Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

Pages: 1

#1 2013-04-17 12:00:35

toyudai
Member
Registered: 2012-11-30
Posts: 6

hf 14a reader gives incorrect UID

-- I have tried to read UID from Mifare DESFire card using proxmark 3 with svn version 698

      proxmark3> hw ver
      #db# Prox/RFID mark3 RFID instrument                 
      #db# bootrom: svn 698 2013-04-15 16:13:27                 
    #db# os: svn 698 2013-04-16 17:44:23                 
      #db# FPGA image built on 2012/ 1/ 6 at 15:27:56   

- And I get incorrect result as
        proxmark3> hf 14a reader
        ATQA : 44 03         
        UID : 88 04 56 61 80 1d 80           
        SAK : 20 [1]         
    TYPE : NXP MIFARE DESFire 4k | DESFire EV1 2k/4k/8k | Plus 2k/4k | JCOP 31/41         
     ATS : 06 75 77 81 02 80 02 f0           
                  -  TL : length is 6 bytes         
           -  T0 : TA1 is present, TB1 is present, TC1 is present, FSCI is 5         
           - TA1 : different divisors are supported, DR: [2, 4, 8], DS: [2, 4, 8]         
           - TB1 : SFGI = 0, FWI = 8         
           - TC1 : NAD is NOT supported, CID is supported         
           -  HB : 80         


- The correct UID of the card is 04 56 88 61 80 1D 80 (got from NXP TagInfo on Android)
- Similarly proxmark 3 os with svn 668 returned correct UID although some extra 4 bytes are added later.

proxmark3> hf 14a reader
ATQA : 44 03         
UID : 04 56 88 61 80 1d 80 00 57 05 d5 45           
SAK : 20 [1]         
SAK : NXP MIFARE DESFire 4k | DESFire EV1 2k/4k/8k | Plus 2k/4k | JCOP 31/41         
ATS : 06 75 77 81 02 80 02 f0           
       -  TL : length is 6 bytes         
       -  T0 : TA1 is present, TB1 is present, TC1 is present, FSCI is 5         
       - TA1 : different divisors are supported, DR: [2, 4, 8], DS: [2, 4, 8]         
       - TB1 : SFGI = 0, FWI = 8         
       - TC1 : NAD is NOT supported, CID is supported         
       -  HB : 80       


Is there something I can do to get the correct UID from new svn version?

Offline

#2 2013-04-18 18:47:44

toyudai
Member
Registered: 2012-11-30
Posts: 6

Re: hf 14a reader gives incorrect UID

Ok found the bug in armsrc/iso14443a.c in function iso14443a_select_card(.....), I changed memcpy(uid_ptr, uid_ptr+1, 3) to memcpy(uid_resp, uid_resp + 1, 3) and it started giving me the correct UID smile

if ((sak & 0x04) && uid_resp[0] == 0x88) {
    // Remove first byte, 0x88 is not an UID byte, it CT, see page 3 of:
    // http://www.nxp.com/documents/application_note/AN10927.pdf
    //memcpy(uid_ptr, uid_ptr + 1, 3);
    memcpy(uid_resp, uid_resp + 1, 3);
    uid_resp_len = 3;   
      }

Offline

Pages: 1

Board footer

Powered by FluxBB