Proxmark developers community

Research, development and trades concerning the powerful Proxmark3 device!

You are not logged in.

#1 Re: MIFARE Classic » #db# Nested: Auth1 error Authentication failed.Card timeout (svn 845) » Yesterday 22:00:35

The intent is personal (everyone can play as he wants), what I would avoid is "disclose potentially unwanted secrets" such as vendor's keys because the forum should get in troubles and avoid helping people to obtain something for free even if it costs 1 cent. Also answers for the above questions are scattered all around the forum so if someone REALLY wants to study he should equip himself with lot of patience and start reading the very useful info availble here and there and also official datasheets+research papers. I wanted a windows gui to make things easier but now i am not sure it was a good choice.... spoon-feeding is also "bad" because it doesn't help the learning process.

Those are my 0.5 cents, I hope you will understand the meaning of my words.

#2 Re: MIFARE Classic » #db# Nested: Auth1 error Authentication failed.Card timeout (svn 845) » Yesterday 19:34:02

Well I consider all the thread, not only some posts or "dumps" and reading the whole content of this thread I suppose (quite celarly) it is for "malicious" intent. If you do not agree feel free to help him, I will then change my previous sentence in "... I do not support".

#3 Re: MIFARE Classic » #db# Nested: Auth1 error Authentication failed.Card timeout (svn 845) » Yesterday 16:40:55

Please end this discussion, it is quite obvious that the key will be used for something we do not "support".

#6 Re: Questions and Requests » epa raw commands » 2014-04-16 09:23:28

Ok I found the problem; 14a raw command seems to have a bug: if I try to send more than 12 bytes the tag doesn't answer so I mean that from byte 13 (starting from 1) and on bytes are someway "lost": can someone have a look at the code ? I found in the code that there seems to be a limit in received bytes (only 16) but nothing about sent bytes. The patch was added in r784.

If we can overcome those limits ePassport support will be really easy to add.

#7 Re: Questions and Requests » epa raw commands » 2014-04-15 22:30:32

I think I found a way to correctly communicate with those devices. Who is interested can reply to this post, it should be easy to add reading of an ePassport in the client (if you want to decode the image contained you will need a jp2 decoder).

#8 Re: MIFARE Classic » MCT - An Android NFC-App for reading/writing/analysing/etc. MF Classic » 2014-04-15 19:22:14

Hi Ikarus, I am further ivestigating ISO14443 protocol and I have found this good diagram for you to recognize a mifare card type:
w6gaQPa.png

#9 Questions and Requests » epa raw commands » 2014-04-14 09:17:51

asper
Replies: 5

I am investigating epassport raw commands but I am not able to send them with ISO14443A raw command feature;

The select command:

00 A4 04 0C 07 A0 00 00 02 47 10 01

should give a 90 00 answer but sending it I am receiving no answer.

Sending a select command the answer is a random UID (the UID remain fixed if you select the option to not to turn off field after sending acommand, this is quite obvious).

Can someone please tell me the correct command sequence to obtain an answer from my epassport ?

If useful this is the answer to the pm3 already implemented epa command:

proxmark3> hf epa cnonces 10 16 0
Collecting 16 10-byte nonces          
Start: 1397463446          
Error in step 2, Return code: 0          
Error in step 2, Return code: 0          
Error in step 2, Return code: 0          
Error in step 2, Return code: 0          
Error in step 2, Return code: 0          
Error in step 2, Return code: 0          
Error in step 2, Return code: 0          
Error in step 2, Return code: 0          
Error in step 2, Return code: 0          
Error in step 2, Return code: 0          
Error in step 2, Return code: 0          
Error in step 2, Return code: 0          
Error in step 2, Return code: 0          
Error in step 2, Return code: 0          
Error in step 2, Return code: 0          
Error in step 2, Return code: 0          
End: 1397463448  

#11 Re: Linux Client » porting client to Java (platform independent) to use it on Android » 2014-04-13 19:08:57

USB commands are really a lot for some client commands (it means that 1 single client command can produce many usb-sent sub-commands) and i think this is really difficult to implement. Unfortunately a gui like the win version seems to be the only practical way (settings file is already good to be used) but in most cases it will need root

#12 Re: MIFARE Ultralight » Ultralight C - in testing » 2014-04-12 14:15:30

Iceman can I have the link where you bought the ultralightc with changeable UID ?

EDIT:

can you also test to write blocks after 0f (ex. 15 or 22) and see if you can read them back ? After the write command try to read with single block and all card please ! I suppose your card is not an ultralightc but a simple ultralight with changeable uid.

#13 Re: MIFARE Ultralight » Ultralight C - in testing » 2014-04-12 07:19:15

Did you install openssl ? It compiles for me.

Try to replace the .a files in \ssl folder with those 2; they are oldery compiled libraries (the ones you can found in my previous packet are latest version compiled by me but my compiler works with both of them).

Alternatively here it is my already compiled version.

Please test and tell us if ultralightc support works for you!

#14 Re: MIFARE Classic » #db# Nested: Auth1 error Authentication failed.Card timeout (svn 845) » 2014-04-11 21:46:11

Well you cracked it. Keya and keyb for sectors from 0 to 7 and 15 are ffffffffffff.
Keya for sector from 8 to 14 is a0a1a2a3a4a5 while keyb for the same sectors is 000000000000.

You can use these keys to read/write specific sectors. Please read mifare classic manual to learn more about those tags.

EDIT:
As I told you:

Also rememebr that the command:
hf mf nested 1 0 A a0a1a2a3a4a5
need to use the correct key for the selected sector (you selected sector 0 and keyA a0a1a2a3a4a5, are you sure that block0 has keyA = a0a1a2a3a4a5 ? Or maybe that keyA is for another sector ?).

The command:

hf mf nested 1 0 A a0a1a2a3a4a5 t

was wrong because a0a1a2a3a4a5 is not sector0 keyA = authentication error

hf mf nested 1 0 A ffffffffffff t

is correct because ffffffffff is sector0 keyA = it works !

#15 Re: MIFARE Ultralight » Ultralight C - in testing » 2014-04-11 12:45:52

Found the problem reading this thread.
If you wan to compile under windows uncompress this file under your proxmark3 branch (supporting ultralightc) source.

#16 Re: MIFARE Ultralight » Ultralight C - in testing » 2014-04-11 12:26:00

Thanks to midnite suggestion (using static libssl.a and libcrypto.a libraries) I managed to bypass the above error but now stick at this one:
YG35pbH.png

Any hint ? Holiman ?

#17 Re: MIFARE Ultralight » Ultralight C - in testing » 2014-04-11 11:20:29

Well, I managed to bypass the above error and now I am stuck at midnite's problem, missing references (both on win and android):
WZC5pN8.png

For windows users: if you installed openssl as explained in this guide (page 12 to 16) extract this file in your proxmark source folder and it will "see" openssl.

Still working on missing references.

#18 Re: MIFARE Ultralight » Ultralight C - in testing » 2014-04-10 23:27:28

I was able to add openssl to MinGW using this guide from page 12 to page 16 - (after installing it also copy this folder inside the proxmark3 \client folder) but when I reach this point I find hard to go further:
9KeDPO2.png

The problem seems to be here [\client\makefile]:

LDLIBS = -L/opt/local/lib -L/usr/local/lib -lreadline -lpthread -lssl ../liblua/liblua.a

My openssl folder is here: C:\OpenSSL-Win64; any other hint to overcome this problem ? I don't know which \ssl folder must be "Located" by the above string (there are more than one \sll folder inside my MinGW after openssl installation).

#19 Re: 125 kHz - ISO 11784 / 11785 » T5557 issues (multitags) » 2014-04-10 20:10:33

For what i know the method to put a t55x7 in its own mode is to send a very quick command before it starts the simulating routine (written on the datasheet) but this way it will remain in its own mode until you specify to turn it back into one of the possible emulation mode.

#20 Re: MIFARE Classic » #db# Nested: Auth1 error Authentication failed.Card timeout (svn 845) » 2014-04-10 08:58:57

Please have a look at this to know more about flashing: https://github.com/Proxmark/proxmark3/wiki/compiling; if you are using windows the commands are:
To flash full FPGA image:

flasher.exe comX -b fullimage.elf

To flash the OS:

flasher.exe comX osimage.elf

replace X with the com port assigned to your proxmark3 under Windows.

You can find the compile elf files here; .elf files must be in the same folder as flasher.exe.

If you are unconfortable with manual commands you can use provided batch files (.bat) included in the link above just as they are but you need to preserve folder structure as it is in the archives.

EDIT:
Also rememebr that the command:
hf mf nested 1 0 A a0a1a2a3a4a5
need to use the correct key for the selected sector (you selected sector 0 and keyA a0a1a2a3a4a5, are you sure that block0 has keyA = a0a1a2a3a4a5 ? Or maybe that keyA is for another sector ?).

#21 Re: 125 kHz - ISO 11784 / 11785 » T5557 issues (multitags) » 2014-04-10 07:00:43

For what i know you can't except trying to put it back in its programmable configuration: if it revert back it is a t55x7.

#22 Re: General (USB driver, Framework, Protocol) » HID/CDC: Problem flashing OS after upgrading to the latest Bootloader » 2014-04-10 00:49:51

Tests to do to flash new firmwares are 4:

1) flash os/fpga with new flasher holding the button
2) flash os/fpga with new flasher without holding the button
3) flash os/fpga with old flasher holding the button
4) flash os/fpga with old flasher without holding the button

Maybe you tryed them all, if not try and report! If none of those methods work, you should need a jtag. Let me know if you tested all 4 "combos"!

#23 Re: MIFARE Classic » #db# Nested: Auth1 error Authentication failed.Card timeout (svn 845) » 2014-04-09 20:50:39

Try to flash OS and FPGA holding the button using the new flasher and let me know.

#24 Re: General (USB driver, Framework, Protocol) » HID/CDC: Problem flashing OS after upgrading to the latest Bootloader » 2014-04-09 15:03:16

Try to flash new OS and FPGA (from r655 and above) using the new flasher while holding the button.

#25 Re: MIFARE Classic » Successfully cracked a MC1K, but the cloned card cannot be recognized » 2014-04-09 10:18:25

Maybe the reader check for special chinese commands to be accepted by the card ? (very difficult to believe but this can be possible if the cards are exactly the same). Did you try a changeable uid card that needs special commands or the new ones ?

Board footer

Powered by FluxBB