Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Hi,
I got a Mifare Classic Card, where block0 is encrypted
block1-6 use ffffffffffff as A/B key
using nested command returned "[-] Tag isn't vulnerable to Nested Attack (PRNG is not predictable)."
using hardnested command stop at nonces 335/336, ( i believe it is a memory issue --512Mb version-- as iceman mentioned in other thread"
without doing sniffing, is there any other way to move this forward?
Thanks in advance
pm3 --> hw version
[[[ Cached information ]]]
Proxmark3 RFID instrument
[ ARM ]
bootrom: iceman/master/ice_v3.1.0-787-g192aa9ab 2018-04-08 11:49:32
os: iceman/master/ice_v3.1.0-787-g192aa9ab 2018-04-08 11:49:37
[ FPGA ]
LF image built for 2s30vq100 on 2017/10/25 at 19:50:50
HF image built for 2s30vq100 on 2017/11/10 at 19:24:16
[ Hardware ]
--= uC: AT91SAM7S512 Rev B
--= Embedded Processor: ARM7TDMI
--= Nonvolatile Program Memory Size: 512K bytes, Used: 237727 bytes (45%) Free: 286561 bytes (55%)
--= Second Nonvolatile Program Memory Size: None
--= Internal SRAM Size: 64K bytes
--= Architecture Identifier: AT91SAM7Sxx Series
--= Nonvolatile Program Memory Type: Embedded Flash Memory
pm3 --> hf 14a info
UID : 33 DD A0 E7
ATQA : 00 04
SAK : 08 [2]
TYPE : NXP MIFARE CLASSIC 1k | Plus 2k SL1 | 1k Ev1
proprietary non iso14443-4 card found, RATS not supported
Answers to magic commands: NO
Prng detection: WEAK
pm3 --> hf mf chk *1 ? d
testing to read key B...
|---|----------------|---|----------------|---|
|sec|key A |res|key B |res|
|---|----------------|---|----------------|---|
|000| ------------ | 0 | ------------ | 0 |
|001| ffffffffffff | 1 | ffffffffffff | 1 |
|002| ffffffffffff | 1 | ffffffffffff | 1 |
|003| ffffffffffff | 1 | ffffffffffff | 1 |
|004| ffffffffffff | 1 | ffffffffffff | 1 |
|005| ffffffffffff | 1 | ffffffffffff | 1 |
|006| ffffffffffff | 1 | ffffffffffff | 1 |
|007| ------------ | 0 | ------------ | 0 |
|008| ------------ | 0 | ------------ | 0 |
|009| ------------ | 0 | ------------ | 0 |
|010| ------------ | 0 | ------------ | 0 |
|011| ------------ | 0 | ------------ | 0 |
|012| ------------ | 0 | ------------ | 0 |
|013| ------------ | 0 | ------------ | 0 |
|014| ------------ | 0 | ------------ | 0 |
|015| ------------ | 0 | ------------ | 0 |
|---|----------------|---|----------------|---|
Printing keys to binary file hf-mf-33DDA0E7-key.bin...
pm3 --> hf mf nested 1 4 A FFFFFFFFFFFF d
Testing known keys. Sector count=16
[-] Chunk: 0.9s | found 0/32 keys (21)
[+] Time to check 20 known keys: 1 seconds
enter nested attack
[-] Tag isn't vulnerable to Nested Attack (PRNG is not predictable).
pm3 --> hf mf hardnested 4 A FFFFFFFFFFFF 0 A
--target block no: 0, target key type:A, known target key: 0x000000000000 (not set), file action: none, Slow: No, Tests: 0
Couldn't read benchmark data. Assuming brute force rate of 120000000 states per second
time | #nonces | Activity | expected to brute force
| | | #states | time
------------------------------------------------------------------------------------------------------
0 | 0 | Start using 2 threads and SSE2 SIMD core | |
0 | 0 | Brute force benchmark: 120 million (2^26.8) keys/s | 140737488355328 | 14d
0 | 0 | Using 0 precalculated bitflip state tables | 140737488355328 | 14d
5 | 112 | Apply bit flip properties | 140737488355328 | 14d
7 | 224 | Apply bit flip properties | 140737488355328 | 14d
9 | 336 | Apply bit flip properties | 140737488355328 | 14d
[!] Error: No response from Proxmark.Last edited by rayway99 (2018-06-05 10:04:09)
Offline
Memory size wouldn't matter if you were using the pm3 master firmware. Not sure on icemans.
Offline
thanks @marshmellow for the prompt reply
I switched back to the master firmware now the hardnested is running
487 | 39289 | Apply bit flip properties | nan | nand
...and still going
not sure if the "nan|nand" are being expected or not ( first time to play with hardnested and not sure the norm duration for the process )
will report back and mark topic solved if successfuly
Offline
Be sure you are not using sector numbers but actual block numbers.
Offline
hi @marshmellow,
I believe i have used the correct block number ( but i did stop the hardnested to double check..)
the process is now at at time #2552 , running over 1 hour now..
proxmark3> hf mf hardnested 8 A FFFFFFFFFFFF 56 A
--target block no: 56, target key type:A, known target key: 0x000000000000 (not set), file action: none, Slow: No, Tests: 0
Using SSE2 SIMD core.
Couldn't read benchmark data. Assuming brute force rate of 120000000 states per second
time | #nonces | Activity | expected to brute force
| | | #states | time
------------------------------------------------------------------------------------------------------
0 | 0 | Start using 2 threads and SSE2 SIMD core | |
0 | 0 | Brute force benchmark: 120 million (2^26.8) keys/s | 140737488355328 | 14d
0 | 0 | Using 0 precalculated bitflip state tables | 140737488355328 | 14d
5 | 112 | Apply bit flip properties | 140737488355328 | 14d
...
2552 | 65090 | Apply bit flip properties | nan | nand
...I wonder how long it might be running for ( I do have an wooden PC like 5 years back running dual-core 2.6GHz )
also curious under what circumstances one would put the known target key in the command as parameters ( isn't the target key being what are are trying to get from the hardnested attack ?)
Offline
hmm i have run the hardnested for 2 hours on the PM3 (Elechouse Easy Model) and got error "Error: No response from Proxmark."
not sure if I am doing sth wrong but too obvious to catch with my own eyes
proxmark3> hw version
[[[ Cached information ]]]
Prox/RFID mark3 RFID instrument
bootrom: master/v3.0.1-361-ge069547-suspect 2018-04-03 11:12:28
os: master/v3.0.1-361-ge069547-suspect 2018-04-03 11:12:31
LF FPGA image built for 2s30vq100 on 2015/03/06 at 07:38:04
HF FPGA image built for 2s30vq100 on 2017/10/27 at 08:30:59
uC: AT91SAM7S512 Rev B
Embedded Processor: ARM7TDMI
Nonvolatile Program Memory Size: 512K bytes. Used: 199639 bytes (38%). Free: 324649 bytes (62%).
Second Nonvolatile Program Memory Size: None
Internal SRAM Size: 64K bytes
Architecture Identifier: AT91SAM7Sxx Series
Nonvolatile Program Memory Type: Embedded Flash Memory
proxmark3> hf 14a info
UID : 33 dd a0 e7
ATQA : 00 04
SAK : 08 [2]
TYPE : NXP MIFARE CLASSIC 1k | Plus 2k SL1
proprietary non iso14443-4 card found, RATS not supported
No chinese magic backdoor command detected
Prng detection: HARDEND (hardnested)
proxmark3> hf mf hardnested 12 A FFFFFFFFFFFF 52 A w
--target block no: 52, target key type:A, known target key: 0x000000000000 (not set), file action: write, Slow: No, Tests: 0
Using SSE2 SIMD core.
Couldn't read benchmark data. Assuming brute force rate of 120000000 states per second
time | #nonces | Activity | expected to brute force
| | | #states | time
------------------------------------------------------------------------------------------------------
0 | 0 | Start using 2 threads and SSE2 SIMD core | |
0 | 0 | Brute force benchmark: 120 million (2^26.8) keys/s | 140737488355328 | 14d
0 | 0 | Using 0 precalculated bitflip state tables | 140737488355328 | 14d
5 | 0 | Writing acquired nonces to binary file nonces.bin | 140737488355328 | 14d
5 | 111 | Apply bit flip properties | 140737488355328 | 14d
6 | 223 | Apply bit flip properties | 140737488355328 | 14d
6 | 334 | Apply bit flip properties | 140737488355328 | 14d
7 | 445 | Apply bit flip properties | 140737488355328 | 14d
8 | 557 | Apply bit flip properties | 140737488355328 | 14d
9 | 666 | Apply bit flip properties | 140737488355328 | 14d
10 | 775 | Apply bit flip properties | 140737488355328 | 14d
11 | 887 | Apply bit flip properties | 140737488355328 | 14d
12 | 998 | Apply bit flip properties | 140737488355328 | 14d
12 | 1109 | Apply bit flip properties | 140737488355328 | 14d
18 | 1216 | Apply Sum property. Sum(a0) = 128 | nan | nand
19 | 1325 | Apply bit flip properties | nan | nand
20 | 1437 | Apply bit flip properties | nan | nand
...
5071 | 65532 | Apply bit flip properties | nan | nand
Waiting for a response from the proxmark...
You can cancel this operation by pressing the pm3 button
Error: No response from Proxmark.Offline
Using 0 precalculated bitflip state tables
Please check your installation. The bitflip state tables should be in the client/hardnested/tables directory (a few hundred of *.bin.z files). Hardnested doesn't work without them.
Offline
thanks piwi, there are such folder for win32\hardnested\tables with those .bin.z files
but once I move the pm3 folder to the root directory of the local drive ( away from the parent direcoty contains non-English characters)
the hardnested starts to work as expected , thanks heaps and resolving the topic for now
***still have the doubt that when one should be using the known target key parameters in a hardnested attack***
proxmark3> hf mf hardnested 12 A FFFFFFFFFFFF 52 A w
--target block no: 52, target key type:A, known target key: 0x000000000000 (not set), file action: write, Slow: No, Tests: 0
Using SSE2 SIMD core.
time | #nonces | Activity | expected to brute force
| | | #states | time
------------------------------------------------------------------------------------------------------
0 | 0 | Start using 2 threads and SSE2 SIMD core | |
0 | 0 | Brute force benchmark: 182 million (2^27.4) keys/s | 140737488355328 | 9d
3 | 0 | Using 235 precalculated bitflip state tables | 140737488355328 | 9d
7 | 0 | Writing acquired nonces to binary file nonces.bin | 140737488355328 | 9d
8 | 112 | Apply bit flip properties | 406019080192 | 37min
9 | 224 | Apply bit flip properties | 288500187136 | 26min
10 | 336 | Apply bit flip properties | 116740063232 | 11min
11 | 447 | Apply bit flip properties | 47558418432 | 4min
12 | 557 | Apply bit flip properties | 35742220288 | 3min
13 | 668 | Apply bit flip properties | 34049961984 | 3min
14 | 778 | Apply bit flip properties | 34049961984 | 3min
15 | 889 | Apply bit flip properties | 17237016576 | 2min
16 | 1001 | Apply bit flip properties | 16420960256 | 2min
17 | 1111 | Apply bit flip properties | 16420960256 | 2min
18 | 1219 | Apply bit flip properties | 15384170496 | 85s
19 | 1329 | Apply bit flip properties | 15384170496 | 85s
20 | 1439 | Apply bit flip properties | 15384170496 | 85s
26 | 1549 | Apply Sum property. Sum(a0) = 128 | 1438410752 | 8s
28 | 1661 | Apply bit flip properties | 1438410752 | 8s
32 | 1773 | Apply bit flip properties | 1350568320 | 7s
37 | 1882 | Apply bit flip properties | 1147669504 | 6s
37 | 1882 | (Ignoring Sum(a8) properties) | 1147669504 | 6s
42 | 1882 | Starting brute force... | 1147669504 | 6s
44 | 1882 | Brute force phase completed. Key found: 6d01d74c2563 | 0 | 0s
proxmark3> hf mf chk *1 ? d key.dic
To cancel this operation press the button on the proxmark...
--o
|---|----------------|---|----------------|---|
|sec|key A |res|key B |res|
|---|----------------|---|----------------|---|
|000| 6d01d74c2563 | 1 | ffffffffffff | 0 |
|001| ffffffffffff | 1 | ffffffffffff | 1 |
|002| ffffffffffff | 1 | ffffffffffff | 1 |
|003| ffffffffffff | 1 | ffffffffffff | 1 |
|004| ffffffffffff | 1 | ffffffffffff | 1 |
|005| ffffffffffff | 1 | ffffffffffff | 1 |
|006| ffffffffffff | 1 | ffffffffffff | 1 |
|007| 6d01d74c2563 | 1 | ffffffffffff | 0 |
|008| 6d01d74c2563 | 1 | ffffffffffff | 0 |
|009| 6d01d74c2563 | 1 | ffffffffffff | 0 |
|010| 6d01d74c2563 | 1 | ffffffffffff | 0 |
|011| 6d01d74c2563 | 1 | ffffffffffff | 0 |
|012| 6d01d74c2563 | 1 | ffffffffffff | 0 |
|013| 6d01d74c2563 | 1 | ffffffffffff | 0 |
|014| 6d01d74c2563 | 1 | ffffffffffff | 0 |
|015| 6d01d74c2563 | 1 | ffffffffffff | 0 |
|---|----------------|---|----------------|---|
Found keys have been dumped to file dumpkeys.bin. 0xffffffffffff has been inserted for unknown keys.Offline
FYR, switching back to iceman fork and seems hardnested is indeed not working on my 512M ElecHouse Easy model, even with the bitflip state tables available
pm3 --> hf mf hardnested 4 A FFFFFFFFFFFF 0 A
--target block no: 0, target key type:A, known target key: 0x000000000000 (not set), file action: none, Slow: No, Tests: 0
time | #nonces | Activity | expected to brute force
| | | #states | time
------------------------------------------------------------------------------------------------------
0 | 0 | Start using 2 threads and SSE2 SIMD core | |
0 | 0 | Brute force benchmark: 177 million (2^27.4) keys/s | 140737488355328 | 9d
4 | 0 | Using 235 precalculated bitflip state tables | 140737488355328 | 9d
9 | 112 | Apply bit flip properties | 145693982720 | 14min
11 | 223 | Apply bit flip properties | 96993132544 | 9min
14 | 335 | Apply bit flip properties | 40709345280 | 4min
17 | 447 | Apply bit flip properties | 40709345280 | 4min
Waiting for a response from the proxmark...
You can cancel this operation by pressing the pm3 button
[!] Error: No response from Proxmark.
pm3 --> hf mf hardnested 12 A FFFFFFFFFFFF 52 A w
--target block no: 52, target key type:A, known target key: 0x000000000000 (not set), file action: write, Slow: No, Tests: 0
time | #nonces | Activity | expected to brute force
| | | #states | time
------------------------------------------------------------------------------------------------------
0 | 0 | Start using 2 threads and SSE2 SIMD core | |
0 | 0 | Brute force benchmark: 178 million (2^27.4) keys/s | 140737488355328 | 9d
1 | 0 | Using 235 precalculated bitflip state tables | 140737488355328 | 9d
6 | 0 | Writing acquired nonces to binary file hf-mf-33DDA0E7-nonces.bin | 140737488355328 | 9d
7 | 111 | Apply bit flip properties | 180449984512 | 17min
9 | 223 | Apply bit flip properties | 73415475200 | 7min
11 | 335 | Apply bit flip properties | 15384170496 | 87s
15 | 447 | Apply bit flip properties | 15384170496 | 87s
[!] Error: No response from Proxmark.Offline
You need original pm3 easy,the original only have 256k flash
Offline
***still have the doubt that when one should be using the known target key parameters in a hardnested attack***
This is only useful for debugging (it would tell you when the target key is wrongly eliminated from the set of remaining possible states) or testing (the undocumented option t n will simulate a tag and run hardnested n times offline)
Offline