What is RFDump

RFDump is a backend GPL tool to directly interoperate with any RFID ISO-Reader to make the contents stored on RFID tags accessible. This makes the following types of audits possible:

If you are interested in RFID this link helps you!

RFDump was first presented at the Blackhat Conference 2004 in Las Vegas (check out the slides from our presentation) and since then we have been striving to turn this web site into a portal for information exchange regarding RFID technology. The intention is to provide a forum where all people interested or concerned about RFID technolgy can discuss and exchange their opinion in an open environment.

RFDump is a tool to detect RFID tags and show their meta information: Tag ID, tag type, manufacturer etc. The user data of a tag can be displayed and modified using either a Hex or an ASCII editor. In addition, the integrated cookie feature demonstrates how easy it is for a company to abuse RFID technology to spy on their customers. RFDump works with the ACG Multi-Tag Reader or similar card reader hardware.

Bruce Schneier about our work:

"[Grunwald] is doing what RFID is supposed to do," said security author and Counterpane Internet Security Inc. Chief Technology Officer Bruce Schneier. "This is serious. He didn't hack anything. RFID technology originally was designed to be completely open; that's its problem. He went to the spec, read it and followed it. If you query the chip, you will get this info. If there were security countermeasures on the chip that were thwarted, then we could talk about hacking." Source: Computerworld USA 2004

RFDump is available in different versions:

RFDump features (Gtk Application):

Supported Tag Types:

Recommended Hardware:

We have a mailing-list "rfdump" you can subscribe to via http://lists.dn-systems.net/mailman/listinfo/rfdump or by sending a mail to rfdump-request@lists.ezisp.de with "subscribe" in the body.

Screenshot of RFDump 1.4 GTK Linux Application:

Screenshot of RFDump 1.3 GTK Linux Application: