Proxmark3 developers community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

#1 2019-05-05 22:21:58

lockakey
Contributor
Registered: 2015-10-10
Posts: 22

Mifare Classic EV1 assistance

I hope i'm going about this the right way, I've been doing very well with LF/125Khz and I've been fine performing a darkside attack. Recently I've been stuck on this Mifare Classic EV1 and wanted to know if I can get some advice in making a successful clone (if it's possible).

I've understood that this is a [MIFARE CLASSIC EV1: MF1S50] with a product identifier of [MF1S503xX/V1]

 pm3 --> hf sear
 UID : BE F4 73 E5
ATQA : 00 04
 SAK : 08 [2]
TYPE : NXP MIFARE CLASSIC 1k | Plus 2k SL1 | 1k Ev1
[=] proprietary non iso14443-4 card found, RATS not supported
[=] Answers to magic commands: NO
[+] Prng detection: HARD

[+] Valid ISO14443-A Tag Found 

Im using the latest 5/1 Iceman Fork.

Proxmark3 RFID instrument


 [ CLIENT ]
 client: iceman build for RDV40 with flashmem; smartcard;

 [ ARM ]
 bootrom: iceman/master/ice_v3.1.0-1083-g05f43ba6 2019-05-01 13:40:37
      os: iceman/master/ice_v3.1.0-1083-g05f43ba6 2019-05-01 13:40:41

 [ FPGA ]
 LF image built for 2s30vq100 on 2017/10/25 at 19:50:50
 HF image built for 2s30vq100 on 2018/ 9/ 3 at 21:40:23

 [ Hardware ]
  --= uC: AT91SAM7S256 Rev B
  --= Embedded Processor: ARM7TDMI
  --= Nonvolatile Program Memory Size: 256K bytes, Used: 237349 bytes (91%) Free: 24795 bytes ( 9%)
  --= Second Nonvolatile Program Memory Size: None
  --= Internal SRAM Size: 64K bytes
  --= Architecture Identifier: AT91SAM7Sxx Series
  --= Nonvolatile Program Memory Type: Embedded Flash Memory

A darkside attempt shows this

pm3 --> hf mf dark
--------------------------------------------------------------------------------
executing Darkside attack. Expected execution time: 25sec on average
press pm3-button on the proxmark3 device to abort both proxmark3 and client.
--------------------------------------------------------------------------------
[-] card is not vulnerable to Darkside attack (its random number generator is not predictable).

Following a lot of research from the forum, I've understood I need to attempt a hardnested attack.

First, check default keys.

pm3 --> hf mf chk * ?
No key specified, trying default keys
[ 0] ffffffffffff
[ 1] 000000000000
[ 2] a0a1a2a3a4a5
[ 3] b0b1b2b3b4b5
[ 4] c0c1c2c3c4c5
[ 5] d0d1d2d3d4d5
[ 6] aabbccddeeff
[ 7] 1a2b3c4d5e6f
[ 8] 123456789abc
[ 9] 010203040506
[10] 123456abcdef
[11] abcdef123456
[12] 4d3a99c351dd
[13] 1a982c7e459a
[14] d3f7d3f7d3f7
[15] 714c5c886e97
[16] 587ee5f9350f
[17] a0478cc39091
[18] 533cb6c723f6
[19] 8fd0a4f256e9

Time in checkkeys: 0 seconds

testing to read key B...
|---|----------------|---|----------------|---|
|sec|key A           |res|key B           |res|
|---|----------------|---|----------------|---|
|000|  ------------  | 0 |  ------------  | 0 |
|001|  ------------  | 0 |  ------------  | 0 |
|002|  ------------  | 0 |  ------------  | 0 |
|003|  ------------  | 0 |  ------------  | 0 |
|004|  ------------  | 0 |  ------------  | 0 |
|005|  ------------  | 0 |  ------------  | 0 |
|006|  ------------  | 0 |  ------------  | 0 |
|007|  ------------  | 0 |  ------------  | 0 |
|008|  ------------  | 0 |  ------------  | 0 |
|009|  ------------  | 0 |  ------------  | 0 |
|010|  ------------  | 0 |  ------------  | 0 |
|011|  ------------  | 0 |  ------------  | 0 |
|012|  ------------  | 0 |  ------------  | 0 |
|013|  ------------  | 0 |  ------------  | 0 |
|014|  ------------  | 0 |  ------------  | 0 |
|015|  ------------  | 0 |  ------------  | 0 |
|---|----------------|---|----------------|---|

then attempt at hardnested using FFFFFFFFFFFF on block 04

 pm3 --> hf mf hard * A FFFFFFFFFFFF 4 A
#db# ChkKeys: Can't select card (ALL)
--target block no:  4, target key type:A, known target key: 0x000000000000 (not set), file action: none, Slow: No, Tests: 0



 time    | #nonces | Activity                                                | expected to brute force
         |         |                                                         | #states         | time
------------------------------------------------------------------------------------------------------
       0 |       0 | Start using 4 threads and AVX SIMD core                 |                 |
       0 |       0 | Brute force benchmark: 279 million (2^28.1) keys/s      | 140737488355328 |    6d
       3 |       0 | Using 235 precalculated bitflip state tables            | 140737488355328 |    6d
#db# AcquireNonces: Auth1 error
#db# AcquireNonces: Auth1 error
#db# AcquireNonces: Auth1 error
#db# AcquireNonces: Auth1 error
#db# AcquireNonces: Auth1 error
#db# AcquireNonces: Can't select card (UID)
#db# AcquireNonces: Auth1 error
#db# AcquireNonces: Auth1 error
#db# AcquireNonces: Auth1 error
#db# AcquireNonces: Can't select card (UID)
#db# AcquireNonces: Can't select card (UID)
###................ALOT OF THIS
###.......SOME OF THIS
       9 |     112 | Apply bit flip properties                               |   9843136004096 |   10h
###...............THEN THIS...
      76 |    3924 | (1. guess: Sum(a8) = 192)                               |    192771866624 | 12min
      77 |    3924 | Apply Sum(a8) and all bytes bitflip properties          |    157699440640 |  9min
      82 |    3924 | Brute force phase completed. Key found: e2127c8b3458    |               0 |    0s

So it seems like it found a key?
Now, Im kind of at a wall. I think I need to add this key to the dictionary default_keys.dic or maybe that was a false positive or did something wrong?
Any advice for a next step would be greatly appreciated.
I wont have access to the actual reader for a couple weeks in the case that I need to "sniff" (havnt tried that yet either)
Thank You.


" There is an unarguable downside to unbreakable encryption " - Michael Hayden

Offline

Board footer

Powered by FluxBB