Proxmark3 community

maximus

Contributor

Registered: 2023-07-12

Posts: 2

OSDP attacks with Mellon

I  have been reading about OSDP attacks recently disclosed at BH2023
- https://bishopfox.com/blog/breaking-int … -with-osdp
- https://arstechnica.com/security/2023/0 … it-failed/

I am interested in replicating these attacks but have little to no experience with the hardware involved. I have used an ESPKey before which makes it relatively easy to test Wiegand attacks, as it includes a web interface that makes it very much push button for a novice like me.

The mellon repository (https://github.com/BishopFox/mellon) includes Kicad files, which are apparently the design for their 'ESPKey-esque' printed circuit board.

From some research it appears you can use these files to generate Gerber files which you then upload to a PCB manufacturing company. I found this instruction guide for one such companies (https://www.lioncircuits.com/faq/pcb-fa … sing-kicad) but its unclear to me, if I follow this guide, will I be missing any 'layers' that are necessary (and will the recommended gerber generation settings somehow break the functionality of the circuit board as it was originally designed)? Also when I go to print, i am given the option to select the number of layers I need (from 2 up) but its unclear how many layers I need. Lastly and most importantly, assuming I do have it printed correctly, how do I actually interface with the thing once i have it connected between a badge reader and door controller?

I could forgo the idea of using their PCB, and just use serial connectors, but that task also seems daunting given the lack of any instructions for setting that up. Any help/direction would be much appreciated. The Red Team Alliance RFID PACS and CMoE courses were my introduction to RFID/badge hacking so im still relatively green.

Last edited by maximus (2023-08-25 22:50:21)