Mifre classic with honeywell reader

kat6877 · 2015-06-18 09:14:03

Hi All,

I am doing configuration mifare classic 4k (blank china card) with honeywell reader.

When I scan with the reader,the card number is showing as 39942. I can add the card and use it.

But when I scan with mifare tool on my NFC mobile ,the card UID is 06:9C:0F:C5.I do not see any number related to 39942 in all sector.

So this 39942 has been stored in which location? And how can I change it with different new number?

jump · 2015-06-18 16:12:10

$ printf "%x" 39942
9c06

So your reader is only using the first two bytes of the UID

kat6877 · 2015-06-19 09:03:39

So normally the reader should read 4 bytes?

What is the disadvantage of only 2 byte?

How can I fix to have more security?

jump · 2015-06-19 11:44:38

I don't know what your reader is supposed to do

From my point of view, no decent security system should rely exclusively on the UID of a tag because of collisions and one can easily spoof it or harvest them (the UID is public information).

The immediate consequence of using 2 bytes instead of for is that you divide the security by 65536 basically. Instead of having 4 million possibilities, you lowered it down to 65536 cards. Therefore the odds to get a collision here (2 different badges seen as the same by the system) are pretty high.

Proxmark3 community

Announcement

#1 2015-06-18 09:14:03

Mifre classic with honeywell reader

#2 2015-06-18 16:12:10

Re: Mifre classic with honeywell reader

#3 2015-06-19 09:03:39

Re: Mifre classic with honeywell reader

#4 2015-06-19 11:44:38

Re: Mifre classic with honeywell reader

Board footer