{"id":8521,"date":"2025-03-18T12:32:02","date_gmt":"2025-03-18T11:32:02","guid":{"rendered":"https:\/\/nethemba.com\/o-nas\/research\/"},"modified":"2025-04-01T04:43:19","modified_gmt":"2025-04-01T02:43:19","slug":"vyzkum","status":"publish","type":"page","link":"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/","title":{"rendered":"V\u00fdzkum"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-page\" data-elementor-id=\"8521\" class=\"elementor elementor-8521 elementor-7732\" data-elementor-post-type=\"page\">\n\t\t\t\t<div class=\"elementor-element elementor-element-128f736 elementor-hidden-mobile e-flex e-con-boxed e-con e-parent\" data-id=\"128f736\" data-element_type=\"container\" data-e-type=\"container\" data-settings=\"{&quot;background_background&quot;:&quot;gradient&quot;}\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-5d88bba e-con-full e-flex e-con e-child\" data-id=\"5d88bba\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-fbca056 elementor-widget elementor-widget-heading\" data-id=\"fbca056\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">V\u00fdzkum\n<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7733c3a elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"7733c3a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-8e72960 e-con-full e-flex e-con e-child\" data-id=\"8e72960\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-ff6e8a0 elementor-widget elementor-widget-image\" data-id=\"ff6e8a0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"777\" height=\"640\" src=\"https:\/\/nethemba.com\/wp-content\/uploads\/2025\/03\/HeroImg-squared-5-1-1.png\" class=\"attachment-large size-large wp-image-7682\" alt=\"\" srcset=\"https:\/\/nethemba.com\/wp-content\/uploads\/2025\/03\/HeroImg-squared-5-1-1.png 777w, https:\/\/nethemba.com\/wp-content\/uploads\/2025\/03\/HeroImg-squared-5-1-1-300x247.png 300w, https:\/\/nethemba.com\/wp-content\/uploads\/2025\/03\/HeroImg-squared-5-1-1-768x633.png 768w\" sizes=\"(max-width: 777px) 100vw, 777px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-3a5a493 elementor-hidden-desktop elementor-hidden-tablet e-flex e-con-boxed e-con e-parent\" data-id=\"3a5a493\" data-element_type=\"container\" data-e-type=\"container\" data-settings=\"{&quot;background_background&quot;:&quot;gradient&quot;}\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-0e4474d e-con-full e-flex e-con e-child\" data-id=\"0e4474d\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-7935ce9 elementor-widget elementor-widget-heading\" data-id=\"7935ce9\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">V\u00fdzkum\n<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-03cd8ae elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"03cd8ae\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-957fe9d e-con-full e-flex e-con e-child\" data-id=\"957fe9d\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-81121c2 elementor-widget elementor-widget-image\" data-id=\"81121c2\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"777\" height=\"640\" src=\"https:\/\/nethemba.com\/wp-content\/uploads\/2025\/03\/HeroImg-squared-5-1-1.png\" class=\"attachment-large size-large wp-image-7682\" alt=\"\" srcset=\"https:\/\/nethemba.com\/wp-content\/uploads\/2025\/03\/HeroImg-squared-5-1-1.png 777w, https:\/\/nethemba.com\/wp-content\/uploads\/2025\/03\/HeroImg-squared-5-1-1-300x247.png 300w, https:\/\/nethemba.com\/wp-content\/uploads\/2025\/03\/HeroImg-squared-5-1-1-768x633.png 768w\" sizes=\"(max-width: 777px) 100vw, 777px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-a1ada16 e-flex e-con-boxed e-con e-parent\" data-id=\"a1ada16\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-4e77c2b e-con-full e-flex e-con e-child\" data-id=\"4e77c2b\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-db6842e elementor-widget elementor-widget-text-editor\" data-id=\"db6842e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><span lang=\"cs-CZ\">V p\u0159\u00edpad\u011b, \u017ee hled\u00e1te na\u0161e publikace a prezentace, tak pokra\u010dujte zde\u00a0<\/span><a href=\"https:\/\/web.archive.org\/web\/20231023113511\/https:\/\/nethemba.com\/cs\/sluzby\/it-bezpecnostni-sluzby\/konzultace-skoleni\/\" data-wpel-link=\"internal\">Konzultace &amp;\u00a0\u0160kolen\u00ed<\/a><span lang=\"cs-CZ\">.<\/span><\/p><p lang=\"cs-CZ\">B\u011bhem na\u0161eho p\u016fsoben\u00ed na poli bezpe\u010dnosti, jsme analyzovali a odhalili mnoho v\u00e1\u017en\u00fdch bezpe\u010dnostn\u00edch zranitelnost\u00ed v r\u016fzn\u00fdch ve\u0159ejn\u011b dostupn\u00fdch syst\u00e9mech. Mno\u017estv\u00ed t\u011bchto zranitelnost\u00ed jsme prezentovali na uzn\u00e1van\u00fdch sv\u011btov\u00fdch bezpe\u010dnostn\u00edch konferenc\u00edch:<\/p><ul><li lang=\"cs-CZ\">Ve\u0159ejn\u00e1 bezpe\u010dnostn\u00ed anal\u00fdza slovensk\u00fdch biometrick\u00fdch pas\u016f<\/li><li lang=\"cs-CZ\">V\u00e1\u017en\u00e9 zranitelnosti v nejpou\u017e\u00edvan\u011bj\u0161\u00edch slovensk\u00fdch a \u010desk\u00fdch \u010dipov\u00fdch Mifare kart\u00e1ch<\/li><li lang=\"cs-CZ\">V\u00e1\u017en\u00e9 zranitelnosti v SMS j\u00edzdenk\u00e1ch<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-cb33260 e-flex e-con-boxed e-con e-parent\" data-id=\"cb33260\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-6c53031 e-con-full e-flex e-con e-child\" data-id=\"6c53031\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-879a22a elementor-widget elementor-widget-heading\" data-id=\"879a22a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Bezpe\u010dnostn\u00ed anal\u00fdza slovensk\u00e9ho biometrick\u00e9ho pasu<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8dad2e3 elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"8dad2e3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4d005fd elementor-widget elementor-widget-text-editor\" data-id=\"4d005fd\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h3 lang=\"cs-CZ\">(st\u00e1le prob\u00edh\u00e1 \u2013 v p\u0159\u00edpad\u011b, \u017ee n\u00e1m dok\u00e1\u017eete pomoct,\u00a0<a href=\"https:\/\/web.archive.org\/web\/20231023113511\/https:\/\/nethemba.com\/cs\/kontakt\/\" data-wpel-link=\"internal\">nev\u00e1hejte n\u00e1s kontaktovat<\/a>)<\/h3><p lang=\"cs-CZ\">Prakticky jsme demonstrovali na\u010dten\u00ed nov\u00e9ho slovensk\u00e9ho biometrick\u00e9ho RFID pasu. Pas je mo\u017en\u00e9 na\u010d\u00edst libovolnou ISO14443A RFID \u010dte\u010dkou (pro n\u00e1\u0161 experiment jsme pou\u017eili levnou\u00a0<a href=\"https:\/\/web.archive.org\/web\/20231023113511\/http:\/\/www.touchatag.com\/\" rel=\"external noopener noreferrer\" data-wpel-link=\"external\">touchatag \u010dte\u010dku<\/a>, kterou je mo\u017en\u00e9\u00a0<a href=\"https:\/\/web.archive.org\/web\/20231023113511\/http:\/\/www.touchatag.com\/e-store\" rel=\"external noopener noreferrer\" data-wpel-link=\"external\">zakoupit<\/a>\u00a0za 30 \u20ac).<br \/>Na na\u010dten\u00ed je pot\u0159ebn\u00fd\u00a0<a href=\"https:\/\/web.archive.org\/web\/20231023113511\/http:\/\/en.wikipedia.org\/wiki\/Machine-readable_passport\" rel=\"external noopener noreferrer\" data-wpel-link=\"external\">MRZ k\u00f3d<\/a>, kter\u00fd je uveden na p\u0159edposledn\u00ed stran\u011b pasu. MRZ se skl\u00e1d\u00e1 prim\u00e1rn\u011b z \u010d\u00edsla pasu, datumu narozen\u00ed a datumu expirace pasu. Na z\u00e1klad\u011b osobn\u00edch \u00fadaj\u016f lze MRZ\u00a0<a href=\"https:\/\/web.archive.org\/web\/20231023113511\/http:\/\/www.highprogrammer.com\/cgi-bin\/uniqueid\/mrzp\" rel=\"external noopener noreferrer\" data-wpel-link=\"external\">i vypo\u010d\u00edtat<\/a>. Se znalost\u00ed MRZ k\u00f3du je mo\u017en\u00e9 z pasu na\u010d\u00edst:<\/p><ul><li>v\u0161echny osobn\u00ed data uveden\u00e9 v pase (EF.DG1)<\/li><li>fotografii vlastn\u00edka (ulo\u017eenou v\u00a0JPEG) (EF.DG2)<\/li><\/ul><p lang=\"cs-CZ\">MRZ k\u00f3d ale nesta\u010d\u00ed na na\u010dten\u00ed:<\/p><ul><li>otisku prstu vlastn\u00edka pasu (EF.DG3)<\/li><li>\u201cActive Authentication Public\u00a0Key Info\u201d (EF.DG15)<\/li><\/ul><p lang=\"cs-CZ\">Pas nebyl nijak chr\u00e1n\u011bn\u00fd\u00a0<a href=\"https:\/\/web.archive.org\/web\/20231023113511\/http:\/\/www.rfid-shield.com\/\" rel=\"external noopener noreferrer\" data-wpel-link=\"external\">speci\u00e1ln\u00edm pouzdrem<\/a>, tak\u017ee ho bylo mo\u017en\u00e9 na\u010d\u00edst v zav\u0159en\u00e9m stavu ze vzd\u00e1lenosti 5 cm. V p\u0159\u00edpad\u011b pou\u017eit\u00ed siln\u00e9 ant\u00e9ny t\u00e1to vzd\u00e1lenost m\u016f\u017ee b\u00fdt podstatn\u011b v\u011bt\u0161\u00ed (a\u017e 10 metr\u016f a bude nad\u00e1le r\u016fst).<br \/>Pas vrac\u00ed n\u00e1hodn\u00fd unik\u00e1tn\u00ed identifik\u00e1tor (UID), tak\u017ee ho nen\u00ed mo\u017en\u00e9 na d\u00e1lku \u201cfingerprintnout\u201d a tedy odhadnout v\u00fdrobce (toto chov\u00e1n\u00ed je mo\u017en\u00e9 emulovat \u010dipovou kartou NXP JCOP 41 v2.2.1 72K RANDOM_UID).<\/p><p>Bez znalosti \u201cActive Authentication Public Key Info\u201d pas nen\u00ed mo\u017en\u00e9 jednodu\u0161e vyklonovat.<\/p><p>Pot\u0159ebn\u00e9 ov\u011b\u0159it:<\/p><ul><li>jak se chovaj\u00ed dostupn\u00e9 \u010dte\u010dky biometrick\u00fdch pas\u016f na Slovensku p\u0159i chybn\u00e9m hash, digit\u00e1ln\u00edm podpisu, absenci AA informace (je mo\u017en\u00e9, \u017ee akceptuj\u00ed i nedokonal\u00fd klon)<\/li><li>je mo\u017en\u00e9 vytvo\u0159it nedokonal\u00e9ho klona na emul\u00e1tor NXP\u00a0JCOP 41 v2.2.1 72k RANDOM_UID, kdy se EF.DG3 a EF.DG15 vyhod\u00ed z passport indexu \u2013 bude tento klon nad\u00e1le akceptovan\u00fd slovensk\u00fdmi \u010dte\u010dkami biometrick\u00fdch pas\u016f?<\/li><li>ov\u011b\u0159it mo\u017enost \u00fatoku skrz postrann\u00ed kan\u00e1ly (nap\u0159.\u00a0<a href=\"https:\/\/web.archive.org\/web\/20231023113511\/http:\/\/wiki.whatthehack.org\/images\/2\/28\/WTH-slides-Attacks-on-Digital-Passports-Marc-Witteman.pdf\" rel=\"external noopener noreferrer\" data-wpel-link=\"external\">anal\u00fdza nap\u011b\u0165ov\u00e9 stopy RSA v \u010dase<\/a>)<\/li><li>analyzovat entropii MRZ:<br \/>datum expirace pasu p\u0159i 10\u00a0letech = 3650\u00a0hodnot<br \/>datum narozen\u00ed (p\u0159i odhade +\/- 5 let) = 3650\u00a0hodnot<br \/>\u010d\u00edslo pasu (2\u00a0alfaznaky + 7 \u010d\u00edslic) = 25 * 25 * (10\u00a0^ 7) = 6250000000 hodnot<\/li><li>je mo\u017en\u00e9 determinovat \u010d\u00edslo pasu (jak\u00fdm zp\u016fsobem se p\u0159id\u011bluje?)<\/li><\/ul><p><strong>M\u00e1te pr\u00e1vo b\u00fdt informov\u00e1n o bezpe\u010dnosti technologi\u00ed, kter\u00e9 se dot\u00fdkaj\u00ed va\u0161ich osobn\u00edch \u00fadaj\u016f!<\/strong><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-b97b8d9 e-flex e-con-boxed e-con e-parent\" data-id=\"b97b8d9\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-055a454 e-con-full e-flex e-con e-child\" data-id=\"055a454\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-c097b0f elementor-widget elementor-widget-heading\" data-id=\"c097b0f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">V\u00e1\u017en\u00e9 zranitelnosti v slovensk\u00fdch a \u010desk\u00fdch Mifare Classic \u010dipov\u00fdch kart\u00e1ch<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8883849 elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"8883849\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b85087e elementor-widget elementor-widget-text-editor\" data-id=\"b85087e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p lang=\"cs-CZ\" align=\"left\">Analyzovali jsme ve\u0159ejn\u011b pou\u017e\u00edvan\u00e9 karty (Bratislavsk\u00e1 j\u00edzdenka, univerzitn\u00ed\/ISIC pr\u016fkazy, parkovac\u00ed karty, pr\u016fkazy Slovak Lines a jin\u00e9) na Slovensku a v \u010cech\u00e1ch zalo\u017een\u00e9 na technologii Mifare Classic. Pomoc\u00ed r\u016fzn\u00fdch technologick\u00fdch postup\u016f a na z\u00e1klad\u011b dostupn\u00fdch v\u011bdeck\u00fdch publikac\u00ed jsme prakticky demonstrovali mo\u017enost kompletn\u00edho z\u00edsk\u00e1n\u00ed p\u0159\u00edstupov\u00fdch kl\u00ed\u010d\u016f pou\u017e\u00edvan\u00fdch na \u0161ifrov\u00e1n\u00ed obsahu uveden\u00fdch karet. Prakticky jsme tak\u00e9 ov\u011b\u0159ili mo\u017enost pln\u00e9 kontroly nad testovan\u00fdmi \u010dipov\u00fdmi kartami v\u010detn\u011b kompletn\u00edho na\u010d\u00edtan\u00ed, modifikace a vytvo\u0159en\u00ed duplik\u00e1tu \u010dipov\u00e9 karty. Odhadli jsme n\u00e1klady na realizaci samotn\u00e9ho \u00fatoku a navrhli vhodn\u00e9 bezpe\u010dnostn\u00ed protiopat\u0159en\u00ed \u2013 od nejbezpe\u010dn\u011bj\u0161\u00edch (kompletn\u00ed sta\u017een\u00ed zraniteln\u00fdch karet a nahrazen\u00ed bezpe\u010dn\u011bj\u0161\u00edmi) a\u017e po m\u00e9n\u011b bezpe\u010dn\u00e9 (sv\u00e1z\u00e1n\u00ed UID karty s identitou cestuj\u00edc\u00edho a ov\u011b\u0159ov\u00e1ni platnosti UID karty, digit\u00e1ln\u00ed podepisov\u00e1n\u00ed obsahu, &#8222;decrement counter&#8220; \u0159e\u0161en\u00ed).<\/p>\n<p lang=\"cs-CZ\" align=\"left\">Pro demonstraci z\u00e1va\u017enosti uveden\u00e9 zranitelnosti a nutnosti sou\u010dasn\u00e9 karty p\u0159estat pou\u017e\u00edvat a nahradit bezpe\u010dn\u011bj\u0161\u00edmi, jsme vytvo\u0159ili a zve\u0159ejnili vlastn\u00ed implementaci \u201eoffline nested&#8220; \u00fatoku pomoc\u00ed kter\u00e9ho je mo\u017en\u00e9 \u00fatokem na kartu (bez pou\u017eit\u00ed legitimn\u00ed RFID \u010dte\u010dky) z\u00edskat v\u0161echny kl\u00ed\u010de ke v\u0161em sektor\u016fm.<\/p>\n<p lang=\"cs-CZ\" align=\"left\">\u00a0<a href=\"https:\/\/nethemba.com\/resources\/mifare-classic-zranitelnosti.pdf\"><strong>Ofici\u00e1ln\u00ed zve\u0159ejn\u011bn\u00ed zranitelnost\u00ed slovensk\u00fdch a \u010desk\u00fdch Mifare Classic karet<\/strong><\/a><\/p>\n<a href=\"https:\/\/nethemba.com\/resources\/mifare-classic-slides.pdf\"><strong>Technick\u00e1 prezentace Mifare Classic zranitelnost\u00ed (v angli\u010dtin\u011b)<\/strong><\/a>\n<div id=\"__ss_4738269\"><iframe src=\"https:\/\/www.slideshare.net\/slideshow\/embed_code\/4738269\" width=\"425\" height=\"355\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe><\/div>\n<a href=\"https:\/\/github.com\/nfc-tools\/mfoc\"><strong>Mifare Classic Offline Cracker (nov\u00e1 verze 0.09 pre libnfc 1.3.9)<\/strong><\/a>\n\n(otestovan\u00e9 s <a href=\"http:\/\/code.google.com\/p\/crapto1\/\">crapto1<\/a>, <a href=\"http:\/\/www.libnfc.org\/\">libnfc<\/a> a <a href=\"http:\/\/www.touchatag.com\/\">Tikitag\/Touchatag \u010dte\u010dkou<\/a>)\n\n<strong>Prezentace:<\/strong>\n\n<a href=\"http:\/\/200902.confidence.org.pl\/prelegenci\/pavol-luptak\/\">Confidence 2.0 ve Var\u0161ave<\/a>\n\n<a href=\"http:\/\/konference.iinfo.cz\/tib-2010\/program\/\">Trendy v Internetov\u00e9 bezpe\u010dnosti v Praze<\/a>\n\n<strong>Medi\u00e1ln\u00ed reakcie:<\/strong>\n<strong>SME<\/strong> <a href=\"http:\/\/pocitace.sme.sk\/c\/5080757\/cipove-karty-je-lahke-precitat.html\">\u010cipov\u00e9 karty je \u013eahk\u00e9 pre\u010d\u00edta\u0165<\/a>\n\n<strong>IT\u00a0News <\/strong><a href=\"http:\/\/www.itnews.sk\/rozhovory\/2009-10-27\/c129884-publikovane-vazne-zranitelnosti-v-slovenskych-a-ceskych-kartach-mifare\">Publikovan\u00e9 v\u00e1\u017ene zranite\u013enosti v slovensk\u00fdch a \u010desk\u00fdch kart\u00e1ch Mifare<\/a>\n\n<strong>eFocus<\/strong> <a href=\"http:\/\/www.efocus.sk\/webcasty\/kategoria\/nazory\/clanok\/bezpecnost-cipovych-kariet\">Bezpe\u010dnos\u0165 \u010dipov\u00fdch kariet prelomen\u00e1<\/a>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-5e4f5e4 e-flex e-con-boxed e-con e-parent\" data-id=\"5e4f5e4\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-ae87504 e-con-full e-flex e-con e-child\" data-id=\"ae87504\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-c9cf207 elementor-widget elementor-widget-heading\" data-id=\"c9cf207\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">V\u00e1\u017en\u00e9 zranitelnosti v syst\u00e9mu tzv. SMS j\u00edzdenek<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8829b9d elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"8829b9d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b388b8f elementor-widget elementor-widget-text-editor\" data-id=\"b388b8f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p lang=\"cs-CZ\" style=\"text-align: left;\" align=\"center\">SMS j\u00edzdenky jsou s oblibou pou\u017e\u00edvan\u00e9 ve velk\u00fdch m\u011bstech St\u0159edn\u00ed Evropy (Praha, Bratislava, Ko\u0161ice, V\u00edde\u0148, Var\u0161ava, ..)<\/p>\n<p lang=\"cs-CZ\" align=\"left\">C\u00edlem na\u0161eho v\u00fdzkumu bylo pouk\u00e1zat na v\u00e1\u017en\u00e9 bezpe\u010dnostn\u00ed zranitelnosti SMS l\u00edstk\u016f, kter\u00e9 nejsou dostate\u010dn\u011b dob\u0159e prov\u00e1zan\u00e9 na samotn\u00e9ho cestuj\u00edc\u00edho. Na demonstraci potenci\u00e1ln\u00edho zneu\u017eit\u00ed jsme navrhli speci\u00e1ln\u00ed s\u00ed\u0165ovou architekturu, kter\u00e1 umo\u017e\u0148uje skrz \u0161ifrovan\u00fd kan\u00e1l masivn\u011b distribuovat a sd\u00edlet SMS j\u00edzdenky mezi pasa\u017e\u00e9ry (SMS ticket hacker server + SMS ticket hack clients).<\/p>\n<p lang=\"cs-CZ\" align=\"left\">Kriti\u010dnost uveden\u00e9 zranitelnosti navy\u0161uje fakt, \u017ee v sou\u010dasn\u00e9 dob\u011b neexistuje jednoduch\u00fd a levn\u00fd zp\u016fsob jak uveden\u00fd \u00fatok odhalit.<\/p>\n<p lang=\"cs-CZ\" align=\"left\">Navrhli jsme tak\u00e9 v\u00edcero \u010d\u00e1ste\u010dn\u00fdch, ale nedostate\u010dn\u00fdch \u0159e\u0161en\u00ed, kter\u00e9 m\u016f\u017ee DP realizovat v snaze odhalit uveden\u00fd \u00fatok.<\/p>\n<p lang=\"cs-CZ\" align=\"left\">Tak\u00e9 jsme navrhli bezpe\u010dn\u00e9 a spolehliv\u00e9 \u0159e\u0161en\u00ed spo\u010d\u00edvaj\u00edc\u00ed ve sv\u00e1z\u00e1n\u00ed identity pasa\u017e\u00e9ra se SMS j\u00edzdenkou, bezpe\u010dn\u00fd zp\u016fsob generov\u00e1n\u00ed SMS j\u00edzdenek a tak\u00e9 zp\u016fsob jejich rychl\u00e9 kontroly se strany revizor\u016f.<\/p>\n<p lang=\"cs-CZ\" align=\"left\">P\u0159esto\u017ee jsme, v souladu s etikou tzv. responsible disclosure, dopravn\u00ed spole\u010dnosti s velk\u00fdm p\u0159edstihem p\u0159ed zve\u0159ejn\u011bn\u00edm o uveden\u00e9 zranitelnosti informovali, st\u00e1le je tato zranitelnost ignorovan\u00e1 a zraniteln\u00e9 syst\u00e9my jsou i nad\u00e1le pou\u017e\u00edvan\u00e9<\/p>\n<p align=\"left\"><span lang=\"cs-CZ\"><b>Prezentace: <\/b><\/span><a href=\"https:\/\/nethemba.com\/resources\/SMS-ticket-hack4.pdf\"><span lang=\"cs-CZ\">Zranitelnosti v SMS\u00a0j\u00edzdenk\u00e1ch (prezentace v angli\u010dtin\u011b)<\/span><\/a><\/p>\n\n<div id=\"__ss_4738280\"><iframe src=\"https:\/\/www.slideshare.net\/slideshow\/embed_code\/4738280\" width=\"425\" height=\"355\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe><\/div>\n<p align=\"left\"><span lang=\"cs-CZ\"><b>Publikov\u00e1no na konferenc\u00edch:<\/b><\/span><\/p>\n<p align=\"left\"><a href=\"https:\/\/har2009.org\/program\/events\/89.en.html\"><span lang=\"cs-CZ\">Hacking at Random 2009 v Holandsku<\/span><\/a><\/p>\n<p align=\"left\"><a href=\"http:\/\/2009.confidence.org.pl\/prelegenci\/pavol-luptak\"><span lang=\"cs-CZ\">Confidence v Krakove \/\u00a0Polsku<\/span><\/a><\/p>\n<p align=\"left\"><a href=\"http:\/\/metalab.at\/wiki\/SMS-Ticket-Vortrag\"><span lang=\"cs-CZ\">Metalab ve V\u00eddni \/\u00a0Rakousko<\/span><\/a><\/p>\n<p align=\"left\"><strong><span lang=\"cs-CZ\">Rozhovor pro den\u00edk\u00a0SME:\u00a0<\/span><\/strong><a href=\"http:\/\/bratislava.sme.sk\/c\/4915803\/sms-listky-sa-zneuzit-daju-tvrdi-expert.html\"><span lang=\"cs-CZ\">SMS l\u00edstky sa zneu\u017ei\u0165 daj\u00fa, tvrd\u00ed expert<\/span><\/a><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>V\u00fdzkum V\u00fdzkum V p\u0159\u00edpad\u011b, \u017ee hled\u00e1te na\u0161e publikace a prezentace, tak pokra\u010dujte zde\u00a0Konzultace &amp;\u00a0\u0160kolen\u00ed. B\u011bhem na\u0161eho p\u016fsoben\u00ed na poli bezpe\u010dnosti, jsme analyzovali a odhalili mnoho v\u00e1\u017en\u00fdch bezpe\u010dnostn\u00edch zranitelnost\u00ed v r\u016fzn\u00fdch ve\u0159ejn\u011b dostupn\u00fdch syst\u00e9mech. Mno\u017estv\u00ed t\u011bchto zranitelnost\u00ed jsme prezentovali na uzn\u00e1van\u00fdch sv\u011btov\u00fdch bezpe\u010dnostn\u00edch konferenc\u00edch: Ve\u0159ejn\u00e1 bezpe\u010dnostn\u00ed anal\u00fdza slovensk\u00fdch biometrick\u00fdch pas\u016f V\u00e1\u017en\u00e9 zranitelnosti v nejpou\u017e\u00edvan\u011bj\u0161\u00edch slovensk\u00fdch a [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":8508,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"elementor_header_footer","meta":{"inline_featured_image":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"class_list":["post-8521","page","type-page","status-publish","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>V\u00fdzkum - Nethemba<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/\" \/>\n<meta property=\"og:locale\" content=\"cs_CZ\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"V\u00fdzkum - Nethemba\" \/>\n<meta property=\"og:description\" content=\"V\u00fdzkum V\u00fdzkum V p\u0159\u00edpad\u011b, \u017ee hled\u00e1te na\u0161e publikace a prezentace, tak pokra\u010dujte zde\u00a0Konzultace &amp;\u00a0\u0160kolen\u00ed. B\u011bhem na\u0161eho p\u016fsoben\u00ed na poli bezpe\u010dnosti, jsme analyzovali a odhalili mnoho v\u00e1\u017en\u00fdch bezpe\u010dnostn\u00edch zranitelnost\u00ed v r\u016fzn\u00fdch ve\u0159ejn\u011b dostupn\u00fdch syst\u00e9mech. Mno\u017estv\u00ed t\u011bchto zranitelnost\u00ed jsme prezentovali na uzn\u00e1van\u00fdch sv\u011btov\u00fdch bezpe\u010dnostn\u00edch konferenc\u00edch: Ve\u0159ejn\u00e1 bezpe\u010dnostn\u00ed anal\u00fdza slovensk\u00fdch biometrick\u00fdch pas\u016f V\u00e1\u017en\u00e9 zranitelnosti v nejpou\u017e\u00edvan\u011bj\u0161\u00edch slovensk\u00fdch a [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/\" \/>\n<meta property=\"og:site_name\" content=\"Nethemba\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/nethemba\" \/>\n<meta property=\"article:modified_time\" content=\"2025-04-01T02:43:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/nethemba.com\/wp-content\/uploads\/2025\/03\/HeroImg-squared-5-1-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"777\" \/>\n\t<meta property=\"og:image:height\" content=\"640\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@nethemba\" \/>\n<meta name=\"twitter:label1\" content=\"Odhadovan\u00e1 doba \u010dten\u00ed\" \/>\n\t<meta name=\"twitter:data1\" content=\"5 minut\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/\",\"url\":\"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/\",\"name\":\"V\u00fdzkum - Nethemba\",\"isPartOf\":{\"@id\":\"https:\/\/nethemba.com\/de\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/nethemba.com\/wp-content\/uploads\/2025\/03\/HeroImg-squared-5-1-1.png\",\"datePublished\":\"2025-03-18T11:32:02+00:00\",\"dateModified\":\"2025-04-01T02:43:19+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/#breadcrumb\"},\"inLanguage\":\"cs\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"cs\",\"@id\":\"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/#primaryimage\",\"url\":\"https:\/\/nethemba.com\/wp-content\/uploads\/2025\/03\/HeroImg-squared-5-1-1.png\",\"contentUrl\":\"https:\/\/nethemba.com\/wp-content\/uploads\/2025\/03\/HeroImg-squared-5-1-1.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/nethemba.com\/cs\/home-new-2025\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"O n\u00e1s\",\"item\":\"https:\/\/nethemba.com\/cs\/o-nas\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"V\u00fdzkum\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/nethemba.com\/de\/#website\",\"url\":\"https:\/\/nethemba.com\/de\/\",\"name\":\"Nethemba\",\"description\":\"We care about your security\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/nethemba.com\/de\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"cs\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"V\u00fdzkum - Nethemba","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/","og_locale":"cs_CZ","og_type":"article","og_title":"V\u00fdzkum - Nethemba","og_description":"V\u00fdzkum V\u00fdzkum V p\u0159\u00edpad\u011b, \u017ee hled\u00e1te na\u0161e publikace a prezentace, tak pokra\u010dujte zde\u00a0Konzultace &amp;\u00a0\u0160kolen\u00ed. B\u011bhem na\u0161eho p\u016fsoben\u00ed na poli bezpe\u010dnosti, jsme analyzovali a odhalili mnoho v\u00e1\u017en\u00fdch bezpe\u010dnostn\u00edch zranitelnost\u00ed v r\u016fzn\u00fdch ve\u0159ejn\u011b dostupn\u00fdch syst\u00e9mech. Mno\u017estv\u00ed t\u011bchto zranitelnost\u00ed jsme prezentovali na uzn\u00e1van\u00fdch sv\u011btov\u00fdch bezpe\u010dnostn\u00edch konferenc\u00edch: Ve\u0159ejn\u00e1 bezpe\u010dnostn\u00ed anal\u00fdza slovensk\u00fdch biometrick\u00fdch pas\u016f V\u00e1\u017en\u00e9 zranitelnosti v nejpou\u017e\u00edvan\u011bj\u0161\u00edch slovensk\u00fdch a [&hellip;]","og_url":"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/","og_site_name":"Nethemba","article_publisher":"https:\/\/www.facebook.com\/nethemba","article_modified_time":"2025-04-01T02:43:19+00:00","og_image":[{"width":777,"height":640,"url":"https:\/\/nethemba.com\/wp-content\/uploads\/2025\/03\/HeroImg-squared-5-1-1.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_site":"@nethemba","twitter_misc":{"Odhadovan\u00e1 doba \u010dten\u00ed":"5 minut"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/","url":"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/","name":"V\u00fdzkum - Nethemba","isPartOf":{"@id":"https:\/\/nethemba.com\/de\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/#primaryimage"},"image":{"@id":"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/#primaryimage"},"thumbnailUrl":"https:\/\/nethemba.com\/wp-content\/uploads\/2025\/03\/HeroImg-squared-5-1-1.png","datePublished":"2025-03-18T11:32:02+00:00","dateModified":"2025-04-01T02:43:19+00:00","breadcrumb":{"@id":"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/#breadcrumb"},"inLanguage":"cs","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/"]}]},{"@type":"ImageObject","inLanguage":"cs","@id":"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/#primaryimage","url":"https:\/\/nethemba.com\/wp-content\/uploads\/2025\/03\/HeroImg-squared-5-1-1.png","contentUrl":"https:\/\/nethemba.com\/wp-content\/uploads\/2025\/03\/HeroImg-squared-5-1-1.png"},{"@type":"BreadcrumbList","@id":"https:\/\/nethemba.com\/cs\/o-nas\/vyzkum\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nethemba.com\/cs\/home-new-2025\/"},{"@type":"ListItem","position":2,"name":"O n\u00e1s","item":"https:\/\/nethemba.com\/cs\/o-nas\/"},{"@type":"ListItem","position":3,"name":"V\u00fdzkum"}]},{"@type":"WebSite","@id":"https:\/\/nethemba.com\/de\/#website","url":"https:\/\/nethemba.com\/de\/","name":"Nethemba","description":"We care about your security","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nethemba.com\/de\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"cs"}]}},"_links":{"self":[{"href":"https:\/\/nethemba.com\/cs\/wp-json\/wp\/v2\/pages\/8521","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nethemba.com\/cs\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/nethemba.com\/cs\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/nethemba.com\/cs\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nethemba.com\/cs\/wp-json\/wp\/v2\/comments?post=8521"}],"version-history":[{"count":4,"href":"https:\/\/nethemba.com\/cs\/wp-json\/wp\/v2\/pages\/8521\/revisions"}],"predecessor-version":[{"id":8526,"href":"https:\/\/nethemba.com\/cs\/wp-json\/wp\/v2\/pages\/8521\/revisions\/8526"}],"up":[{"embeddable":true,"href":"https:\/\/nethemba.com\/cs\/wp-json\/wp\/v2\/pages\/8508"}],"wp:attachment":[{"href":"https:\/\/nethemba.com\/cs\/wp-json\/wp\/v2\/media?parent=8521"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}