Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Pages: 1
I am working on a project that involves simulating a campus ID.
We are able to use hf search to get the following information:
https://imgur.com/a/1C6QE
We are trying
hf mf sim as well as hf 14a sim to attempt to simulate the card. We are getting no error codes, but we are also not getting any response from the card reader.
We were able to snoop the card, but we are unsure of what to do with this information.
If anyone has some gentle guidance, it would be appreciated!
Last edited by joshb (2017-11-07 21:44:46)
Offline
Well, post traces so ppl can look into it.
questions like, is the UID only used for identifcation? Then I belive there is a "hf 14a sim t" type for desfire.
but its usually not that way. Then look at what the reader tries to ask the card.. ie your sniffed traffic.
Offline
I am a team member in joshb's group. I snooped communication between the card and the reader, and this is what I got when I listed it.
http://textuploader.com/dlupy
Both of us are pretty inexperienced with this, so any guideace is greatly appreciated.
Offline
A nice trace, with a complete authentication aswell.
So much to learn. There are some desfire support in my fork, but the fork is not so stable. If you take a release, it should be ok.
Anyway, it just tries to gather info about the tag abit. I suggest you start reading a full datasheet for desfire and 7816
ISO 7816 COMMAND SET:
ISO SELECT (A4)
ISO GET CHALLENGE (84)
ISO EXTERNAL AUTHENTICATE (82)
ISO INTERNAL AUTHENTICATE (88)
ISO READ BINARY (B0)
ISO UPDATE BINARY (D6)
ISO READ RECORDS (B2)
ISO APPEND RECORD (E2)
Offline
Pages: 1