New kind of mifare 1k?

daos · 2013-09-09 06:10:53

I've been playing with Mifare 1K Cards and recentely I bougth a new one, but I realized that is different.
I do the typical attack "Darkside attack" with the command "hf mf mifare" but always appear this:

WARNING: Nonce entropy is suspiciously high, something is wrong. Check timeouts (and perhaps increase STATE_SIZE)

I read in some post in the forum that had implemented a security type 3 but I no have luck find the answer my question in san google

If you look the UID is not the same when I run the diferent command,
and when the tag response appears a lot of number

proxmark3> hf 14a read
ATQA : 44 00
UID : 04 be 16 d2 22 22 80
SAK : 08 [2]
TYPE : NXP MIFARE CLASSIC 1k | Plus 2k
proprietary non iso14443a-4 card found, RATS not supported

proxmark3> hf 14a list
ETU :rssi: who bytes
---------+----+----+-----------
+ 0: : 52
+ 0: : 52
+ 236: 0: TAG 44 00
+ 0: : 93 20
+ 452: 0: TAG 88 04 be 16 24
+ 0: : 93 70 88 04 be 16 24 3b 47
+ 308: 0: TAG 04 da 17
+ 0: : 95 20
+ 452: 0: TAG d2 22 22 80 52
+ 0: : 95 70 d2 22 22 80 52 13 95
+ 308: 0: TAG 08 b6 dd
+ -1755: : 33 01 00 06 00 00 00 04 61 27 90 37 b4 33 01 80 07 00 00 00 04 32 ed b1 24 4e 36 01 00 ea 00 00 00 08 47 1d a0 91 8a 9a 24 f3 52 01 02 00 00 00 00 00 01 26 92 01 02 80 01 00 00 00 02 04 00 45 04 02 !crc

I do a test with another card and everything is normal but the generation of new cards are different

Regards

piwi · 2013-09-09 11:28:35

You have a new Mifare classic card with a 7 byte UID (previously the mifare classics had only 4 byte UIDs but NXP ran out of unique 4 byte UIDs some time ago).

The Warning indicates that you don't have the latest software revision. Please upgrade before further testing and then post your results again.

asper · 2013-09-09 12:05:56

Piwi can you post a link with official nxp description of those new mifare classic with 7bytes uid ? Notice that the above uid seems to be random...

daos · 2013-09-09 16:25:34

Thanks for being attentive

I download the version pm3-bin-756 (cdc+lua).rar in google code, are you suggests to update the version r763 ?

proxmark3> #db# Prox/RFID mark3 RFID instrument
proxmark3> #db# bootrom: svn 755 2013-07-13 08:14:12
proxmark3> #db# os: svn 755 2013-07-13 08:14:16
proxmark3> #db# FPGA image built on 2012/ 1/ 6 at 15:27:56

I check over the changes in the trunk in google code but the changes no reference with the topic, if I upload the version there would be some difference?

I'll leave this here

-------------------------------------------------------------------------
Executing command. Expected execution time: 25sec on average  :-)
Press the key on the proxmark3 device to abort both proxmark3 and client.
-------------------------------------------------------------------------
.#db# Tuning... testing a delay of 25 ms (press button to skip)                 
...#db#       ... results for 25 ms : 99 %                 
#db# Tuning... testing a delay of 50 ms (press button to skip)                 
......#db#       ... results for 50 ms : 100 %                 
#db# Tuning... testing a delay of 100 ms (press button to skip)                 
...........#db#       ... results for 100 ms : 100 %                 
#db# Tuning... testing a delay of 200 ms (press button to skip)                 
.....................#db#       ... results for 200 ms : 100 %                 
#db# Tuning... testing a delay of 400 ms (press button to skip)                 
.........................................#db#       ... results for 400 ms : 100 %                 
#db# Tuning... testing a delay of 800 ms (press button to skip)                 
.................................................................................#db#       ... results for 800 ms : 100 %                 
#db# Tuning... testing a delay of 1300 ms (press button to skip)                 
...................................................................................................................................#db#       ... results for 1300 ms : 100 %                 
#db# Tuning... testing a delay of 1800 ms (press button to skip)                 
.........................................#db#       ... results for 1800 ms : 100 %                 
#db# Tuning... testing a delay of 2300 ms (press button to skip)                 
..........................................................................................#db#       ... results for 2300 ms : 100 %                 
#db# OBS! This card has high entropy (100) and slow power-down. This may take a while                 
#db# Using power-down-time of 2300 ms, offset time 588 us                 
..............................................................................................#db# WARNING: Nonce entropy is suspiciously high, something is wrong. Check timeouts (and perhaps increase STATE_SIZE)

piwi · 2013-09-10 06:39:41

daos wrote:

I download the version pm3-bin-756 (cdc+lua).rar in google code, are you suggests to update the version r763 ?

Yes. The latest changes in trunk have been merged to the scripting branch with r762, including changes to hf mf mifare from r754.

asper wrote:

Piwi can you post a link with official nxp description of those new mifare classic with 7bytes uid ?

For example: http://www.mifare.net/files/4713/0936/9 … es_V12.pdf

asper wrote:

Notice that the above uid seems to be random...

I interpreted it differently. daos said "the UID is not the same when I run the diferent command", i.e. hf mf reader vs. hf mf list. The UID is in fact the same in both commands but the tag delivers UIDs > 4 Bytes in chunks:

proxmark3> hf 14a list
ETU :rssi: who bytes
---------+----+----+-----------
+ 0: : 52
+ 0: : 52
+ 236: 0: TAG 44 00
+ 0: : 93 20
+ 452: 0: TAG 88 04 be 16 24
+ 0: : 93 70 88 04 be 16 24 3b 47
+ 308: 0: TAG 04 da 17
+ 0: : 95 20
+ 452: 0: TAG d2 22 22 80 52
+ 0: : 95 70 d2 22 22 80 52 13 95
+ 308: 0: TAG 08 b6 dd

@daos: please clarify: if you run hf mf reader several times, does it deliver different UIDs each time?

daos · 2013-09-13 21:51:02

Nope! it's the same

proxmark3> hf 14a reader
ATQA : 44 00          
 UID : 04 be 16 d2 22 22 80           
 SAK : 08 [2]          
TYPE : NXP MIFARE CLASSIC 1k | Plus 2k          
proprietary non iso14443a-4 card found, RATS not supported          
proxmark3> 
proxmark3> hf 14a reader
ATQA : 44 00          
 UID : 04 be 16 d2 22 22 80           
 SAK : 08 [2]          
TYPE : NXP MIFARE CLASSIC 1k | Plus 2k          
proprietary non iso14443a-4 card found, RATS not supported          
proxmark3> 
proxmark3> hf 14a reader
ATQA : 44 00          
 UID : 04 be 16 d2 22 22 80           
 SAK : 08 [2]          
TYPE : NXP MIFARE CLASSIC 1k | Plus 2k          
proprietary non iso14443a-4 card found, RATS not supported

But I did not realize the UID is divide ! very good observer !
And the hf 14a list it's the same.

Reading the pdf nxp link, this card is a non-unique ID the MIFARE Classic next generation, how said in this document

It's UID 7 byte

http://www.nxp.com/documents/application_note/AN10927.pdf

Also the Mifare Classic UID 4 byte is this being discontinued by NXP and The Darkside attack will not work anymore!

Sooooo .... What we do ?

I update at the last version r763 and surprise !

proxmark3> #db# bootrom: svn 755 2013-07-13 08:14:12
proxmark3> #db# os: svn 0-suspect 2013-09-13 18:09:43
proxmark3> #db# FPGA image built on 2012/ 1/ 6 at 15:27:56

It's obviously the compile fail, can you attach me the osimage.elf and the fga.elf..... plz

piwi · 2013-09-14 08:20:26

daos wrote:

Also the Mifare Classic UID 4 byte is this being discontinued by NXP and The Darkside attack will not work anymore!

Not quite correct. For authentication purposes there are still only 4 Bytes used to initialize the crypto state. Darkside attack on Mifare Classic with 7 Byte UID would still work if they didn't change the random number generator. Needs a small patch - I will provide soon.

Please note that 7 Byte UID doesn't imply a Mifare Classic Next Generation. The reverse is true though.

daos wrote:

I update at the last version r763 and surprise !
proxmark3> #db# bootrom: svn 755 2013-07-13 08:14:12
proxmark3> #db# os: svn 0-suspect 2013-09-13 18:09:43
proxmark3> #db# FPGA image built on 2012/ 1/ 6 at 15:27:56
It's obviously the compile fail, can you attach me the osimage.elf and the fga.elf..... plz

Hmm, if the client compiled but the PM OS didn't, there is probably a problem with your tool chain? What is the result of

make flash-os FLASH_PORT=com4

(or whatever com-port your PM is on) ?

piwi · 2013-09-15 10:31:31

Hmmm. The code seems to be prepared for 7 Byte UIDs. Need to dive further into it...

en4rab · 2013-10-11 11:18:37

I think i might be having a similar issue.
I have just been poking at a tag that seems to be a Mifare classic mini:
I have tried with a touchatag reader MFOC and MFCUK (the latest versions of which seem broken giving only the last 2 bytes of they key correctly) neither of which worked.
and also tried using a proxmark3 with 807 firmware and the hf mf mifare commad, and also the mifare_autopwn script
hf mf mifare doesnt recognise the tag and just prints dots to the screen and mifare_autopwn recognises the card and prints the 7 byte uid then just stops.
Any ideas?

proxmark3> hf 14a read
ATQA : 44 00
 UID : 04 be b9 9a 24 2b 80
 SAK : 09 [2]
TYPE : NXP MIFARE Mini 0.3k
proprietary non iso14443a-4 card found, RATS not supported
proxmark3> hf 14a list
recorded activity:
 ETU     :rssi: who bytes
---------+----+----+-----------
 +      0:    :     52
 +    236:   0: TAG 44  00
 +      0:    :     93  20
 +    452:   0: TAG 88  04  be  b9  8b
 +      0:    :     93  70  88  04  be  b9  8b  f1  36
 +    308:   0: TAG 04  da  17
 +      0:    :     95  20
 +    452:   0: TAG 9a  24  2b  80  15
 +      0:    :     95  70  9a  24  2b  80  15  2e  ef
 +    308:   0: TAG 09  3f  cc

Last edited by en4rab (2013-10-11 11:19:26)

daos · 2013-10-20 20:27:42

@en4rab I saw that you have the same problem, I have busy but I don't give up to the problem, I will search in the web what i can find

asper · 2013-10-20 21:13:05

Piwi do you have news about code supporting 7bytes uid mifare tags?

piwi · 2013-10-22 10:02:25

I finally could get hold of a Mifare card with 7 byte UID (a Mifare Plus X in SL 1). The 7 byte UID itself isn't a problem. However, NXP obviously has fixed the PRNG within their newer cards (and it would have been VERY stupid if they had not). hf mf mifare and hf mf nested therefore don't work anymore.

holiman · 2013-10-22 13:44:09

Interesting. I guess that applies both to the wrap-around-after-65k issue and the reset-prng-at-shutdown issues? Have you tested with the older 'hf mf mifare' algorithm?

asper · 2013-10-22 15:08:05

So the only way is to sniff and decrypt the communication ? Some tests with the crapto1 algo decoding ?

daos · 2013-10-24 19:04:48

Nope its not working too, I the traditional way its no possible, please look the first post and you see the all charaters in blue

daos · 2013-10-24 19:08:23

complementing the last post, I look that is different from 4 UID bytes, traditional 1k

daos · 2013-11-12 19:45:57

Woow! nobody hits in the joke ?

Proxmark3 community

Announcement

#1 2013-09-09 06:10:53

New kind of mifare 1k?

#2 2013-09-09 11:28:35

Re: New kind of mifare 1k?

#3 2013-09-09 12:05:56

Re: New kind of mifare 1k?

#4 2013-09-09 16:25:34

Re: New kind of mifare 1k?

#5 2013-09-10 06:39:41

Re: New kind of mifare 1k?

#6 2013-09-13 21:51:02

Re: New kind of mifare 1k?

#7 2013-09-14 08:20:26

Re: New kind of mifare 1k?

#8 2013-09-15 10:31:31

Re: New kind of mifare 1k?

#9 2013-10-11 11:18:37

Re: New kind of mifare 1k?

#10 2013-10-20 20:27:42

Re: New kind of mifare 1k?

#11 2013-10-20 21:13:05

Re: New kind of mifare 1k?

#12 2013-10-22 10:02:25

Re: New kind of mifare 1k?

#13 2013-10-22 13:44:09

Re: New kind of mifare 1k?

#14 2013-10-22 15:08:05

Re: New kind of mifare 1k?

#15 2013-10-24 19:04:48

Re: New kind of mifare 1k?

#16 2013-10-24 19:08:23

Re: New kind of mifare 1k?

#17 2013-11-12 19:45:57

Re: New kind of mifare 1k?

Board footer