Help decoding sniff!

clayer · 2014-02-03 01:02:33

I`ve sniffed sequence where reader authorizes card from sector 15 to 0 with key FFFFFFFFF (card have this key)

+ 62: 0: TAG 04 00
+ 688: : 93 20
+ 66: 0: TAG 5d f0 fa 96 c1
+ 1984: : 93 70 5d f0 fa 96 c1 e7 c2
+ 64: 0: TAG 08 b6 dd
+ 447052: : 61 3f 59 ab
+ 88: 0: TAG d7 8c 1e 0a
+ 668: : 3a 67 c6 fd 7a ac 25 68 !crc
+ 64: 0: TAG e1 6d 01 8e!

---Here we can see auth command (61 3f)
And can calculate key
Further card reads out sectors 0,1,2,3
And after it authorizes sector 14, BUT there are doesn`t seen numbers like 61 .....
Seems like auth encrypted?
How it can be decrypted?
(Card uses Crapto-1 100%)

+ 8995: : 95 99 4a 44 !crc
+ 63: 0: TAG 65 1e! 61! ae 13! 70! 71 fd 5c 56! 84 93 b9 98 ec 1c 49! 23 !crc
+ 9348: : 9f f7 e8 9e !crc
+ 66: 0: TAG 48 d0 8d! 6f! c9! 25 cd fd f3! 31! 9e! 3c! b3 6f ae 7f fe! 6e! !crc
+ 9716: 0: TAG 37 f9 40 a7! 10 6b 8d 84 30 34 81 00 76! c6! 27 e4 a9 52! !crc
+ 9346: : d7 86 e5 e2 !crc
+ 62: 0: TAG 72 a0! 11! 11! ab! 0c 42 e0! 40 d7 e6! cc! a3! 17! df 9f 69 54 !crc
+ 11004: : 25 76 fe ad !crc

Sector 14 AUTH???

+ 90: 0: TAG 0d! 71! e0 cf
+ 664: : 11 a5 e2 7a 57 f1 00 a3 !crc
+ 66: 0: TAG 95! cc f3! 90

------
+ 9547: : bf d7 c4 84 !crc
+ 63: 0: TAG 86! e6! da 89 3f 80! f5 e7! e4 20 d6! 1b! a4! f5! 04 90! df 88! !crc
+ 9202: : 03 95 99 89 !crc
+ 62: 0: TAG 2d ee 64 39 9a! 93! 3d 7b 88! 05! ab! 10! 08! 8a! 5a! cd 9e 09! !crc
+ 8996: : 3c 47 5f 70 !crc
+ 64: 0: TAG 36 96! 37! e6 51! 64! 58! d6 6d 3b! 9c! e5 a5 0c ac! a5 75! a4! !crc
+ 9655: : 73 1a 83 ae !crc
+ 63: 0: TAG 57! 46! be b6! f4 97! e6 ad! e4 e8! cb! 42 c0! 49 5d c1 b0 45! !crc
+ 11448: : a0 3b 0b da !crc
+ 90: 0: TAG 3d! d3 16 8c!
+ 666: : 6d 94 85 d9 54 36 64 ad !crc
+ 62: 0: TAG 7c! b7 52! 9b!

Proxmark3 community

Announcement

#1 2014-02-03 01:02:33

Help decoding sniff!

Board footer