Inside .NET Smart Card OS

Presentation by Behrang Fouladi at 44Con in 2012.

The .NET smart card is widely used in Microsoft Windows based systems to provide two-factor authentication, secure storage of cryptographic keys and tamper proof execution of sensitive applications. However, it had an undocumented proprietary application binary format which was a major challenge for studying the card's operating system and virtual machine security. As a result, no public security research, which could help the consumers to understand and evaluate the risks of malicious code on .NET smart cards, was available before this work. This research aims to perform a detailed security evaluation of this platform to unveil possible vulnerabilities and provide recommendations to address those issues.

The following video shows exploitation of the "public key token spoofing" vulnerability on the .net smart card using the HiveMod tool which was presented by SensePost during 44Con 2012: