Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2020-09-06 10:29:29

easyeasy
Contributor
Registered: 2020-09-06
Posts: 10

Mifare 1k sniffed 0 sector A&B but cant go further

Ok, here's the setup:

 [ Proxmark3 RFID instrument ]

 [ CLIENT ]
  client: RRG/Iceman/master/release (git) 
  compiled with Clang/LLVM 4.2.1 Compatible Apple LLVM 10.0.0 (clang-1000.10.44.4) OS:OSX ARCH:x86_64

 [ PROXMARK3 ]

 [ ARM ]
  bootrom: RRG/Iceman/master/release (git) 
       os: RRG/Iceman/master/release (git) 
  compiled with GCC 9.2.1 20191025 (release) [ARM/arm-9-branch revision 277599]

 [ FPGA ]
  LF image built for 2s30vq100 on 2020-02-22 at 12:51:14
  HF image built for 2s30vq100 on 2020-01-12 at 15:31:16

 [ Hardware ]
  --= uC: AT91SAM7S512 Rev B
  --= Embedded Processor: ARM7TDMI
  --= Nonvolatile Program Memory Size: 512K bytes, Used: 256065 bytes (49%) Free: 268223 bytes (51%)
  --= Second Nonvolatile Program Memory Size: None
  --= Internal SRAM Size: 64K bytes
  --= Architecture Identifier: AT91SAM7Sxx Series
  --= Nonvolatile Program Memory Type: Embedded Flash Memory

Here's the key

hf search
 ? Searching for ISO14443-A tag...           
[+]  UID: 5A 04 E5 66 
[+] ATQA: 00 04
[+]  SAK: 08 [2]
[+] POSSIBLE TYPE:    MIFARE Classic 1K / Classic 1K CL2
[+] POSSIBLE TYPE:    MIFARE Plus 2K / Plus EV1 2K
[+] POSSIBLE TYPE:    MIFARE Plus CL2 2K / Plus CL2 EV1 2K
[=] proprietary non iso14443-4 card found, RATS not supported
[+] Prng detection: weak
[+] Static nonce: yes

[+] Valid ISO14443-A tag found

Darkside unsuccessful

[usb] pm3 --> hf mf darkside
[=] --------------------------------------------------------------------------------

[=] executing Darkside attack. Expected execution time: 25sec on average
[=] press pm3-button on the Proxmark3 device to abort both Proxmark3 and client.
[=] --------------------------------------------------------------------------------

..........
[-] ⛔ card is not vulnerable to Darkside attack (doesn't send NACK on authentication requests).

Success sniff from legit reader with hf 14a snoop and hf list 14a

Tag	01 20 01 45
Rdr	34! c5! 77! c7! 47! 66 3f! 2b
Tag	dc ca d1! 90!
Tag	0f! 6d 33! e4 ac! 3d b7 00 dd! b3 99 35! b9 03 cb 60
	be! db
Tag	ad 8e 5f! 8f d9! c1! 64! 7a! 81! 5f! 57 0d! 7c d9 2f 56!

-and-

Tag	01 20 01 45		
Rdr	e2! e2! 09 b3 2e! 80! d5 c1!							!crc	?
Tag	14 69 37 6a!		
Rdr	0b! 3d 69! b6									!crc	?
Tag	4e! e9! fe! 47 4e! c7 eb e0 0e! 54! 80 16 f1 01! 3d e0!		
	da! a4!										!crc	
Tag	5a 09! 5a! 49 5f 11 9c 26! 45! c2 f9 ea! 80! 36 04! 07!		
	76! 62										!crc	

Which lead to the same 0 sector keys A f3ab0ed60f17 and B 4a39c09f7630 using tools/mfkey/mfkey64 5a04e566 01200145 0f6d33e4 ac3db700 dccad190 (good NT, NR, NT,  AR)

Reproduced check on pm3:

[usb] pm3 --> hf mf chk *1 ? f3ab0ed60f17
[ 0] key F3 AB 0E D6 0F 17 
................................
[=] Time in checkkeys: 6 seconds

[=] testing to read key B...
[=] Sector 0, First block of sector 0, Num of block 4
[=] Reading block 3
Data:4A 39 C0 9F 76 30 

[+] found keys:
[+] |-----|----------------|---|----------------|---|
[+] | Sec | key A          |res| key B          |res|
[+] |-----|----------------|---|----------------|---|
[+] | 000 | f3ab0ed60f17   | 1 | 4a39c09f7630   | 1 |
[+] | 001 | ------------   | 0 | ------------   | 0 |
[+] | 002 | ------------   | 0 | ------------   | 0 |
[+] | 003 | ------------   | 0 | ------------   | 0 |
[+] | 004 | ------------   | 0 | ------------   | 0 |
[+] | 005 | ------------   | 0 | ------------   | 0 |
[+] | 006 | ------------   | 0 | ------------   | 0 |
[+] | 007 | ------------   | 0 | ------------   | 0 |
[+] | 008 | ------------   | 0 | ------------   | 0 |
[+] | 009 | ------------   | 0 | ------------   | 0 |
[+] | 010 | ------------   | 0 | ------------   | 0 |
[+] | 011 | ------------   | 0 | ------------   | 0 |
[+] | 012 | ------------   | 0 | ------------   | 0 |
[+] | 013 | ------------   | 0 | ------------   | 0 |
[+] | 014 | ------------   | 0 | ------------   | 0 |
[+] | 015 | ------------   | 0 | ------------   | 0 |
[+] |-----|----------------|---|----------------|---|
[+] ( 0:Failed / 1:Success)

(default keys didn't work also)

And reading sector 0:

[usb] pm3 --> hf mf rdsc 0 a f3ab0ed60f17
--sector no:0 key type:A key:F3 AB 0E D6 0F 17  

isOk:01
data   : 5A 04 E5 66 DD 08 04 00 62 63 64 65 66 67 68 69 
data   : 5A 04 E5 66 00 00 00 00 8B 3E 11 FF CE 57 90 87 
data   : C1 4A EA 75 D1 F5 DC 7D 97 19 5F 32 1F 39 1C 4A 
trailer: 00 00 00 00 00 00 FF 07 80 69 4A 39 C0 9F 76 30 
Trailer decoded:
Access block 0: rdAB wrAB incAB dectrAB
Access block 1: rdAB wrAB incAB dectrAB
Access block 2: rdAB wrAB incAB dectrAB
Access block 3: wrAbyA rdCbyA wrCbyA rdBbyA wrBbyA
UserData: 69

Nested attack offers staticnested instead:

[usb] pm3 --> hf mf nested 1 0 a f3ab0ed60f17
[!] ⚠️  Static nonce detected. Quitting...
[=] 	 Try use `hf mf staticnested`

Staticnested takes a lot of hours and no success:

[usb] pm3 --> hf mf staticnested 1 0 a f3ab0ed60f17
[+] Testing known keys. Sector count 16
..
[=] Chunk: 4.3s | found 2/32 keys (24)

[+] Time to check 23 known keys: 4 seconds

[+] enter static nested key recovery
[+] Found 56127 key candidates
[=]      0/56127 keys | 133.8 keys/sec | worst case  419.6 seconds remaining
[=]     84/56127 keys | 133.0 keys/sec | worst case  421.3 seconds remaining
[=]    168/56127 keys | 133.1 keys/sec | worst case  420.4 seconds remaining
[=]    252/56127 keys | 133.0 keys/sec | worst case  420.2 seconds remaining
[=]    336/56127 keys | 132.7 keys/sec | worst case  420.6 seconds remaining
[=]    420/56127 keys | 132.8 keys/sec | worst case  419.5 seconds remaining
[=]    504/56127 keys | 132.6 keys/sec | worst case  419.5 seconds remaining
[=]    588/56127 keys | 132.5 keys/sec | worst case  419.0 seconds remaining
[=]    672/56127 keys | 132.4 keys/sec | worst case  418.8 seconds remaining
[!] ⚠️  aborted via keyboard.

hf mf hardnested 0 a f3ab0ed60f17 1 a offers staticnested again
But hf mf hardnested 0 a f3ab0ed60f17 0 b f3ab0ed60f17 begins to work but never ends, just posting Apply bit flip properties for 6 days forever.

[usb] pm3 --> hf mf hardnested 0 a f3ab0ed60f17 0 b f3ab0ed60f17 
--target block no:  0, target key type:B, known target key: 0xf3ab0ed60f17, file action: none, Slow: No, Tests: 0 
[+] Using AVX SIMD core.



 time    | #nonces | Activity                                                | expected to brute force
         |         |                                                         | #states         | time 
------------------------------------------------------------------------------------------------------
       0 |       0 | Start using 8 threads and AVX SIMD core                 |                 |
       0 |       0 | Brute force benchmark: 276 million (2^28.0) keys/s      | 140737488355328 |    6d
       2 |       0 | Using 235 precalculated bitflip state tables            | 140737488355328 |    6d
       8 |       1 | Apply bit flip properties                               | 140737488355328 |    6d
       9 |       1 | Apply bit flip properties                               | 140737488355328 |    6d
      10 |       1 | Apply bit flip properties                               | 140737488355328 |    6d
      10 |       1 | Apply bit flip properties                               | 140737488355328 |    6d
      11 |       1 | Apply bit flip properties                               | 140737488355328 |    6d
      12 |       1 | Apply bit flip properties                               | 140737488355328 |    6d

Now, the problem:
Long ago there were gates with Mifare keyfobs. It was enough to copy legit keyfob's Sector 0 to chinese magic keyfob to operate.
Recently they changed some readers and gave new keyfobs to the people. So now i can copy Sector 0 to chinese magic and open OLD gates but cannot open NEW ones.

I guess there's something in 1-15 sectors what is read by NEW readers. Or NEW readers are somehow detect magic cards and don't act.

Please help understand why Darkside, Staticnested, Hardnested gives no result and what can be done in this situation.

Offline

#2 2020-09-06 10:40:11

iceman
Administrator
Registered: 2013-04-25
Posts: 9,538
Website

Re: Mifare 1k sniffed 0 sector A&B but cant go further

since the card isn't a genuine MIFARE classic tag,  its a clone chipset (like fudan etc) and it doesn't follow the standard where it has a static nonce. That means darkside, nested, hardnested doesn't work.   You can still sniff,  chk, to get keys.
With one key found,  you can use the static-nested key recovery but that is a painful slow experience as you noticed and does not guarante finding all keys. 

Since some years the manufactures has been adding different counter measures to cloned cards in their readers.  One is detection of gen1a card,  where some manufactures is kind of agressive where they try to write a faulty block0 bricking some magic cards.   That is what you are seeing.

Offline

#3 2020-09-06 10:53:33

easyeasy
Contributor
Registered: 2020-09-06
Posts: 10

Re: Mifare 1k sniffed 0 sector A&B but cant go further

iceman wrote:

they try to write a faulty block0 bricking some magic cards.   That is what you are seeing.

Just checked, Chinese card is unchanged after presenting it to NEW reader

Generally, there is nothing to be done, right?

Offline

#4 2020-09-06 11:02:37

easyeasy
Contributor
Registered: 2020-09-06
Posts: 10

Re: Mifare 1k sniffed 0 sector A&B but cant go further

BTW is there the way to deal with info which comes after nt nr at here:

Tag	01 20 01 45
Rdr	34! c5! 77! c7! 47! 66 3f! 2b
Tag	dc ca d1! 90!

--down here--
Tag	0f! 6d 33! e4 ac! 3d b7 00 dd! b3 99 35! b9 03 cb 60
	be! db
Tag	ad 8e 5f! 8f d9! c1! 64! 7a! 81! 5f! 57 0d! 7c d9 2f 56!

Tag is sending something

Offline

#5 2020-09-06 11:39:32

iceman
Administrator
Registered: 2013-04-25
Posts: 9,538
Website

Re: Mifare 1k sniffed 0 sector A&B but cant go further

yes,

Offline

#6 2020-09-07 21:45:59

easyeasy
Contributor
Registered: 2020-09-06
Posts: 10

Re: Mifare 1k sniffed 0 sector A&B but cant go further

So I figured out something.

Problem with Hardnested is obvious: Nonces are static so 1 just got 1 nonce and then it takes forever with no luck.

And I found old legit card which is working good with new readers. Card is vulnerable to Darkside, Nested and Hardnested. That makes me think that there's something with Gen1a detection.

Whats strange to me: why all the A and B keys are different for many cards on the same reader? Shouldn't reader have the same encryption keys?

Offline

#7 2020-09-07 23:27:08

easyeasy
Contributor
Registered: 2020-09-06
Posts: 10

Re: Mifare 1k sniffed 0 sector A&B but cant go further

And yes, checked for 40 command and its there! Definitely new readers check for Magic card. Gonna get that Gen2 OTW cards from China.

Offline

Board footer

Powered by FluxBB