The Circle of HOPE (2018): "Breath of the RF Field: Hacking Amiibo with Software-Defined Radio" (Download)
Saturday, July 21, 2018: 11:00 pm (Ritchie): Amiibo are Nintendo’s "toys to life" product line, supported by the 3DS, Wii U, and Switch. Interested in seeing whether these figures could be used to exploit games or consoles, James decided to make an Amiibo simulator and fuzzing tool using software-defined radio. This talk will provide an in-depth look at the technology and proprietary security system behind Amiibo, as well as the process of reverse engineering it. He’ll also explain the development of the simulator using a Proxmark3, and how he used it to find a bug in the NFC protocol used by the Switch and Wii U.