1b28bd0-5279-4950-8385-9ee8a57187f9","weight":100},{"event_id":6612,"event_guid":"5b7f01a6-f762-4c28-961c-7f6ab2f70fb4","weight":65}],"recordings":[{"size":null,"length":null,"mime_type":"application/x-subrip","language":"eng","filename":"DRAFT_35c3-9346-eng-deu-fra-In_Soviet_Russia_Smart_Card_Hacks_You.en_DRAFT.srt","state":"todo","folder":"","high_quality":true,"width":null,"height":null,"updated_at":"2024-02-18T16:51:07.680+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/DRAFT_35c3-9346-eng-deu-fra-In_Soviet_Russia_Smart_Card_Hacks_You.en_DRAFT.srt","url":"https://api.media.ccc.de/public/recordings/69682","event_url":"https://api.media.ccc.de/public/events/7ee42591-4f4d-481d-884b-44f5e18e1803","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":208,"length":2295,"mime_type":"video/mp4","language":"eng","filename":"35c3-9346-eng-In_Soviet_Russia_Smart_Card_Hacks_You.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2018-12-30T16:55:58.255+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/h264-hd/35c3-9346-eng-In_Soviet_Russia_Smart_Card_Hacks_You.mp4","url":"https://api.media.ccc.de/public/recordings/32429","event_url":"https://api.media.ccc.de/public/events/7ee42591-4f4d-481d-884b-44f5e18e1803","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":208,"length":2295,"mime_type":"video/mp4","language":"deu","filename":"35c3-9346-deu-In_Soviet_Russia_Smart_Card_Hacks_You.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2018-12-30T16:56:06.667+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/h264-hd/35c3-9346-deu-In_Soviet_Russia_Smart_Card_Hacks_You.mp4","url":"https://api.media.ccc.de/public/recordings/32430","event_url":"https://api.media.ccc.de/public/events/7ee42591-4f4d-481d-884b-44f5e18e1803","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":208,"length":2295,"mime_type":"video/mp4","language":"fra","filename":"35c3-9346-fra-In_Soviet_Russia_Smart_Card_Hacks_You.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2018-12-30T16:56:15.141+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/h264-hd/35c3-9346-fra-In_Soviet_Russia_Smart_Card_Hacks_You.mp4","url":"https://api.media.ccc.de/public/recordings/32431","event_url":"https://api.media.ccc.de/public/events/7ee42591-4f4d-481d-884b-44f5e18e1803","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":322,"length":2295,"mime_type":"video/mp4","language":"eng-deu-fra","filename":"35c3-9346-eng-deu-fra-In_Soviet_Russia_Smart_Card_Hacks_You_hd.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2018-12-30T16:56:24.895+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/h264-hd/35c3-9346-eng-deu-fra-In_Soviet_Russia_Smart_Card_Hacks_You_hd.mp4","url":"https://api.media.ccc.de/public/recordings/32432","event_url":"https://api.media.ccc.de/public/events/7ee42591-4f4d-481d-884b-44f5e18e1803","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":158,"length":2295,"mime_type":"video/mp4","language":"eng-deu-fra","filename":"35c3-9346-eng-deu-fra-In_Soviet_Russia_Smart_Card_Hacks_You_sd.mp4","state":"new","folder":"h264-sd","high_quality":false,"width":720,"height":576,"updated_at":"2018-12-30T17:06:33.394+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/h264-sd/35c3-9346-eng-deu-fra-In_Soviet_Russia_Smart_Card_Hacks_You_sd.mp4","url":"https://api.media.ccc.de/public/recordings/32436","event_url":"https://api.media.ccc.de/public/events/7ee42591-4f4d-481d-884b-44f5e18e1803","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":149,"length":2295,"mime_type":"video/mp4","language":"eng-deu-fra","filename":"35c3-9346-eng-deu-fra-In_Soviet_Russia_Smart_Card_Hacks_You_hd-slides.mp4","state":"new","folder":"slides-h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2018-12-30T17:07:09.307+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/slides-h264-hd/35c3-9346-eng-deu-fra-In_Soviet_Russia_Smart_Card_Hacks_You_hd-slides.mp4","url":"https://api.media.ccc.de/public/recordings/32437","event_url":"https://api.media.ccc.de/public/events/7ee42591-4f4d-481d-884b-44f5e18e1803","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":23,"length":2295,"mime_type":"audio/opus","language":"eng","filename":"35c3-9346-eng-In_Soviet_Russia_Smart_Card_Hacks_You_opus.opus","state":"new","folder":"opus","high_quality":false,"width":0,"height":0,"updated_at":"2018-12-30T17:46:35.223+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/opus/35c3-9346-eng-In_Soviet_Russia_Smart_Card_Hacks_You_opus.opus","url":"https://api.media.ccc.de/public/recordings/32459","event_url":"https://api.media.ccc.de/public/events/7ee42591-4f4d-481d-884b-44f5e18e1803","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":35,"length":2295,"mime_type":"audio/mpeg","language":"eng","filename":"35c3-9346-eng-In_Soviet_Russia_Smart_Card_Hacks_You_mp3.mp3","state":"new","folder":"mp3","high_quality":false,"width":0,"height":0,"updated_at":"2018-12-30T17:47:05.153+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/mp3/35c3-9346-eng-In_Soviet_Russia_Smart_Card_Hacks_You_mp3.mp3","url":"https://api.media.ccc.de/public/recordings/32460","event_url":"https://api.media.ccc.de/public/events/7ee42591-4f4d-481d-884b-44f5e18e1803","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":239,"length":2295,"mime_type":"video/webm","language":"eng-deu-fra","filename":"35c3-9346-eng-deu-fra-In_Soviet_Russia_Smart_Card_Hacks_You_webm-sd.webm","state":"new","folder":"webm-sd","high_quality":false,"width":720,"height":576,"updated_at":"2018-12-30T17:47:42.455+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/webm-sd/35c3-9346-eng-deu-fra-In_Soviet_Russia_Smart_Card_Hacks_You_webm-sd.webm","url":"https://api.media.ccc.de/public/recordings/32461","event_url":"https://api.media.ccc.de/public/events/7ee42591-4f4d-481d-884b-44f5e18e1803","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":453,"length":2295,"mime_type":"video/webm","language":"eng-deu-fra","filename":"35c3-9346-eng-deu-fra-In_Soviet_Russia_Smart_Card_Hacks_You_webm-hd.webm","state":"new","folder":"webm-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2018-12-30T17:52:21.463+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/webm-hd/35c3-9346-eng-deu-fra-In_Soviet_Russia_Smart_Card_Hacks_You_webm-hd.webm","url":"https://api.media.ccc.de/public/recordings/32466","event_url":"https://api.media.ccc.de/public/events/7ee42591-4f4d-481d-884b-44f5e18e1803","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":1,"length":null,"mime_type":"application/pdf","language":"eng","filename":"35c3-9346-in_soviet_russia_smart_card_hacks_you.pdf","state":"new","folder":"slides-pdf","high_quality":true,"width":null,"height":null,"updated_at":"2019-01-13T18:56:42.837+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/slides-pdf/35c3-9346-in_soviet_russia_smart_card_hacks_you.pdf","url":"https://api.media.ccc.de/public/recordings/32835","event_url":"https://api.media.ccc.de/public/events/7ee42591-4f4d-481d-884b-44f5e18e1803","conference_url":"https://api.media.ccc.de/public/conferences/35c3"}]}