Magnetic stripe card spoofer


After building a USB magnetic stripe reader, [David Cranor] has found a way to fool a magnetic stripe reader using a hand-wound electromagnet and an iPod. The data on a card is read and stored on a computer, then encoded as a WAV file using a C++ program. The iPod plays the WAV file with the data through a single-stage opamp amplifier connected to the headphone jack. The amplifier is used to drive the electromagnet. Video embedded after the jump.

By no means is this a new idea. There have been a lot of magnetic stripe projects and software. This project in particular references the 1992 Phrack article “A Day in the Life of a Flux reversal” by [Count Zero].

Don’t get your hopes up just yet on strolling through high security installations using this little device. It can only replay the data from a card that has been recorded. If you don’t have a known working card, it won’t get you very far.


[via Hackszine]

Comments

  1. MrGlass says:

    Major malfunction was working on something very similar a couple of years ago. He showed an early prototype at Defcon 14.

    Also, he pegged the correct inspiration for this hack: terminator 2 (john connor uses something like this to hack an ATM)

  2. Lee says:

    So who’s working on the parabolic microphone version (just aim it at someone’s pocket from 1/2 mile away)? We need an excuse to recycle the plastic and go back to cash, right?

  3. William Sims says:

    At least at my secure site, you’d need the PIN number associated with the badge.

  4. miked says:

    >Also, he pegged the correct inspiration
    >for this hack: terminator 2

    T2 was the first thing i thought of. second (maybe this shows my age), i thought of getting free groceries.

  5. Emanuel P. says:

    This seems like a fun project to play with on a saturday or something. (going to radio shack tomorrow.)
    (mainly for showoff purposes)

  6. M4CGYV3R says:

    Lol, thank you YouTube for linking good videos. I now know what to use this device for: http://www.youtube.com/watch?v=FnIf0JJWekU

  7. TJHooker says:

    The device in T2 was real. The FBI had some in evidence in a documentary I seen a long time ago.

    It was a brute force tool for locks there though. Although it probably would of worked on the ATM machines in the 80s. It’d probably take a while for a 8 bit chip to brute force anything involving 16 bytes.

    It probably still works on all the above, but ATM machines probably have some alert system; they are on VPNs now usually running embedded XP. In any case there’s no info on it. It’s obscure like casino cheat computer algorithms, auto passive transponder crypto etc..

  8. Taylor Alexander says:

    You could drive this with a microcontroller instead of an ipod – that would make the whole process a lot simpler because you could just send the bitstream out one of the pins and into your amplifier. Then you could hook up a card reader to the microcontroller too, and voila, instant card copier. I know you can copy card really easily with a mag-writer if you’re willing to spend a couple hundred bucks, but that seems so obvious… this seems like it has its advantages.
    -Taylor

  9. beakmyn says:

    Old hack put to a new use. I used to build these and attach a 10 ohm resistor, a headphone jack and put it in a cassette tape shell and you had aux input input for your car stereo.

    Kudos to the Phrack article. I cited that as a reference for my Senior project where I built from scratch a magnetic card decoder.

  10. Frollard says:

    From this it wouldnt be inconceivable to have a fake housing that covered the original card reader…

    It would be card reader> data logger > data spoofer coil > original card reader. That way the user would be unaware of the card data being taken hostage. The card would be read, recorded, and immediately repeated to the real card reader to give the user access while stealing the goods.

  11. walter says:

    I hate it when people mix an ipod into their hacks as an attempt to sound “hip”. any crappy portable audio device could have been used. even a cassette walkman if you really want to be ghetto. as Taylor mentioned, a microcontroller would be ideal for this step.

  12. Geek505 says:

    The device used in the Terminator 2 movie was an Atari Portfolio.

    While parallel/serial add-on ports did exist, I doubt very much that the “crack” (fuck you hackaday) was real.

    http://en.wikipedia.org/wiki/Atari_Portfolio
    http://www.atari-portfolio.co.uk/library/pf-demos/pin.zip

    (When the hell will you guys allow capital letters? do they infect your Wind0wz systems?)

  13. kruzer says:

    This page is a gold mine of info!
    Many thanks for making it simple to understand.

    kruzer

  14. Chalupa says:

    Been done plenty of times before, but good collection of info and howtos.

  15. srbg says:

    I once make something like this except I used a needle and my PDA. I wrote a custom “phonebook” style app for my PDA that would allow me to play people’s university IDs into card readers (all I ever used it for was getting into my friend’s buildings without them having to run down and open the door for me).

  16. Orac says:

    You still need the pin number….

    It has been happening here in NZ, the theif will put a card reader over the original card slot, so that the card will pass through it and into the original card reader on the ATM. It would store a copy of the card, while a camera up above recorded the pin number the user entered.

  17. TJHooker says:

    @Geek505: Yeah, because even the old ATM machines required human intervention. You couldn’t control anything from bit states on mag stripes; and still can’t.

    The t2 device was suppose to be a brute force tool I guess. Even if human intervention wasn’t required, the 8 bit chip would take at least a few hours to find something seeing as the numbers where so long, and bytes.

    It’d still work on mag stripe locks though.

  18. @Geek505 if you really hate the lack of caps you should install greasemonkey (assuming you’re using firefox) use a custom CSS to overwrite the sites style and display caps in the comments (they’re there, just displayed in all lowercase through CSS).

    c’mon man… where’s the hacking spirit, if you don’t like how something works hack it… websites shouldn’t be exempt. ;)

  19. Eric says:

    For caps, just get Firebug for Firefox.
    Lets you edit a website’s HTML, CSS, etc etc > on-the-fly < .

    It’s really powerful for web development ideas, or just plain turning off lowercase letters in the CSS style ;)

  20. powerpants says:

    If you actually read the tutorial, you’ll see that I refer to a “personal music player” and not an iPod throughout the steps. It just so happens that an iPod is all I had at the moment, and so thats what ended up in the pictures.

    Also, I had been toying with a design involving a microcontroller and an H-bridge, which should be even better than the current setup, but chose to go with this one because I want to write an iPhone app that lets me key in arbitrary data streams to be transmitted to the coil. Yes, that too could be done completely digitally, but going out through the headphone jack of the iPhone is a lot easier than taking apart a data cable.

    :p

  21. tsiou says:

    mate walter ipod it is a bit of a hip as playstation 1, 2 & 3 were and are.
    It is all in the hacking spirit as mentioned!! I think it would be a better laugh if he is running ipod linux!!!

  22. Swipetek says:

    Very cool. I am going to try this :).

  23. GUSTAVO TORRES says:

    i didnt convert the c++ archive (audio.wav) into wav archive, because itunes dont recognize. just it is the only part of this project that i need to put in practice. thanks for help…

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 91,277 other followers