This posts kicks-off a series of posts on smart cards and RFID tags.
First a little bit of fun. I’ve written a Python program to read and write 1K MIFARE RFID tags with my ACR122 contactless reader/writer.
I store shellcode on an MIFARE tag (MIFAREACR122.py write shellcode.bin); and then I read it from the tag and execute it (MIFAREACR122.py shellcode).
Of course, this is just a little trick, it’s not a vulnerability. Just find it funny to store shellcode on a RFID tag.